General

  • Target

    d26b68756777e5052c5d9cf9e49ab5a0d8e1d16695cafdf60d5816f2fd19fd97

  • Size

    287KB

  • Sample

    240509-jhj9wsag93

  • MD5

    89b1d3a398b4ee4c9dd6299682768e58

  • SHA1

    1f1cb1011f47913fc2893287a7ec9ddb6769314f

  • SHA256

    d26b68756777e5052c5d9cf9e49ab5a0d8e1d16695cafdf60d5816f2fd19fd97

  • SHA512

    81272af51988e120861db00cf2996eb9ada9ffabab39691726dd2b1fcd46949dc2ffad78a056af964d6dacfd1ce46c2ac4d70d77648eb7a895589204ca2ae262

  • SSDEEP

    6144:dHQW5c6MZDwYN3mRi2rX55VAVsVvGeJK:dwwc6MFLSiG55VAYvzJK

Score
10/10

Malware Config

Extracted

Family

gcleaner

C2

185.172.128.90

5.42.65.64

Attributes
  • url_path

    /advdlc.php

Targets

    • Target

      d26b68756777e5052c5d9cf9e49ab5a0d8e1d16695cafdf60d5816f2fd19fd97

    • Size

      287KB

    • MD5

      89b1d3a398b4ee4c9dd6299682768e58

    • SHA1

      1f1cb1011f47913fc2893287a7ec9ddb6769314f

    • SHA256

      d26b68756777e5052c5d9cf9e49ab5a0d8e1d16695cafdf60d5816f2fd19fd97

    • SHA512

      81272af51988e120861db00cf2996eb9ada9ffabab39691726dd2b1fcd46949dc2ffad78a056af964d6dacfd1ce46c2ac4d70d77648eb7a895589204ca2ae262

    • SSDEEP

      6144:dHQW5c6MZDwYN3mRi2rX55VAVsVvGeJK:dwwc6MFLSiG55VAYvzJK

    Score
    10/10
    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks