General

  • Target

    812bbd04cd0e83102dd02f3359746a230dd69d56fb9bd3fc4f64b0bc3944f5d8

  • Size

    249KB

  • Sample

    240508-3re63sec7t

  • MD5

    0313c8e4fc65de25133e80c8f57e82f6

  • SHA1

    72436197c3f51c012237e767c768ea4c50e5dd8a

  • SHA256

    812bbd04cd0e83102dd02f3359746a230dd69d56fb9bd3fc4f64b0bc3944f5d8

  • SHA512

    9ae1846b282e08ff12a0290d36b7f4f5bba610525477bcdf009a4521e99b66ff97e7c6c5fe23ff618c361cd02fea80fb4e411a93a0094943f4aa071c20ae3ad9

  • SSDEEP

    6144:wxA1qW6xi5IRQKUXSCruddoeHreI7tTB:wa1h6xi5IRrI/uD1NB

Score
10/10

Malware Config

Extracted

Family

gcleaner

C2

185.172.128.90

5.42.65.64

Attributes
  • url_path

    /advdlc.php

Targets

    • Target

      812bbd04cd0e83102dd02f3359746a230dd69d56fb9bd3fc4f64b0bc3944f5d8

    • Size

      249KB

    • MD5

      0313c8e4fc65de25133e80c8f57e82f6

    • SHA1

      72436197c3f51c012237e767c768ea4c50e5dd8a

    • SHA256

      812bbd04cd0e83102dd02f3359746a230dd69d56fb9bd3fc4f64b0bc3944f5d8

    • SHA512

      9ae1846b282e08ff12a0290d36b7f4f5bba610525477bcdf009a4521e99b66ff97e7c6c5fe23ff618c361cd02fea80fb4e411a93a0094943f4aa071c20ae3ad9

    • SSDEEP

      6144:wxA1qW6xi5IRQKUXSCruddoeHreI7tTB:wa1h6xi5IRrI/uD1NB

    Score
    10/10
    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks