General

  • Target

    c355e5eb90c4bcdc21b4060230feca6e11b8c8573d5f9a067e429f254cd42a94

  • Size

    1.6MB

  • Sample

    240508-ewyxzsab91

  • MD5

    67afe46f8ee01d2753827c71186b4d60

  • SHA1

    fd5e04e3ebe3df867dcb94057177ab8bb5396d6b

  • SHA256

    c355e5eb90c4bcdc21b4060230feca6e11b8c8573d5f9a067e429f254cd42a94

  • SHA512

    c7ff477da4789da34bb01f5326c612188e7218d3f5b9648bcbf457768a2348066b7b0b3bd6e4877ccfbceb69ee2ccfc70af3b0983eec24f4bf6a5846aab86257

  • SSDEEP

    49152:ZC2VSb1+/zSvwpMMMMMMMMbMMMMMMMMm3iA9mImz:ZC2kbuOvwpMMMMMMMMbMMMMMMMMqEz

Score
10/10

Malware Config

Extracted

Family

gcleaner

C2

45.12.253.56

45.12.253.72

45.12.253.98

45.12.253.75

Attributes
  • url_path

    /default/puk.php

Targets

    • Target

      c355e5eb90c4bcdc21b4060230feca6e11b8c8573d5f9a067e429f254cd42a94

    • Size

      1.6MB

    • MD5

      67afe46f8ee01d2753827c71186b4d60

    • SHA1

      fd5e04e3ebe3df867dcb94057177ab8bb5396d6b

    • SHA256

      c355e5eb90c4bcdc21b4060230feca6e11b8c8573d5f9a067e429f254cd42a94

    • SHA512

      c7ff477da4789da34bb01f5326c612188e7218d3f5b9648bcbf457768a2348066b7b0b3bd6e4877ccfbceb69ee2ccfc70af3b0983eec24f4bf6a5846aab86257

    • SSDEEP

      49152:ZC2VSb1+/zSvwpMMMMMMMMbMMMMMMMMm3iA9mImz:ZC2kbuOvwpMMMMMMMMbMMMMMMMMqEz

    Score
    10/10
    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Matrix

Tasks