gcleaner | 58af974f93776c5c52d932b73303e5cb3d7efa88beb51d03b966f14ef43d9f86 | Triage

Sharing

General

Target

58af974f93776c5c52d932b73303e5cb3d7efa88beb51d03b966f14ef43d9f86
Size

1.6MB
Sample

240622-zhp35sxfnm
MD5

64155e1f3fd39db28a55b2984166ff57
SHA1

5aa77bd134701c63cfe916c1f70517e8f37a9e4f
SHA256

58af974f93776c5c52d932b73303e5cb3d7efa88beb51d03b966f14ef43d9f86
SHA512

5adf51ae961f3637fa51278e62f2c5119491f703cbedc4f3f426bf6860608cf8b213122ef9b8b35fd4439acb3068a58231504e072b0b7c2862dff48248673440
SSDEEP

24576:vQLWFxoPlTqjaLZp/KVmj0sVoBgjqLjpOo234R3QksMYjIycm:vmW49TqjaLZp/xmnZC1F

Score

10^/10

gcleaner loader

Malware Config

Extracted

Family

gcleaner

C2

85.208.136.148

85.208.136.56

85.208.136.48

85.208.136.87

Attributes

url_path
/x.php
/soft.php
/soft.php

Targets

- Target
  
  58af974f93776c5c52d932b73303e5cb3d7efa88beb51d03b966f14ef43d9f86
- Size
  
  1.6MB
- MD5
  
  64155e1f3fd39db28a55b2984166ff57
- SHA1
  
  5aa77bd134701c63cfe916c1f70517e8f37a9e4f
- SHA256
  
  58af974f93776c5c52d932b73303e5cb3d7efa88beb51d03b966f14ef43d9f86
- SHA512
  
  5adf51ae961f3637fa51278e62f2c5119491f703cbedc4f3f426bf6860608cf8b213122ef9b8b35fd4439acb3068a58231504e072b0b7c2862dff48248673440
- SSDEEP
  
  24576:vQLWFxoPlTqjaLZp/KVmj0sVoBgjqLjpOo234R3QksMYjIycm:vmW49TqjaLZp/xmnZC1F
Score

10^/10

gcleaner loader
- GCleaner
  GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.
  loader gcleaner
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2