gcleaner | f151ea6249959fa93e3e3f1eb3c83c259bc23f93e052b132c5f45d180ee41840 | Triage

Sharing

General

Target

inte.exe
Size

309KB
Sample

240912-flf5vssdjk
MD5

7843ceaa0b4ea7bd6b37d453ffe0f72c
SHA1

45be48fad4296f903c7ff9cd8d604f7900248d86
SHA256

f151ea6249959fa93e3e3f1eb3c83c259bc23f93e052b132c5f45d180ee41840
SHA512

501ab1a157d6339231d4e36c3a323e1a00df92ee8556487ead97913d120576d645a9d0034c755c9c29a400b320a05029b42e927f8b7e2919e049fcd3c44271dd
SSDEEP

6144:TuicZcyHMdzLVy0D7/28SQg1Yw1w+Yso4aEW:TuiYcUMdvfgLwsV

Score

10^/10

gcleaner discovery loader

Malware Config

Extracted

Family

gcleaner

C2

80.66.75.114

Targets

- Target
  
  inte.exe
- Size
  
  309KB
- MD5
  
  7843ceaa0b4ea7bd6b37d453ffe0f72c
- SHA1
  
  45be48fad4296f903c7ff9cd8d604f7900248d86
- SHA256
  
  f151ea6249959fa93e3e3f1eb3c83c259bc23f93e052b132c5f45d180ee41840
- SHA512
  
  501ab1a157d6339231d4e36c3a323e1a00df92ee8556487ead97913d120576d645a9d0034c755c9c29a400b320a05029b42e927f8b7e2919e049fcd3c44271dd
- SSDEEP
  
  6144:TuicZcyHMdzLVy0D7/28SQg1Yw1w+Yso4aEW:TuiYcUMdvfgLwsV
Score

10^/10

gcleaner discovery loader
- GCleaner
  GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.
  loader gcleaner
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gcleanerdiscoveryloader

behavioral2

gcleanerdiscoveryloader