gcleaner | 4d1372f0e3ed89ba5e18f523bfc8963bb4ceeaf40f742277a6a544918454b5cf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4d1372f0e3ed89ba5e18f523bfc8963bb4ceeaf40f742277a6a544918454b5cf
Size

335KB
Sample

240820-mmhtea1clk
MD5

b7cfd4530ad8b11071738472e81601a9
SHA1

9eaecb23940c5afcdd1ed211437e4d1ddd7dc3ec
SHA256

4d1372f0e3ed89ba5e18f523bfc8963bb4ceeaf40f742277a6a544918454b5cf
SHA512

292ca929febe70bc8167853c056f90f7ee51898f5c40bd34d06e80112a10f006dfda049b26059aadb216a4c1405195ea3ee932bd269060cd7d3c58f2eb4d349e
SSDEEP

3072:TJuUU+AXl01YFiOftOuphAgO6NaUIP8a+wEGQhkhinIp5H2zoYC+DeYl/0:MDvX+aohuMabIP8aVEGek4fzO+A

Score

10^/10

gcleaner discovery loader

Malware Config

Extracted

Family

gcleaner

C2

80.66.75.114

Targets

- Target
  
  4d1372f0e3ed89ba5e18f523bfc8963bb4ceeaf40f742277a6a544918454b5cf
- Size
  
  335KB
- MD5
  
  b7cfd4530ad8b11071738472e81601a9
- SHA1
  
  9eaecb23940c5afcdd1ed211437e4d1ddd7dc3ec
- SHA256
  
  4d1372f0e3ed89ba5e18f523bfc8963bb4ceeaf40f742277a6a544918454b5cf
- SHA512
  
  292ca929febe70bc8167853c056f90f7ee51898f5c40bd34d06e80112a10f006dfda049b26059aadb216a4c1405195ea3ee932bd269060cd7d3c58f2eb4d349e
- SSDEEP
  
  3072:TJuUU+AXl01YFiOftOuphAgO6NaUIP8a+wEGQhkhinIp5H2zoYC+DeYl/0:MDvX+aohuMabIP8aVEGek4fzO+A
Score

10^/10

gcleaner discovery loader
- GCleaner
  GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.
  loader gcleaner
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gcleanerdiscoveryloader

behavioral2

gcleanerdiscoveryloader