General

  • Target

    645ccca17804f453d92dca6394beadcd8c774f413cacf918c75a1a6517acc7c4

  • Size

    295KB

  • Sample

    240515-12tfcaee31

  • MD5

    d221456c3724a8ae84d820c0d0afcbd0

  • SHA1

    59b1473db91fbf6890ba64b512b73565fc51ea9e

  • SHA256

    645ccca17804f453d92dca6394beadcd8c774f413cacf918c75a1a6517acc7c4

  • SHA512

    4e73d8ab04ac84ad3e8890298958dc894bd7ce3ea3d11bd278bc4469b5be087922052aa046ca20e29c614e1675e490220318b0dc3689c7dd716aa1192cc5896e

  • SSDEEP

    3072:Ei0lmjZc7WnYxroz6/waAAoJIXFoJncSIlQBAWJ2Y3xUvxcW9GNI+B75icT1jtd:j9ju75fVSIaafWzCvSW8G+1L

Score
10/10

Malware Config

Extracted

Family

gcleaner

C2

185.172.128.90

5.42.64.56

5.42.65.64

Targets

    • Target

      645ccca17804f453d92dca6394beadcd8c774f413cacf918c75a1a6517acc7c4

    • Size

      295KB

    • MD5

      d221456c3724a8ae84d820c0d0afcbd0

    • SHA1

      59b1473db91fbf6890ba64b512b73565fc51ea9e

    • SHA256

      645ccca17804f453d92dca6394beadcd8c774f413cacf918c75a1a6517acc7c4

    • SHA512

      4e73d8ab04ac84ad3e8890298958dc894bd7ce3ea3d11bd278bc4469b5be087922052aa046ca20e29c614e1675e490220318b0dc3689c7dd716aa1192cc5896e

    • SSDEEP

      3072:Ei0lmjZc7WnYxroz6/waAAoJIXFoJncSIlQBAWJ2Y3xUvxcW9GNI+B75icT1jtd:j9ju75fVSIaafWzCvSW8G+1L

    Score
    10/10
    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks