gcleaner | 3a90812055ef0af5675ec83402e35ad35e74f8922bd99e01002ba9f8f760d73a | Triage

Submit
Reports

Overview

overview

Static

static

3

3659d9af87...18.exe

windows7-x64

3659d9af87...18.exe

windows10-2004-x64

Sharing

General

Target

3659d9af87a662dcd23aa95129a8a18a_JaffaCakes118
Size

302KB
Sample

240710-zryrmszbnq
MD5

3659d9af87a662dcd23aa95129a8a18a
SHA1

65c09ed0e94bc1c0753c73b43bee3c038805e942
SHA256

3a90812055ef0af5675ec83402e35ad35e74f8922bd99e01002ba9f8f760d73a
SHA512

18136f1f76b6eb8b2d10ebc28b8a13156abaecf7faf972546d939d4b2b2859b2e29036d7d3ced429586212848a8b27c05536e3b8215d5557a1d44cc5edb04382
SSDEEP

6144:5vpfBGU88YNSSpAMwpTBZTJYr/MZ+5Xol60MXK1vsy:5hpL88YFpaFdzZ+hoLIKN5

Score

10^/10

gcleaner onlylogger loader

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

3659d9af87a662dcd23aa95129a8a18a_JaffaCakes118.exe

Resource

win7-20240705-en

gcleaner onlylogger loader

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

3659d9af87a662dcd23aa95129a8a18a_JaffaCakes118.exe

Resource

win10v2004-20240709-en

gcleaner onlylogger loader

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

gcleaner

C2

gcl-page.biz

194.145.227.161

Targets

- Target
  
  3659d9af87a662dcd23aa95129a8a18a_JaffaCakes118
- Size
  
  302KB
- MD5
  
  3659d9af87a662dcd23aa95129a8a18a
- SHA1
  
  65c09ed0e94bc1c0753c73b43bee3c038805e942
- SHA256
  
  3a90812055ef0af5675ec83402e35ad35e74f8922bd99e01002ba9f8f760d73a
- SHA512
  
  18136f1f76b6eb8b2d10ebc28b8a13156abaecf7faf972546d939d4b2b2859b2e29036d7d3ced429586212848a8b27c05536e3b8215d5557a1d44cc5edb04382
- SSDEEP
  
  6144:5vpfBGU88YNSSpAMwpTBZTJYr/MZ+5Xol60MXK1vsy:5hpL88YFpaFdzZ+hoLIKN5
Score

10^/10

gcleaner onlylogger loader
- GCleaner
  GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.
  loader gcleaner
- OnlyLogger
  A tiny loader that uses IPLogger to get its payload.
  loader onlylogger
- OnlyLogger payload
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

gcleaneronlyloggerloader

behavioral2

gcleaneronlyloggerloader

© 2018-2025

Terms | Privacy