gcleaner | f882cbd5034165bd0b67394a0d3fa0126f06a4fa2b5c0aaaf41fda6cf645f2c3 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

cryptolaemus

windows10-2004-x64

cryptolaemus

windows11-21h2-x64

Sharing

General

Target

f882cbd5034165bd0b67394a0d3fa0126f06a4fa2b5c0aaaf41fda6cf645f2c3
Size

310KB
Sample

240912-hf269awema
MD5

6c75f4f6f5e088a7fa62a7b840c1e319
SHA1

630f35575568b0b5fe8c1122872f4cce8548d001
SHA256

f882cbd5034165bd0b67394a0d3fa0126f06a4fa2b5c0aaaf41fda6cf645f2c3
SHA512

b7dbb97ef65e5bdf069e7af468681fd08f98f19cd65c40630818e95c5d1782c3eb1c2aa7fd5450dba268bd9480742353644e5cc97e933702d6ac1d827cce073d
SSDEEP

6144:mIopxV3C1cvA7vTw6a5kYi6zlqYCRProo5:mICVy1c2vsROYi4MYCRPro

Score

10^/10

gcleaner discovery loader

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

f882cbd5034165bd0b67394a0d3fa0126f06a4fa2b5c0aaaf41fda6cf645f2c3.exe

Resource

win10v2004-20240910-en

gcleaner discovery loader

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

f882cbd5034165bd0b67394a0d3fa0126f06a4fa2b5c0aaaf41fda6cf645f2c3.exe

Resource

win11-20240802-en

gcleaner discovery loader

windows11-21h2-x64

8 signatures

150 seconds

Malware Config

Extracted

Family

gcleaner

C2

80.66.75.114

45.91.200.135

Targets

- Target
  
  f882cbd5034165bd0b67394a0d3fa0126f06a4fa2b5c0aaaf41fda6cf645f2c3
- Size
  
  310KB
- MD5
  
  6c75f4f6f5e088a7fa62a7b840c1e319
- SHA1
  
  630f35575568b0b5fe8c1122872f4cce8548d001
- SHA256
  
  f882cbd5034165bd0b67394a0d3fa0126f06a4fa2b5c0aaaf41fda6cf645f2c3
- SHA512
  
  b7dbb97ef65e5bdf069e7af468681fd08f98f19cd65c40630818e95c5d1782c3eb1c2aa7fd5450dba268bd9480742353644e5cc97e933702d6ac1d827cce073d
- SSDEEP
  
  6144:mIopxV3C1cvA7vTw6a5kYi6zlqYCRProo5:mICVy1c2vsROYi4MYCRPro
Score

10^/10

gcleaner discovery loader
- GCleaner
  GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.
  loader gcleaner
- Downloads MZ/PE file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gcleanerdiscoveryloader

behavioral2

gcleanerdiscoveryloader

© 2018-2025

Terms | Privacy