General

  • Target

    b7f5088a434c735ce9d1229825f6f024e8c03c05877ca8e8f209d5299b3056aa

  • Size

    396KB

  • Sample

    240715-d5g56awdmr

  • MD5

    7668295bda1ee720f5f74814cfd81d8c

  • SHA1

    ba5d86e3368bf249ac5ccee2d841fbcc4070e1c3

  • SHA256

    b7f5088a434c735ce9d1229825f6f024e8c03c05877ca8e8f209d5299b3056aa

  • SHA512

    3131227a656411b73afefbee5adcea5055f133acd2c2b29483beb05f8dd4598573b6c4d3d90065f335b64ce0668431aa5267f30aeda3ea9c27d15bdbf312aafb

  • SSDEEP

    6144:28XRWB7lGsH5yNvCnzO7bu06vFLwbW3IcT:xRspGrq7xvxwbVk

Score
10/10

Malware Config

Extracted

Family

gcleaner

C2

185.172.128.90

77.105.160.30

185.172.128.69

Targets

    • Target

      b7f5088a434c735ce9d1229825f6f024e8c03c05877ca8e8f209d5299b3056aa

    • Size

      396KB

    • MD5

      7668295bda1ee720f5f74814cfd81d8c

    • SHA1

      ba5d86e3368bf249ac5ccee2d841fbcc4070e1c3

    • SHA256

      b7f5088a434c735ce9d1229825f6f024e8c03c05877ca8e8f209d5299b3056aa

    • SHA512

      3131227a656411b73afefbee5adcea5055f133acd2c2b29483beb05f8dd4598573b6c4d3d90065f335b64ce0668431aa5267f30aeda3ea9c27d15bdbf312aafb

    • SSDEEP

      6144:28XRWB7lGsH5yNvCnzO7bu06vFLwbW3IcT:xRspGrq7xvxwbVk

    Score
    10/10
    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks