gcleaner | f528784611800a1021963abb33a7f62948540dbb3990b5f250df6f096db736d7

Analysis

max time kernel
149s
max time network
150s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
19-06-2024 03:35

Target

7f490601c09215a7c268f566b61cbcf0_NeikiAnalytics.exe
Size

335KB
MD5

7f490601c09215a7c268f566b61cbcf0
SHA1

aaf9b38e18ba842b714cc73a05dd546d4e9627dc
SHA256

f528784611800a1021963abb33a7f62948540dbb3990b5f250df6f096db736d7
SHA512

b4bf903aa605961b2fecf33008ceaac77d993cfc2a817eadf22bdc645eb5701ebfaa0e7c3421b46486317f9c5daf612c60aa9e1961f25b639dc77736f612fa3d
SSDEEP

6144:PsV8BdCCa6sAiVBeGZhhWzEkcxgdlwzy/NCCrIOu4TT:EV8CCasq9ncIkcCQzTCr//

Score

10^/10

gcleaner loader

Family

gcleaner

185.172.128.90

185.172.128.69

Attributes

GCleaner
GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.
loader gcleaner

C:\Users\Admin\AppData\Local\Temp\7f490601c09215a7c268f566b61cbcf0_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\7f490601c09215a7c268f566b61cbcf0_NeikiAnalytics.exe"
1⤵
PID:2224

memory/2224-1-0x00000000005F0000-0x00000000006F0000-memory.dmp

Filesize
1024KB

Download
memory/2224-3-0x0000000000400000-0x000000000042F000-memory.dmp

Filesize
188KB

Download
memory/2224-2-0x0000000000230000-0x000000000025D000-memory.dmp

Filesize
180KB

Download
memory/2224-4-0x0000000000400000-0x0000000000463000-memory.dmp

Filesize
396KB

Download
memory/2224-7-0x00000000005F0000-0x00000000006F0000-memory.dmp

Filesize
1024KB

Download