gcleaner | 3c692224488efd43f8d0ee5618199c289ebbe50b43460b0106519fec4d5ec927 | Triage

Sharing

General

Target

3c692224488efd43f8d0ee5618199c289ebbe50b43460b0106519fec4d5ec927
Size

381KB
Sample

240614-zewfravekh
MD5

ca9810ac4f3ee0d374dfb80ce7428db2
SHA1

8b9e60293a076672fa45bb3a1f4a535e9bce9f80
SHA256

3c692224488efd43f8d0ee5618199c289ebbe50b43460b0106519fec4d5ec927
SHA512

5848cb206007c09138fd9b0a275f0f65e41182268ee0f6d1aea7ea8e66c629aec6eafffcfdb9bd306a558d0298eef73d86deb295b5c49b196abbfa196d621d8c
SSDEEP

6144:mIFL3VbVx3NbmoOQBa5+wd3SWP2kzC0qRlPq6b:ZbVbVx9b9OQBjOP2Q+q

Score

10^/10

gcleaner loader

Malware Config

Extracted

Family

gcleaner

C2

185.172.128.90

185.172.128.69

Attributes

url_path
/advdlc.php

Targets

- Target
  
  3c692224488efd43f8d0ee5618199c289ebbe50b43460b0106519fec4d5ec927
- Size
  
  381KB
- MD5
  
  ca9810ac4f3ee0d374dfb80ce7428db2
- SHA1
  
  8b9e60293a076672fa45bb3a1f4a535e9bce9f80
- SHA256
  
  3c692224488efd43f8d0ee5618199c289ebbe50b43460b0106519fec4d5ec927
- SHA512
  
  5848cb206007c09138fd9b0a275f0f65e41182268ee0f6d1aea7ea8e66c629aec6eafffcfdb9bd306a558d0298eef73d86deb295b5c49b196abbfa196d621d8c
- SSDEEP
  
  6144:mIFL3VbVx3NbmoOQBa5+wd3SWP2kzC0qRlPq6b:ZbVbVx9b9OQBjOP2Q+q
Score

10^/10

gcleaner loader
- GCleaner
  GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.
  loader gcleaner
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2