gcleaner | bf0de0494657ffc8709f40406512e43918d3db0a0c05738f68c9b4ba0bc0628b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bf0de0494657ffc8709f40406512e43918d3db0a0c05738f68c9b4ba0bc0628b
Size

325KB
Sample

240906-v5kdysyhkk
MD5

d65f1861269474fb7a7c6efefda35ca9
SHA1

e20a3dbd40fd939afe3ebb76ffec43b664acf294
SHA256

bf0de0494657ffc8709f40406512e43918d3db0a0c05738f68c9b4ba0bc0628b
SHA512

adc4b9b0b9a27085da200b46b25d0c3567a2513562b4e387a2d0fe1d3295410ed6c8c469ab6aa23f0cb870d7806968aa0c1f9193b34999f74e0cdd564ef8ffd5
SSDEEP

6144:6ND4sxW682q1VibYNKEGmJoMC85RL/Md50Vdh1+Q:6x4LT2qWdmJoHg1Vdz

Score

10^/10

gcleaner discovery loader

Malware Config

Extracted

Family

gcleaner

C2

80.66.75.114

45.91.200.135

Targets

- Target
  
  bf0de0494657ffc8709f40406512e43918d3db0a0c05738f68c9b4ba0bc0628b
- Size
  
  325KB
- MD5
  
  d65f1861269474fb7a7c6efefda35ca9
- SHA1
  
  e20a3dbd40fd939afe3ebb76ffec43b664acf294
- SHA256
  
  bf0de0494657ffc8709f40406512e43918d3db0a0c05738f68c9b4ba0bc0628b
- SHA512
  
  adc4b9b0b9a27085da200b46b25d0c3567a2513562b4e387a2d0fe1d3295410ed6c8c469ab6aa23f0cb870d7806968aa0c1f9193b34999f74e0cdd564ef8ffd5
- SSDEEP
  
  6144:6ND4sxW682q1VibYNKEGmJoMC85RL/Md50Vdh1+Q:6x4LT2qWdmJoHg1Vdz
Score

10^/10

gcleaner discovery loader
- GCleaner
  GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.
  loader gcleaner
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gcleanerdiscoveryloader

behavioral2

gcleanerdiscoveryloader