gcleaner | 41520590fd911f3c057bfc6c55409e83963f4469a679afc14a750897c35a47ea | Triage

Sharing

General

Target

41520590fd911f3c057bfc6c55409e83963f4469a679afc14a750897c35a47ea
Size

313KB
Sample

240621-lnjlnayemr
MD5

156ba1683fd49e67a52afcbef2a154ed
SHA1

3b416c5a550136532393f946a51dae46fb9cfd50
SHA256

41520590fd911f3c057bfc6c55409e83963f4469a679afc14a750897c35a47ea
SHA512

3b7ecc019f0fe652e4c97ac55385b73506288f693c237fa350ce427bd5edd18591f3a47d963ecf7e5de4fea02efe1822d9c0a6efd3ce9edbde4803a30d24058c
SSDEEP

6144:qU1/w/Po9Tc+7D29GuR0vUMhLqRg9XfE/:5w/Pov2ES0MYO

Score

10^/10

gcleaner loader

Malware Config

Extracted

Family

gcleaner

C2

185.172.128.90

5.42.64.56

185.172.128.69

Targets

- Target
  
  41520590fd911f3c057bfc6c55409e83963f4469a679afc14a750897c35a47ea
- Size
  
  313KB
- MD5
  
  156ba1683fd49e67a52afcbef2a154ed
- SHA1
  
  3b416c5a550136532393f946a51dae46fb9cfd50
- SHA256
  
  41520590fd911f3c057bfc6c55409e83963f4469a679afc14a750897c35a47ea
- SHA512
  
  3b7ecc019f0fe652e4c97ac55385b73506288f693c237fa350ce427bd5edd18591f3a47d963ecf7e5de4fea02efe1822d9c0a6efd3ce9edbde4803a30d24058c
- SSDEEP
  
  6144:qU1/w/Po9Tc+7D29GuR0vUMhLqRg9XfE/:5w/Pov2ES0MYO
Score

10^/10

gcleaner loader
- GCleaner
  GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.
  loader gcleaner
- Downloads MZ/PE file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2