gcleaner | 7a0a4dfc537639e09e04640b9da5f5fe190711dca7577ebf5e1dc7bc08f6be80 | Triage

Sharing

General

Target

7a0a4dfc537639e09e04640b9da5f5fe190711dca7577ebf5e1dc7bc08f6be80
Size

325KB
Sample

240908-t38hbswdrm
MD5

a387daad9957d929ac390d94918db163
SHA1

2d330b56a8c683f52477d2374f2bac53c5362ec5
SHA256

7a0a4dfc537639e09e04640b9da5f5fe190711dca7577ebf5e1dc7bc08f6be80
SHA512

80de4f99fbd8ba9bdb28320d3518bfadf48dc246ac8b5f74ba63dae90d1adbdeba86d1d3559536818b83db280f607a4749448d211b7a4de8917cb859d3f5cbb9
SSDEEP

6144:AfbZbA7FfnooEU40dLAiCJDAq8q14czQ/oHuQTdJMc1L:EbpA7FfnooEU4YLuJuHoHhdJHV

Score

10^/10

gcleaner discovery loader

Malware Config

Extracted

Family

gcleaner

C2

80.66.75.114

45.91.200.135

Targets

- Target
  
  7a0a4dfc537639e09e04640b9da5f5fe190711dca7577ebf5e1dc7bc08f6be80
- Size
  
  325KB
- MD5
  
  a387daad9957d929ac390d94918db163
- SHA1
  
  2d330b56a8c683f52477d2374f2bac53c5362ec5
- SHA256
  
  7a0a4dfc537639e09e04640b9da5f5fe190711dca7577ebf5e1dc7bc08f6be80
- SHA512
  
  80de4f99fbd8ba9bdb28320d3518bfadf48dc246ac8b5f74ba63dae90d1adbdeba86d1d3559536818b83db280f607a4749448d211b7a4de8917cb859d3f5cbb9
- SSDEEP
  
  6144:AfbZbA7FfnooEU40dLAiCJDAq8q14czQ/oHuQTdJMc1L:EbpA7FfnooEU4YLuJuHoHhdJHV
Score

10^/10

gcleaner discovery loader
- GCleaner
  GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.
  loader gcleaner
- Downloads MZ/PE file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gcleanerdiscoveryloader

behavioral2

gcleanerdiscoveryloader