Overview

overview

10

Static

static

3

cryptolaemus

windows10-2004-x64

10

cryptolaemus

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d794650f6385f902489933e37a20f7753c654281349c7b50c4121f05ea06eeb3

  • Size

    389KB

  • Sample

    240609-rw8teacc39

  • MD5

    8847ef6af71dcec2d01ca31e8736e291

  • SHA1

    278d7a824336051c7930bad8b7e98b7da74b62ae

  • SHA256

    d794650f6385f902489933e37a20f7753c654281349c7b50c4121f05ea06eeb3

  • SHA512

    0a093cd681a278125eb63c89aed4883d71d8880bb8475c3ca1c1a83ec5a33c9d420e4066182dfad2d908f7b272259d4d467f49dc780ef9cf869ff07b4c575b0e

  • SSDEEP

    6144:IVuLPuWfwaPHwuIyZDcA/uBTWy4+t8NDbjsexanET:DzuWfwaP/DcA/kT18NPjse7

Score
10/10
gcleanerloader

Malware Config

Extracted

Family

gcleaner

C2

185.172.128.90

5.42.64.56

185.172.128.69

Targets

    • Target

      d794650f6385f902489933e37a20f7753c654281349c7b50c4121f05ea06eeb3

    • Size

      389KB

    • MD5

      8847ef6af71dcec2d01ca31e8736e291

    • SHA1

      278d7a824336051c7930bad8b7e98b7da74b62ae

    • SHA256

      d794650f6385f902489933e37a20f7753c654281349c7b50c4121f05ea06eeb3

    • SHA512

      0a093cd681a278125eb63c89aed4883d71d8880bb8475c3ca1c1a83ec5a33c9d420e4066182dfad2d908f7b272259d4d467f49dc780ef9cf869ff07b4c575b0e

    • SSDEEP

      6144:IVuLPuWfwaPHwuIyZDcA/uBTWy4+t8NDbjsexanET:DzuWfwaP/DcA/kT18NPjse7

    Score
    10/10
    gcleanerloader

    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

      loadergcleaner

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks