Extracted

• • Target

    a3847825c493b4b76addda43b65194253f4e66a0eb3e9912514afa7b4e4aabae

  • Size

    423KB

  • MD5

    c7a3775cbc45c5fb06468404eba0bf61

  • SHA1

    38df1fe93c42515051b6e82c1e3c88d64015c969

  • SHA256

    a3847825c493b4b76addda43b65194253f4e66a0eb3e9912514afa7b4e4aabae

  • SHA512

    d460e27ee6775353ee291811a8428f07b5b7e15b34033c42ae3b52797fe4d32c3a44ca1e6c368ec5748834e2be46475ef73154b87c42484bfc1b87999c8d64bd

  • SSDEEP

    6144:EstNUDvKsWwGx8wDBl006djfP/+NqZNFQFmPEREv:EONUDvDWwG/lwjWi2mP

  Score

  10^/10

  gcleanerdiscoveryloader

  • GCleaner

    GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

    loadergcleaner

  • Downloads MZ/PE file

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  behavioral1behavioral2