General

  • Target

    d837df520b4e343750f13565705a5c08d046870d0b452d2000043da34551891e

  • Size

    253KB

  • Sample

    240508-lk8rdage85

  • MD5

    6d92b8b9960b10f517c72159fa7d07f7

  • SHA1

    61fd015a06edd8c8100a531b5a469da55e2fac35

  • SHA256

    d837df520b4e343750f13565705a5c08d046870d0b452d2000043da34551891e

  • SHA512

    8d3a40d821bde6946ce73f8f05daf64f88e76036fb2cabe3d7f7f1e825e872b8760b036c5ff8ee4e5872e4c9b63d45a901d97a2c9675f619f17a122f14c6c1ae

  • SSDEEP

    6144:rWhKWSHebELCybxY2ryJSeYpIl2Eq364Toq:rWhKWSHEELBxpy8NZ6oF

Score
10/10

Malware Config

Extracted

Family

gcleaner

C2

185.172.128.90

5.42.65.64

Attributes
  • url_path

    /advdlc.php

Targets

    • Target

      d837df520b4e343750f13565705a5c08d046870d0b452d2000043da34551891e

    • Size

      253KB

    • MD5

      6d92b8b9960b10f517c72159fa7d07f7

    • SHA1

      61fd015a06edd8c8100a531b5a469da55e2fac35

    • SHA256

      d837df520b4e343750f13565705a5c08d046870d0b452d2000043da34551891e

    • SHA512

      8d3a40d821bde6946ce73f8f05daf64f88e76036fb2cabe3d7f7f1e825e872b8760b036c5ff8ee4e5872e4c9b63d45a901d97a2c9675f619f17a122f14c6c1ae

    • SSDEEP

      6144:rWhKWSHebELCybxY2ryJSeYpIl2Eq364Toq:rWhKWSHEELBxpy8NZ6oF

    Score
    10/10
    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks