gcleaner | c96c9cb9c2fcfc7c809ef9cdd4cbccc3025347639c8b5ae0a56488e21f2f69fa

Analysis

max time kernel
142s
max time network
145s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
14-06-2024 05:27

Target

c96c9cb9c2fcfc7c809ef9cdd4cbccc3025347639c8b5ae0a56488e21f2f69fa.exe
Size

332KB
MD5

fe636f5d7ee23acc6950676d8ec2cff9
SHA1

ba75a0780dbc6d4c7275c3a505c9b3044e912726
SHA256

c96c9cb9c2fcfc7c809ef9cdd4cbccc3025347639c8b5ae0a56488e21f2f69fa
SHA512

4870af7090c1671615ac1c3dd58b86e2be15bfaeba67a351c01f0272ea3dd3305b340014268dc2f9533009fb88a0e6500f43cca675a1146ad3e2e32ab7c9e79c
SSDEEP

3072:tCSXMVvxNj5LNr1UEnPkLUg0dSY1sov+jcWNexRlfNr+1TbSoymwTT1B:ES8Vvrr1dnVjuovzrlGnSdTp

Score

10^/10

gcleaner loader

Family

gcleaner

185.172.128.90

185.172.128.69

Attributes

GCleaner
GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.
loader gcleaner

C:\Users\Admin\AppData\Local\Temp\c96c9cb9c2fcfc7c809ef9cdd4cbccc3025347639c8b5ae0a56488e21f2f69fa.exe
"C:\Users\Admin\AppData\Local\Temp\c96c9cb9c2fcfc7c809ef9cdd4cbccc3025347639c8b5ae0a56488e21f2f69fa.exe"
1⤵
PID:2716

memory/2716-1-0x00000000002D0000-0x00000000003D0000-memory.dmp

Filesize
1024KB

Download
memory/2716-3-0x0000000000400000-0x000000000042F000-memory.dmp

Filesize
188KB

Download
memory/2716-2-0x00000000001B0000-0x00000000001DD000-memory.dmp

Filesize
180KB

Download
memory/2716-4-0x0000000000400000-0x0000000000463000-memory.dmp

Filesize
396KB

Download
memory/2716-5-0x00000000002D0000-0x00000000003D0000-memory.dmp

Filesize
1024KB

Download