gcleaner | 22b301c8e53a4d13ea7517f4e8d953c8911bb590ff50643177d094957a9f3894 | Triage

Sharing

General

Target

22b301c8e53a4d13ea7517f4e8d953c8911bb590ff50643177d094957a9f3894
Size

290KB
Sample

240829-rbzp1avgjb
MD5

483d7732051a0cfb705c7bd926402556
SHA1

50e880ce1dadcac090461cdafdf5f5f48f66382d
SHA256

22b301c8e53a4d13ea7517f4e8d953c8911bb590ff50643177d094957a9f3894
SHA512

fb771ec413bc8d5d4af4ce60bde8ff7c0c60f1616eb4bae1134235657dc6d0083bcef6f226c23bd4548dfbaee033d72ffa7ddd26d441ca37c9ea1f6c2f4c8a67
SSDEEP

6144:l5VJAK0ra6yHIm2k60h7WPoUsk7Gs7Mh4roDpW:l5VJAK0rJy1R60h7wFRZcP

Score

10^/10

gcleaner discovery loader

Malware Config

Extracted

Family

gcleaner

C2

80.66.75.114

Targets

- Target
  
  22b301c8e53a4d13ea7517f4e8d953c8911bb590ff50643177d094957a9f3894
- Size
  
  290KB
- MD5
  
  483d7732051a0cfb705c7bd926402556
- SHA1
  
  50e880ce1dadcac090461cdafdf5f5f48f66382d
- SHA256
  
  22b301c8e53a4d13ea7517f4e8d953c8911bb590ff50643177d094957a9f3894
- SHA512
  
  fb771ec413bc8d5d4af4ce60bde8ff7c0c60f1616eb4bae1134235657dc6d0083bcef6f226c23bd4548dfbaee033d72ffa7ddd26d441ca37c9ea1f6c2f4c8a67
- SSDEEP
  
  6144:l5VJAK0ra6yHIm2k60h7WPoUsk7Gs7Mh4roDpW:l5VJAK0rJy1R60h7wFRZcP
Score

10^/10

gcleaner discovery loader
- GCleaner
  GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.
  loader gcleaner
- Downloads MZ/PE file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gcleanerdiscoveryloader

behavioral2

gcleanerdiscoveryloader