gcleaner | e53a5a2326a957e0b875308e30f0d454277abe546d33e36c35b5963b7dbd130f | Triage

Sharing

General

Target

b5370c8514019231caf9ea6a4e31567d_JaffaCakes118
Size

429KB
Sample

240616-zzad1sxhrc
MD5

b5370c8514019231caf9ea6a4e31567d
SHA1

10d37348351e6802ab1bfb467afdce60c564c856
SHA256

e53a5a2326a957e0b875308e30f0d454277abe546d33e36c35b5963b7dbd130f
SHA512

8ade715717a06898efffa25777bdcfd1d955efd9586df12ea2f058c1c68a9b66545c2f21ec985b2cf57b970a3a3f1d4fe894ede9ccf38ef57ff0e2f1b4231ae7
SSDEEP

12288:aLcIRcifboSkksY38W7SJeO1vEEkmWU5YfxegHZwG2:aLhfikD8WGP1vzkWMxegHmG2

Score

10^/10

gcleaner loader

Malware Config

Targets

- Target
  
  b5370c8514019231caf9ea6a4e31567d_JaffaCakes118
- Size
  
  429KB
- MD5
  
  b5370c8514019231caf9ea6a4e31567d
- SHA1
  
  10d37348351e6802ab1bfb467afdce60c564c856
- SHA256
  
  e53a5a2326a957e0b875308e30f0d454277abe546d33e36c35b5963b7dbd130f
- SHA512
  
  8ade715717a06898efffa25777bdcfd1d955efd9586df12ea2f058c1c68a9b66545c2f21ec985b2cf57b970a3a3f1d4fe894ede9ccf38ef57ff0e2f1b4231ae7
- SSDEEP
  
  12288:aLcIRcifboSkksY38W7SJeO1vEEkmWU5YfxegHZwG2:aLhfikD8WGP1vzkWMxegHmG2
Score

10^/10

gcleaner loader
- GCleaner
  GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.
  loader gcleaner
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2