gcleaner | ccabd0537a8045b84a81a75285d7d25a27503fabeed836d78bb26b3196e075a8 | Triage

Sharing

General

Target

ccabd0537a8045b84a81a75285d7d25a27503fabeed836d78bb26b3196e075a8
Size

291KB
Sample

240829-zdnphssaqp
MD5

99d3b0638ef7537b87a91c03c8908cf3
SHA1

6bda2202947569e5c305ece4619b5df9a17aed7b
SHA256

ccabd0537a8045b84a81a75285d7d25a27503fabeed836d78bb26b3196e075a8
SHA512

40fceb6c1da76bb446ad3991eb57c25c468daa817d908b53e2b3f6409dafcac8fc56683d00503cc8b58b4426bec6ac966ae6e813bfa7c53a152881d28d03557b
SSDEEP

6144:LRFdAZdPKTh1izTZh/Z2oifBAEPm77Mh0HDUDMW:LRFdAZdP8XifZhhnif7O7caDC

Score

10^/10

gcleaner discovery loader

Malware Config

Extracted

Family

gcleaner

C2

80.66.75.114

Targets

- Target
  
  ccabd0537a8045b84a81a75285d7d25a27503fabeed836d78bb26b3196e075a8
- Size
  
  291KB
- MD5
  
  99d3b0638ef7537b87a91c03c8908cf3
- SHA1
  
  6bda2202947569e5c305ece4619b5df9a17aed7b
- SHA256
  
  ccabd0537a8045b84a81a75285d7d25a27503fabeed836d78bb26b3196e075a8
- SHA512
  
  40fceb6c1da76bb446ad3991eb57c25c468daa817d908b53e2b3f6409dafcac8fc56683d00503cc8b58b4426bec6ac966ae6e813bfa7c53a152881d28d03557b
- SSDEEP
  
  6144:LRFdAZdPKTh1izTZh/Z2oifBAEPm77Mh0HDUDMW:LRFdAZdP8XifZhhnif7O7caDC
Score

10^/10

gcleaner discovery loader
- GCleaner
  GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.
  loader gcleaner
- Downloads MZ/PE file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gcleanerdiscoveryloader

behavioral2

gcleanerdiscoveryloader