gcleaner | 4c205ae37b3ac75414018c9440e3a2703f3b7ac3241371b438061def61c7d2d3 | Triage

Submit
Reports

Overview

overview

Static

static

3

cryptolaemus

windows10-2004-x64

cryptolaemus

windows11-21h2-x64

Sharing

General

Target

4c205ae37b3ac75414018c9440e3a2703f3b7ac3241371b438061def61c7d2d3
Size

399KB
Sample

240620-ylhykaygjp
MD5

35b04a29902a5990727d8f1572fb198f
SHA1

24de5e1dd7711b20c79be2cf747d31f51630aba9
SHA256

4c205ae37b3ac75414018c9440e3a2703f3b7ac3241371b438061def61c7d2d3
SHA512

a68cc96191ef3fa859aaa75f2403f370609f35d5c877bf6bccb60afb81c7201b0307197b7ed464a42f0c45557a1b9ed8578f911fa371ddfe0073577d4d5453e0
SSDEEP

6144:cK3LjMuF4xkLeOra+GWThWGso0xJikqUOvVE68Fu7:P3v/F4xKeMlGshNp0DikqUKE

Score

10^/10

gcleaner loader

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

4c205ae37b3ac75414018c9440e3a2703f3b7ac3241371b438061def61c7d2d3.exe

Resource

win10v2004-20240611-en

gcleaner loader

windows10-2004-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

4c205ae37b3ac75414018c9440e3a2703f3b7ac3241371b438061def61c7d2d3.exe

Resource

win11-20240508-en

gcleaner loader

windows11-21h2-x64

3 signatures

150 seconds

Malware Config

Extracted

Family

gcleaner

C2

185.172.128.90

5.42.64.56

185.172.128.69

Targets

- Target
  
  4c205ae37b3ac75414018c9440e3a2703f3b7ac3241371b438061def61c7d2d3
- Size
  
  399KB
- MD5
  
  35b04a29902a5990727d8f1572fb198f
- SHA1
  
  24de5e1dd7711b20c79be2cf747d31f51630aba9
- SHA256
  
  4c205ae37b3ac75414018c9440e3a2703f3b7ac3241371b438061def61c7d2d3
- SHA512
  
  a68cc96191ef3fa859aaa75f2403f370609f35d5c877bf6bccb60afb81c7201b0307197b7ed464a42f0c45557a1b9ed8578f911fa371ddfe0073577d4d5453e0
- SSDEEP
  
  6144:cK3LjMuF4xkLeOra+GWThWGso0xJikqUOvVE68Fu7:P3v/F4xKeMlGshNp0DikqUKE
Score

10^/10

gcleaner loader
- GCleaner
  GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.
  loader gcleaner
- Downloads MZ/PE file
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy