General

  • Target

    dde26ee3350957b38c512ecded6f70b46af63444ecaff0f5478e250e036ae47e

  • Size

    252KB

  • Sample

    240508-fed2xsbe3w

  • MD5

    c13274dd034034fba1d7b22bcae73f84

  • SHA1

    cfc207a5e226bdc9ed9947279690c9f14aac25ff

  • SHA256

    dde26ee3350957b38c512ecded6f70b46af63444ecaff0f5478e250e036ae47e

  • SHA512

    0ef4d65e90928d930a9df94ac5ee30c83851dfd96e779f7bab619cbbd25d6664471d354de5f598fbf72f1460582240b0d7accff9d85f37e36cfe74c28d3caf5f

  • SSDEEP

    6144:HOaPsjxRueRiEPBwiSt4rzEaQb93ahTm:HOaPsLueRiEZwiSt4jMRaFm

Score
10/10

Malware Config

Extracted

Family

gcleaner

C2

185.172.128.90

5.42.65.64

Attributes
  • url_path

    /advdlc.php

Targets

    • Target

      dde26ee3350957b38c512ecded6f70b46af63444ecaff0f5478e250e036ae47e

    • Size

      252KB

    • MD5

      c13274dd034034fba1d7b22bcae73f84

    • SHA1

      cfc207a5e226bdc9ed9947279690c9f14aac25ff

    • SHA256

      dde26ee3350957b38c512ecded6f70b46af63444ecaff0f5478e250e036ae47e

    • SHA512

      0ef4d65e90928d930a9df94ac5ee30c83851dfd96e779f7bab619cbbd25d6664471d354de5f598fbf72f1460582240b0d7accff9d85f37e36cfe74c28d3caf5f

    • SSDEEP

      6144:HOaPsjxRueRiEPBwiSt4rzEaQb93ahTm:HOaPsLueRiEZwiSt4jMRaFm

    Score
    10/10
    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks