gcleaner | 5dd9fb6f1ac968e565f74420d2b25bfb7a4245745e68f6e8d5c62fcf4968d93b | Triage

Sharing

General

Target

5dd9fb6f1ac968e565f74420d2b25bfb7a4245745e68f6e8d5c62fcf4968d93b
Size

380KB
Sample

240909-x8qfgswbnn
MD5

6b507f77fc357e100e017db7b6d97f97
SHA1

a479c0a43a8946b6dd08fd857524daeadb66ddf1
SHA256

5dd9fb6f1ac968e565f74420d2b25bfb7a4245745e68f6e8d5c62fcf4968d93b
SHA512

a07769d287503213fb50971f749782b1cd0be9e5d0a53b2ebd4090669243ca11493f44b3b98e124f82c22385b4cc9e6a041880b3a2d82d930d7ca613f9fb94dc
SSDEEP

6144:cxmET2obobSh03A65getrWyFgplUI4XHkUliqB/LCpzoWpmVePuf:cVqeobN5getzgplO2eW0

Score

10^/10

gcleaner discovery loader

Malware Config

Extracted

Family

gcleaner

C2

80.66.75.114

45.91.200.135

Targets

- Target
  
  5dd9fb6f1ac968e565f74420d2b25bfb7a4245745e68f6e8d5c62fcf4968d93b
- Size
  
  380KB
- MD5
  
  6b507f77fc357e100e017db7b6d97f97
- SHA1
  
  a479c0a43a8946b6dd08fd857524daeadb66ddf1
- SHA256
  
  5dd9fb6f1ac968e565f74420d2b25bfb7a4245745e68f6e8d5c62fcf4968d93b
- SHA512
  
  a07769d287503213fb50971f749782b1cd0be9e5d0a53b2ebd4090669243ca11493f44b3b98e124f82c22385b4cc9e6a041880b3a2d82d930d7ca613f9fb94dc
- SSDEEP
  
  6144:cxmET2obobSh03A65getrWyFgplUI4XHkUliqB/LCpzoWpmVePuf:cVqeobN5getzgplO2eW0
Score

10^/10

gcleaner discovery loader
- GCleaner
  GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.
  loader gcleaner
- Downloads MZ/PE file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gcleanerdiscoveryloader

behavioral2

gcleanerdiscoveryloader