Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

ed47fa9158...06.exe

windows7-x64

10

ed47fa9158...06.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ed47fa9158e4cccda07bb4659da88d06.exe

  • Size

    280KB

  • Sample

    240516-vgtmqaef55

  • MD5

    ed47fa9158e4cccda07bb4659da88d06

  • SHA1

    979ba7b632c71d38630ba39a8caeb4a679fc697f

  • SHA256

    6f487c7bc1d98eef7c2fda7f1b38f1c199df9308634ecfc9543497cf0f5d3ea6

  • SHA512

    a076055a9630f8d0c4ccdb03d1bf6b1f31d2f32e820cf6d427cdbfcf0cbeebb80c141d1b111d17db0b9f7b7275f5c246c00668b0fb3fc45058f4fcdfe3e1a37a

  • SSDEEP

    6144:cP+a94On2taJfqn311On0d21IPzoNGFt94hjsAw:Ta94Lt3n311c1IPket9ws

Score
10/10
gcleanerloader

Malware Config

Extracted

Family

gcleaner

C2

185.172.128.90

5.42.64.56

5.42.65.64

Targets

    • Target

      ed47fa9158e4cccda07bb4659da88d06.exe

    • Size

      280KB

    • MD5

      ed47fa9158e4cccda07bb4659da88d06

    • SHA1

      979ba7b632c71d38630ba39a8caeb4a679fc697f

    • SHA256

      6f487c7bc1d98eef7c2fda7f1b38f1c199df9308634ecfc9543497cf0f5d3ea6

    • SHA512

      a076055a9630f8d0c4ccdb03d1bf6b1f31d2f32e820cf6d427cdbfcf0cbeebb80c141d1b111d17db0b9f7b7275f5c246c00668b0fb3fc45058f4fcdfe3e1a37a

    • SSDEEP

      6144:cP+a94On2taJfqn311On0d21IPzoNGFt94hjsAw:Ta94Lt3n311c1IPket9ws

    Score
    10/10
    gcleanerloader

    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

      loadergcleaner

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks