gcleaner | 5fb39f0a1b82a980e5c546a61656afee30fe0930cac1525b119521786fcbd885 | Triage

Sharing

General

Target

5fb39f0a1b82a980e5c546a61656afee30fe0930cac1525b119521786fcbd885
Size

272KB
Sample

240905-2k7gbasgqc
MD5

83d90b01c734221c05c3f2440bf15660
SHA1

dd183a34dbe2956487e0ade131e5ababf010b797
SHA256

5fb39f0a1b82a980e5c546a61656afee30fe0930cac1525b119521786fcbd885
SHA512

717fe4096a22f3ef19af160f6e2ff53b78e072bdab1314c862fc072532ed98f1e895ee4139ef941939498593e48c44a9383b4415837196473fa4cee7e5c67bf0
SSDEEP

6144:ATfD5BQnup57iPy3Wm1bbjMbs/Wfxk6m+Xyx/U/HDfPgqE:ArQnu+yd1/nW26dyxMfDC

Score

10^/10

gcleaner discovery loader

Malware Config

Extracted

Family

gcleaner

C2

80.66.75.114

Targets

- Target
  
  5fb39f0a1b82a980e5c546a61656afee30fe0930cac1525b119521786fcbd885
- Size
  
  272KB
- MD5
  
  83d90b01c734221c05c3f2440bf15660
- SHA1
  
  dd183a34dbe2956487e0ade131e5ababf010b797
- SHA256
  
  5fb39f0a1b82a980e5c546a61656afee30fe0930cac1525b119521786fcbd885
- SHA512
  
  717fe4096a22f3ef19af160f6e2ff53b78e072bdab1314c862fc072532ed98f1e895ee4139ef941939498593e48c44a9383b4415837196473fa4cee7e5c67bf0
- SSDEEP
  
  6144:ATfD5BQnup57iPy3Wm1bbjMbs/Wfxk6m+Xyx/U/HDfPgqE:ArQnu+yd1/nW26dyxMfDC
Score

10^/10

gcleaner discovery loader
- GCleaner
  GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.
  loader gcleaner
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gcleanerdiscoveryloader

behavioral2

gcleanerdiscoveryloader