General

  • Target

    d567be5711b1b8df25432a6d4dee4826da4b3ef3aa8b610cb486bf4640eb4ea0

  • Size

    271KB

  • Sample

    240902-tx6fsatfmn

  • MD5

    66bb2a54abc3a0d40b17d491939a81d8

  • SHA1

    e9df0fbbdae00298f0794a8c6797f3cc7ddfc7b4

  • SHA256

    d567be5711b1b8df25432a6d4dee4826da4b3ef3aa8b610cb486bf4640eb4ea0

  • SHA512

    7fbc4d58bbbfe17f032f84b9c545f8361cc53abdb5af9b61edd07b70ec5fbc30425e3c085de53af781f115d60bbc0f4aa835dffe43b616f9a8cbc90f6d68471e

  • SSDEEP

    6144:m0B0sBUcuNVvm3Of7rhKDYIQO3zARls/gqe:m0UcuGOg8K3cl

Malware Config

Extracted

Family

gcleaner

C2

80.66.75.114

Targets

    • Target

      d567be5711b1b8df25432a6d4dee4826da4b3ef3aa8b610cb486bf4640eb4ea0

    • Size

      271KB

    • MD5

      66bb2a54abc3a0d40b17d491939a81d8

    • SHA1

      e9df0fbbdae00298f0794a8c6797f3cc7ddfc7b4

    • SHA256

      d567be5711b1b8df25432a6d4dee4826da4b3ef3aa8b610cb486bf4640eb4ea0

    • SHA512

      7fbc4d58bbbfe17f032f84b9c545f8361cc53abdb5af9b61edd07b70ec5fbc30425e3c085de53af781f115d60bbc0f4aa835dffe43b616f9a8cbc90f6d68471e

    • SSDEEP

      6144:m0B0sBUcuNVvm3Of7rhKDYIQO3zARls/gqe:m0UcuGOg8K3cl

    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks