General

  • Target

    92b22f2fa0b2c504bd9775047f03473badea384ac2a735957c33b2680575066f

  • Size

    353KB

  • Sample

    240507-3h1fnaha28

  • MD5

    a385a22c8d3f503a69bc7a534468f3c0

  • SHA1

    7c67fb30ba20ea3e4357ed309a2a37064b39a652

  • SHA256

    92b22f2fa0b2c504bd9775047f03473badea384ac2a735957c33b2680575066f

  • SHA512

    b5f1cb72c35410674ad4935ac84adb735c18abc0d08dac9b218ad71560f82a74cce6c6c2482516a988b39b08fcc81093106de3b0909d31d951c77e9ff3b1e486

  • SSDEEP

    6144:5rlFKn40aaHZ3DbvON1aKllJb0gWjfxdJy3xC9pjKRqBQe:5ren40aIAkKp0gKpdJyk9p2sx

Score
10/10

Malware Config

Extracted

Family

gcleaner

C2

185.172.128.90

5.42.65.64

Attributes
  • url_path

    /advdlc.php

Targets

    • Target

      92b22f2fa0b2c504bd9775047f03473badea384ac2a735957c33b2680575066f

    • Size

      353KB

    • MD5

      a385a22c8d3f503a69bc7a534468f3c0

    • SHA1

      7c67fb30ba20ea3e4357ed309a2a37064b39a652

    • SHA256

      92b22f2fa0b2c504bd9775047f03473badea384ac2a735957c33b2680575066f

    • SHA512

      b5f1cb72c35410674ad4935ac84adb735c18abc0d08dac9b218ad71560f82a74cce6c6c2482516a988b39b08fcc81093106de3b0909d31d951c77e9ff3b1e486

    • SSDEEP

      6144:5rlFKn40aaHZ3DbvON1aKllJb0gWjfxdJy3xC9pjKRqBQe:5ren40aIAkKp0gKpdJyk9p2sx

    Score
    10/10
    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

    • Deletes itself

MITRE ATT&CK Enterprise v15

Tasks