gcleaner | ebccc88a6758ad9729b960ae3ca4ea73eae9f47f14eee41058e20f15c2f94b23 | Triage

Sharing

General

Target

ebccc88a6758ad9729b960ae3ca4ea73eae9f47f14eee41058e20f15c2f94b23
Size

303KB
Sample

240926-297tdawcqa
MD5

d7a9b38f0f8037e514766f21cfae21ce
SHA1

d5d45922b0d0e34a2a4d907fb1a75f71428d69fb
SHA256

ebccc88a6758ad9729b960ae3ca4ea73eae9f47f14eee41058e20f15c2f94b23
SHA512

248aefcdd9989abb405f9a7fdaaac64be2261bfc6ec0e320a74bef7cb2c1291fc45f95b436d4da1a2995b0664d1b7762d6761371b4cb43005e032952f2ca9456
SSDEEP

6144:zLJkYwNzegsnQynFjpzeWKw5W4tgFYc5BZBRi:zdk7NKgsj1pCWxW4Gti

Score

10^/10

gcleaner discovery loader

Malware Config

Extracted

Family

gcleaner

C2

80.66.75.114

Targets

- Target
  
  ebccc88a6758ad9729b960ae3ca4ea73eae9f47f14eee41058e20f15c2f94b23
- Size
  
  303KB
- MD5
  
  d7a9b38f0f8037e514766f21cfae21ce
- SHA1
  
  d5d45922b0d0e34a2a4d907fb1a75f71428d69fb
- SHA256
  
  ebccc88a6758ad9729b960ae3ca4ea73eae9f47f14eee41058e20f15c2f94b23
- SHA512
  
  248aefcdd9989abb405f9a7fdaaac64be2261bfc6ec0e320a74bef7cb2c1291fc45f95b436d4da1a2995b0664d1b7762d6761371b4cb43005e032952f2ca9456
- SSDEEP
  
  6144:zLJkYwNzegsnQynFjpzeWKw5W4tgFYc5BZBRi:zdk7NKgsj1pCWxW4Gti
Score

10^/10

gcleaner discovery loader
- GCleaner
  GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.
  loader gcleaner
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gcleanerdiscoveryloader

behavioral2

gcleanerdiscoveryloader