Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    10ba5ea6d7118911b49c78c9cfcd9436291993cab57473896df6e2051f370a62

  • Size

    237KB

  • Sample

    240709-p2m3savcqm

  • MD5

    beb60cefe2b2df34e03597daeec17c16

  • SHA1

    8b9f0d725cc2b398fbecde6db29550a7cca74992

  • SHA256

    10ba5ea6d7118911b49c78c9cfcd9436291993cab57473896df6e2051f370a62

  • SHA512

    af87a6450116b9d6958b7b8b5f960f14a23f4850b3d9e2d250052f718eef081f2f5218b883556e02c7f00ddcbda7467634d9109987363c73f80e375e16981b5f

  • SSDEEP

    3072:xT29zMie9ASIaX7c3DHpMjksGkc+bvR3Fc2T+XZ5hV0LCuUmwp8J2B:t29aIaLGH8Ib+TRHT+J5MCuUJp8wB

Score
10/10

Malware Config

Extracted

Family

gcleaner

C2

185.172.128.90

185.172.128.69

Attributes
  • url_path

    /advdlc.php

Targets

    • Target

      10ba5ea6d7118911b49c78c9cfcd9436291993cab57473896df6e2051f370a62

    • Size

      237KB

    • MD5

      beb60cefe2b2df34e03597daeec17c16

    • SHA1

      8b9f0d725cc2b398fbecde6db29550a7cca74992

    • SHA256

      10ba5ea6d7118911b49c78c9cfcd9436291993cab57473896df6e2051f370a62

    • SHA512

      af87a6450116b9d6958b7b8b5f960f14a23f4850b3d9e2d250052f718eef081f2f5218b883556e02c7f00ddcbda7467634d9109987363c73f80e375e16981b5f

    • SSDEEP

      3072:xT29zMie9ASIaX7c3DHpMjksGkc+bvR3Fc2T+XZ5hV0LCuUmwp8J2B:t29aIaLGH8Ib+TRHT+J5MCuUJp8wB

    Score
    10/10
    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks