General

  • Target

    b5aa79176608e720e13929625256b2c78692d178ceb596568fde11aefda566ff

  • Size

    367KB

  • Sample

    240523-fe4btaec77

  • MD5

    bff6423740c8b46aab327108a05c2753

  • SHA1

    167b1a96867aadfaee6093d89dcdf095745339c6

  • SHA256

    b5aa79176608e720e13929625256b2c78692d178ceb596568fde11aefda566ff

  • SHA512

    b24ca5f68c96543e41f02566cc8e826cf4d756cbcf896947cf47dd4d5841ec50f760c3962a80f96de3826988c14ec274a9c021b22ecbc37ce0bc1f36cd16c452

  • SSDEEP

    3072:1LjTho9/yTx0aB2LkTkLta8GRpd7hSGnAmt3bUFLsVR/p9pGu5cyIlU0:1LjThwQxZ2Lkg5mrNSUq+p96s

Score
10/10

Malware Config

Extracted

Family

gcleaner

C2

185.172.128.90

5.42.64.56

185.172.128.69

Targets

    • Target

      b5aa79176608e720e13929625256b2c78692d178ceb596568fde11aefda566ff

    • Size

      367KB

    • MD5

      bff6423740c8b46aab327108a05c2753

    • SHA1

      167b1a96867aadfaee6093d89dcdf095745339c6

    • SHA256

      b5aa79176608e720e13929625256b2c78692d178ceb596568fde11aefda566ff

    • SHA512

      b24ca5f68c96543e41f02566cc8e826cf4d756cbcf896947cf47dd4d5841ec50f760c3962a80f96de3826988c14ec274a9c021b22ecbc37ce0bc1f36cd16c452

    • SSDEEP

      3072:1LjTho9/yTx0aB2LkTkLta8GRpd7hSGnAmt3bUFLsVR/p9pGu5cyIlU0:1LjThwQxZ2Lkg5mrNSUq+p96s

    Score
    10/10
    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Matrix ATT&CK v13

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Tasks