General
-
Target
b414918e358404e72e4d6ffd4d0c37464f0afd5b0a812da729f82d9408f6c647
-
Size
234KB
-
Sample
240521-j2ztpaea62
-
MD5
4664f815119fa1a29d5668abef3cb7b6
-
SHA1
301b7fde9189d01ef1bb26287149aa0d819aab81
-
SHA256
b414918e358404e72e4d6ffd4d0c37464f0afd5b0a812da729f82d9408f6c647
-
SHA512
989cb7ebc581da3e13511032edee76960ea089846ed860a4a35fafc588f18eefb7c93fd0eae3e826c550981de5a79b121ccaac0dce1e0844b91f1ea50960272b
-
SSDEEP
3072:DPrXpLardBoUvKcdzB0+Pr0Bk4xgOcGLWA5MdlkU:X5WxBogrrJugiK
Static task
static1
Behavioral task
behavioral1
Sample
b414918e358404e72e4d6ffd4d0c37464f0afd5b0a812da729f82d9408f6c647.exe
Resource
win7-20240221-en
Malware Config
Extracted
gcleaner
185.172.128.90
5.42.65.64
-
url_path
/advdlc.php
Targets
-
-
Target
b414918e358404e72e4d6ffd4d0c37464f0afd5b0a812da729f82d9408f6c647
-
Size
234KB
-
MD5
4664f815119fa1a29d5668abef3cb7b6
-
SHA1
301b7fde9189d01ef1bb26287149aa0d819aab81
-
SHA256
b414918e358404e72e4d6ffd4d0c37464f0afd5b0a812da729f82d9408f6c647
-
SHA512
989cb7ebc581da3e13511032edee76960ea089846ed860a4a35fafc588f18eefb7c93fd0eae3e826c550981de5a79b121ccaac0dce1e0844b91f1ea50960272b
-
SSDEEP
3072:DPrXpLardBoUvKcdzB0+Pr0Bk4xgOcGLWA5MdlkU:X5WxBogrrJugiK
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-