gcleaner | 498c97d14f3b1f43e4d9a159d1c61a45531ecc987d1980f4cebb8f294c0c4da6 | Triage

Sharing

General

Target

498c97d14f3b1f43e4d9a159d1c61a45531ecc987d1980f4cebb8f294c0c4da6
Size

294KB
Sample

240912-2hh1yaydrm
MD5

10e0631a7ec374ff77a0a8977ea08175
SHA1

be051e6da8e781d56ef56110274767dda5611aea
SHA256

498c97d14f3b1f43e4d9a159d1c61a45531ecc987d1980f4cebb8f294c0c4da6
SHA512

95fd5e6d91e6f4fdb8c19a7e0c3402676708c9e5919cb6406f63ea5f06e3ed1fb167a2aa276fe920527d63e48623e47eb3241d1915be6c3b0e530a87c9347e70
SSDEEP

6144:XiDaoUiX/Iov80SZWJBVRryNwMZO3bxFOr2CIk/MT0Vdh1aQ:XiaozvIo0VZWbT+Wkr7IUVdz

Score

10^/10

gcleaner discovery loader

Malware Config

Extracted

Family

gcleaner

C2

80.66.75.114

Targets

- Target
  
  498c97d14f3b1f43e4d9a159d1c61a45531ecc987d1980f4cebb8f294c0c4da6
- Size
  
  294KB
- MD5
  
  10e0631a7ec374ff77a0a8977ea08175
- SHA1
  
  be051e6da8e781d56ef56110274767dda5611aea
- SHA256
  
  498c97d14f3b1f43e4d9a159d1c61a45531ecc987d1980f4cebb8f294c0c4da6
- SHA512
  
  95fd5e6d91e6f4fdb8c19a7e0c3402676708c9e5919cb6406f63ea5f06e3ed1fb167a2aa276fe920527d63e48623e47eb3241d1915be6c3b0e530a87c9347e70
- SSDEEP
  
  6144:XiDaoUiX/Iov80SZWJBVRryNwMZO3bxFOr2CIk/MT0Vdh1aQ:XiaozvIo0VZWbT+Wkr7IUVdz
Score

10^/10

gcleaner discovery loader
- GCleaner
  GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.
  loader gcleaner
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gcleanerdiscoveryloader

behavioral2

gcleanerdiscoveryloader