Overview

overview

10

Static

static

3

79feb1ca3c...18.exe

windows7-x64

10

79feb1ca3c...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    79feb1ca3c9c7104aa0ce69b270e5f1e_JaffaCakes118

  • Size

    434KB

  • Sample

    240527-wha3facc5v

  • MD5

    79feb1ca3c9c7104aa0ce69b270e5f1e

  • SHA1

    9515eb9673c3c5fb3e5f951fb5211860b7387d48

  • SHA256

    60116576f9f9c37239007e04f03fa577e387519a634a4174a83c47bfee2094f3

  • SHA512

    f47098d59131d447584eb0e340878a8b55c5064cea16a408b4af6c076286107836e22c7ebe9286cc1e180eff4172d9446c662218a20445b2aeb1452ad99ca649

  • SSDEEP

    6144:IdLM9HXbLuFili9x3qDF7mR+YAKg1coGd4bRo+dRfN6c2tY+JQ43ueW:IdLM9HraFt1W7n06A4iwRfETm+Ju

Score
10/10
gcleanerloader

Malware Config

Targets

    • Target

      79feb1ca3c9c7104aa0ce69b270e5f1e_JaffaCakes118

    • Size

      434KB

    • MD5

      79feb1ca3c9c7104aa0ce69b270e5f1e

    • SHA1

      9515eb9673c3c5fb3e5f951fb5211860b7387d48

    • SHA256

      60116576f9f9c37239007e04f03fa577e387519a634a4174a83c47bfee2094f3

    • SHA512

      f47098d59131d447584eb0e340878a8b55c5064cea16a408b4af6c076286107836e22c7ebe9286cc1e180eff4172d9446c662218a20445b2aeb1452ad99ca649

    • SSDEEP

      6144:IdLM9HXbLuFili9x3qDF7mR+YAKg1coGd4bRo+dRfN6c2tY+JQ43ueW:IdLM9HraFt1W7n06A4iwRfETm+Ju

    Score
    10/10
    gcleanerloader

    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

      loadergcleaner

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks