General

  • Target

    abbdfacc8e39a0c6fa211b07a7a0c49bcd7582436fd49f3d19cbf9a614b003fe

  • Size

    248KB

  • Sample

    240509-afszksfe2s

  • MD5

    13a148851b1752cf9000a3bdb092e094

  • SHA1

    f165be771ef67ccbb89627916f999419fda80024

  • SHA256

    abbdfacc8e39a0c6fa211b07a7a0c49bcd7582436fd49f3d19cbf9a614b003fe

  • SHA512

    f28d872eb819adc9fd1fd23a6f1fef91beac75db021c1f1eec62ed7e273bcfb45f606fd07595909994bf6116ec02f35ad70fa63a11d7510d1a6d583f352d532d

  • SSDEEP

    3072:pBQX+exWG3REX1Wo1W+HrpObQJO9d2lAk0Y6UywgdaweAvRgPnvNhrMSGl9v43aF:QNZo1WKdOEqGgQr6u/jYO3DTB

Score
10/10

Malware Config

Extracted

Family

gcleaner

C2

185.172.128.90

5.42.65.64

Attributes
  • url_path

    /advdlc.php

Targets

    • Target

      abbdfacc8e39a0c6fa211b07a7a0c49bcd7582436fd49f3d19cbf9a614b003fe

    • Size

      248KB

    • MD5

      13a148851b1752cf9000a3bdb092e094

    • SHA1

      f165be771ef67ccbb89627916f999419fda80024

    • SHA256

      abbdfacc8e39a0c6fa211b07a7a0c49bcd7582436fd49f3d19cbf9a614b003fe

    • SHA512

      f28d872eb819adc9fd1fd23a6f1fef91beac75db021c1f1eec62ed7e273bcfb45f606fd07595909994bf6116ec02f35ad70fa63a11d7510d1a6d583f352d532d

    • SSDEEP

      3072:pBQX+exWG3REX1Wo1W+HrpObQJO9d2lAk0Y6UywgdaweAvRgPnvNhrMSGl9v43aF:QNZo1WKdOEqGgQr6u/jYO3DTB

    Score
    10/10
    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks