General

  • Target

    da312b92046ec12684610e850c684b0582ffb51b47c4a6b83c9f08ec582a9698

  • Size

    397KB

  • Sample

    240715-qckf2avgpb

  • MD5

    7d0a5e318dc7da5f4a15b7292aa49cf3

  • SHA1

    a9e39542938617f23400f19d5ce35ee6699baceb

  • SHA256

    da312b92046ec12684610e850c684b0582ffb51b47c4a6b83c9f08ec582a9698

  • SHA512

    7b11165b8523d1ae250ff163fad1009dd940d0acdf248fef8abefdca568030773c2f8879e4f82029bdb3949f19e0eab3cd1f28ef8c34b0665fb6893f47fea4eb

  • SSDEEP

    3072:oWzBLnSP1qIhe8/l0pIIOjZleVdRJgKB4t0QexVHmMDRLUM6mQRqIz3+VU/G2oRI:oaBLSP1qu4wj4nqipRLsmQRT5/w0sT

Score
10/10

Malware Config

Extracted

Family

gcleaner

C2

185.172.128.90

77.105.160.30

185.172.128.69

Targets

    • Target

      da312b92046ec12684610e850c684b0582ffb51b47c4a6b83c9f08ec582a9698

    • Size

      397KB

    • MD5

      7d0a5e318dc7da5f4a15b7292aa49cf3

    • SHA1

      a9e39542938617f23400f19d5ce35ee6699baceb

    • SHA256

      da312b92046ec12684610e850c684b0582ffb51b47c4a6b83c9f08ec582a9698

    • SHA512

      7b11165b8523d1ae250ff163fad1009dd940d0acdf248fef8abefdca568030773c2f8879e4f82029bdb3949f19e0eab3cd1f28ef8c34b0665fb6893f47fea4eb

    • SSDEEP

      3072:oWzBLnSP1qIhe8/l0pIIOjZleVdRJgKB4t0QexVHmMDRLUM6mQRqIz3+VU/G2oRI:oaBLSP1qu4wj4nqipRLsmQRT5/w0sT

    Score
    10/10
    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks