General
-
Target
c53ff8836f00571d7fce210a7596c52dc073387f723b9a57ff48750ae2f0505d
-
Size
329KB
-
Sample
240527-pjg4tabf8s
-
MD5
f5d01b5b15f2bb02ac0cb11a4043e3cd
-
SHA1
ebcf77b8a8b6d84ffe01f0b7f7c038a36ae7a664
-
SHA256
c53ff8836f00571d7fce210a7596c52dc073387f723b9a57ff48750ae2f0505d
-
SHA512
9dc1a7f1594cc5782e8dbf0d3a21ee45acba98391441b5f85b595521b699a0645f544536a8de1b72d3cff23138c122dd11f32cb153df393f5a694ad5264353f3
-
SSDEEP
3072:IOXkj5X1MmGKbG2K9TYIB3BpqqUMOOU52IkqXVs9xXBA1d45d1o1Wq4OG57yZDJv:IOXe5XZbwqVqUMOO/N5Bk4b1oYXONf
Malware Config
Extracted
gcleaner
185.172.128.90
5.42.64.56
185.172.128.69
Targets
-
-
Target
c53ff8836f00571d7fce210a7596c52dc073387f723b9a57ff48750ae2f0505d
-
Size
329KB
-
MD5
f5d01b5b15f2bb02ac0cb11a4043e3cd
-
SHA1
ebcf77b8a8b6d84ffe01f0b7f7c038a36ae7a664
-
SHA256
c53ff8836f00571d7fce210a7596c52dc073387f723b9a57ff48750ae2f0505d
-
SHA512
9dc1a7f1594cc5782e8dbf0d3a21ee45acba98391441b5f85b595521b699a0645f544536a8de1b72d3cff23138c122dd11f32cb153df393f5a694ad5264353f3
-
SSDEEP
3072:IOXkj5X1MmGKbG2K9TYIB3BpqqUMOOU52IkqXVs9xXBA1d45d1o1Wq4OG57yZDJv:IOXe5XZbwqVqUMOO/N5Bk4b1oYXONf
Score10/10-
GCleaner
GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-