General

  • Target

    18c6bc4a0fea6f0cd687119a0a89674d153abad37c48186046767b693933b058

  • Size

    252KB

  • Sample

    240508-hgszzafg3t

  • MD5

    7274db7c1ee994577bb9f6d33f683d36

  • SHA1

    731de0a8b06b302d1102bc87bf5862e3d4da8587

  • SHA256

    18c6bc4a0fea6f0cd687119a0a89674d153abad37c48186046767b693933b058

  • SHA512

    ba70f8b5c87a863418735a7069af32a81a012a9865787e97fa0e2d768357f415bb45d523e96f8e18263afb65198848e4701f9c649eaa65959bb4fafd0665d8e7

  • SSDEEP

    3072:fsivkBWU2rQMQO+Xz9SaZ2pqQiXq4T7/h8mjT1s4cDj66rT+Hzet:bJjqpyWTbh8mPabDlrToq

Score
10/10

Malware Config

Extracted

Family

gcleaner

C2

185.172.128.90

5.42.65.64

Attributes
  • url_path

    /advdlc.php

Targets

    • Target

      18c6bc4a0fea6f0cd687119a0a89674d153abad37c48186046767b693933b058

    • Size

      252KB

    • MD5

      7274db7c1ee994577bb9f6d33f683d36

    • SHA1

      731de0a8b06b302d1102bc87bf5862e3d4da8587

    • SHA256

      18c6bc4a0fea6f0cd687119a0a89674d153abad37c48186046767b693933b058

    • SHA512

      ba70f8b5c87a863418735a7069af32a81a012a9865787e97fa0e2d768357f415bb45d523e96f8e18263afb65198848e4701f9c649eaa65959bb4fafd0665d8e7

    • SSDEEP

      3072:fsivkBWU2rQMQO+Xz9SaZ2pqQiXq4T7/h8mjT1s4cDj66rT+Hzet:bJjqpyWTbh8mPabDlrToq

    Score
    10/10
    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks