gcleaner | 04c8f44d0fcc142609321b392bb80a545cc936432765b3f2e2a3524af916c891 | Triage

Sharing

General

Target

04c8f44d0fcc142609321b392bb80a545cc936432765b3f2e2a3524af916c891
Size

325KB
Sample

240906-zrdfpsxekq
MD5

3919567bac2d001d051f2f86a6b00b1e
SHA1

cc7a1c2c0283308a6a32336d94160fa495f369b5
SHA256

04c8f44d0fcc142609321b392bb80a545cc936432765b3f2e2a3524af916c891
SHA512

a6d0de5a7e262a6b3eea1660319893f2143fe1f2e63ff3eb9ef2867dc8ad90165f7a7bb7b8a5679dda6da9719bb1d5ee4764b8be654ffcef095cfc448df09323
SSDEEP

6144:WQDahWrg8r1VVBB76UBumqMr14PTXwylWZv/Mo0Vdh1aQ:WIagk8rHVj3tqMr14PVlG4Vdz

Score

10^/10

gcleaner discovery loader

Malware Config

Extracted

Family

gcleaner

C2

80.66.75.114

45.91.200.135

Targets

- Target
  
  04c8f44d0fcc142609321b392bb80a545cc936432765b3f2e2a3524af916c891
- Size
  
  325KB
- MD5
  
  3919567bac2d001d051f2f86a6b00b1e
- SHA1
  
  cc7a1c2c0283308a6a32336d94160fa495f369b5
- SHA256
  
  04c8f44d0fcc142609321b392bb80a545cc936432765b3f2e2a3524af916c891
- SHA512
  
  a6d0de5a7e262a6b3eea1660319893f2143fe1f2e63ff3eb9ef2867dc8ad90165f7a7bb7b8a5679dda6da9719bb1d5ee4764b8be654ffcef095cfc448df09323
- SSDEEP
  
  6144:WQDahWrg8r1VVBB76UBumqMr14PTXwylWZv/Mo0Vdh1aQ:WIagk8rHVj3tqMr14PVlG4Vdz
Score

10^/10

gcleaner discovery loader
- GCleaner
  GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.
  loader gcleaner
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gcleanerdiscoveryloader

behavioral2

gcleanerdiscoveryloader