gcleaner | 6fdfd01c94e18b21a5be17437c1ecc885398e9e7e03c33feee1a7ab0bd589985 | Triage

Sharing

General

Target

6fdfd01c94e18b21a5be17437c1ecc885398e9e7e03c33feee1a7ab0bd589985
Size

296KB
Sample

240912-2j72fsyerq
MD5

d175ca1ff19e5499a3fe37ed837a7edf
SHA1

306fb745f2600f4bf27de8cddb0984f72bc0ec68
SHA256

6fdfd01c94e18b21a5be17437c1ecc885398e9e7e03c33feee1a7ab0bd589985
SHA512

9bfe0beaca927468a4a96fe915536e605c52777790f1ed69295ecaa5474f4fe7622c430824fc6c5f7473389d5ee02355ad56494952ca92907df366dd9fb61dc6
SSDEEP

6144:ohDh1RiGbSdRR0m1jzcRTS73AxOwnRW6Z/Mv50Vdh1+Q:oNh1k4SdRR0m1jzcV+qA6JVdz

Score

10^/10

gcleaner discovery loader

Malware Config

Extracted

Family

gcleaner

C2

80.66.75.114

Targets

- Target
  
  6fdfd01c94e18b21a5be17437c1ecc885398e9e7e03c33feee1a7ab0bd589985
- Size
  
  296KB
- MD5
  
  d175ca1ff19e5499a3fe37ed837a7edf
- SHA1
  
  306fb745f2600f4bf27de8cddb0984f72bc0ec68
- SHA256
  
  6fdfd01c94e18b21a5be17437c1ecc885398e9e7e03c33feee1a7ab0bd589985
- SHA512
  
  9bfe0beaca927468a4a96fe915536e605c52777790f1ed69295ecaa5474f4fe7622c430824fc6c5f7473389d5ee02355ad56494952ca92907df366dd9fb61dc6
- SSDEEP
  
  6144:ohDh1RiGbSdRR0m1jzcRTS73AxOwnRW6Z/Mv50Vdh1+Q:oNh1k4SdRR0m1jzcV+qA6JVdz
Score

10^/10

gcleaner discovery loader
- GCleaner
  GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.
  loader gcleaner
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gcleanerdiscoveryloader

behavioral2

gcleanerdiscoveryloader