General

  • Target

    d2e0f2058873432200499de5444fd6bcddec4e58dd369c395b6f501e2840c527

  • Size

    250KB

  • Sample

    240508-acdqgsae42

  • MD5

    595f97a65a7a10f7f8d93d326257b4fe

  • SHA1

    990af1c0da2b6bc44f2e71ec9ef873faafbb4fc6

  • SHA256

    d2e0f2058873432200499de5444fd6bcddec4e58dd369c395b6f501e2840c527

  • SHA512

    9bb85c1446b2eb89095f53955da26ba9d42b294f754320b0cf0995152f9d5120e6c59a85b050b9e119ef318cd54b94e7fbef4af2e63501fa5a744aea6bd7147c

  • SSDEEP

    3072:z6GzIe8XQdfvTqxig9908M8+7VEkbbjw2/MInQ/tQ5RZ5ZBMnAk:2Gzj+aXGxin8+JXbfwOhQK4x

Score
10/10

Malware Config

Extracted

Family

gcleaner

C2

185.172.128.90

5.42.65.64

Attributes
  • url_path

    /advdlc.php

Targets

    • Target

      d2e0f2058873432200499de5444fd6bcddec4e58dd369c395b6f501e2840c527

    • Size

      250KB

    • MD5

      595f97a65a7a10f7f8d93d326257b4fe

    • SHA1

      990af1c0da2b6bc44f2e71ec9ef873faafbb4fc6

    • SHA256

      d2e0f2058873432200499de5444fd6bcddec4e58dd369c395b6f501e2840c527

    • SHA512

      9bb85c1446b2eb89095f53955da26ba9d42b294f754320b0cf0995152f9d5120e6c59a85b050b9e119ef318cd54b94e7fbef4af2e63501fa5a744aea6bd7147c

    • SSDEEP

      3072:z6GzIe8XQdfvTqxig9908M8+7VEkbbjw2/MInQ/tQ5RZ5ZBMnAk:2Gzj+aXGxin8+JXbfwOhQK4x

    Score
    10/10
    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks