gcleaner | cbe393c23fa09d9e5d68387e2b4951dfa16b2236db64d5cc1a6feabf7b87595a

Analysis

max time kernel
141s
max time network
145s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
14-06-2024 00:55

Target

953663bce50f864c25129ed450965680_NeikiAnalytics.exe
Size

282KB
MD5

953663bce50f864c25129ed450965680
SHA1

4d72ba9c671408b23db6b60a3a1b1c023daacabf
SHA256

cbe393c23fa09d9e5d68387e2b4951dfa16b2236db64d5cc1a6feabf7b87595a
SHA512

13dbaffec57f4a0a8b7ebc31b74c55163e9e08af416e1db8d8e139ce36cb6715679ec6bce4055d3ec45e62a7cb55442c3be42732379bd6b8fd002b92da933946
SSDEEP

6144:mJMoLKTxdRGftL1fAF8azfkg6+I5J4o9HPUW:xo0xC1B8bkLtP9vT

Score

10^/10

gcleaner loader

Family

gcleaner

185.172.128.90

185.172.128.69

Attributes

GCleaner
GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.
loader gcleaner

C:\Users\Admin\AppData\Local\Temp\953663bce50f864c25129ed450965680_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\953663bce50f864c25129ed450965680_NeikiAnalytics.exe"
1⤵
PID:2424

memory/2424-1-0x00000000002F0000-0x00000000003F0000-memory.dmp

Filesize
1024KB

Download
memory/2424-3-0x0000000000400000-0x000000000042F000-memory.dmp

Filesize
188KB

Download
memory/2424-2-0x00000000001B0000-0x00000000001DD000-memory.dmp

Filesize
180KB

Download
memory/2424-4-0x0000000000400000-0x0000000001BC2000-memory.dmp

Filesize
23.8MB

Download
memory/2424-5-0x00000000002F0000-0x00000000003F0000-memory.dmp

Filesize
1024KB

Download