gcleaner | 470eb3cbcee0130e7aaeb1439d61818336c961d78b6f37cb03cdfaaba0c9522b | Triage

Sharing

General

Target

470eb3cbcee0130e7aaeb1439d61818336c961d78b6f37cb03cdfaaba0c9522b
Size

317KB
Sample

240926-2jth3a1fqj
MD5

b51035da617f85c1e578c77ceb2fb9d9
SHA1

da4341124e46f11e80ad881ff58b40822172c016
SHA256

470eb3cbcee0130e7aaeb1439d61818336c961d78b6f37cb03cdfaaba0c9522b
SHA512

e6f8ac1edd6498a9268e5b8ad481a4b7e0cc200b72685ceaa09a722501c6dc640ef4b03f4c0189ea466c393cfe3d947342463edccab771d738fb304ea4854a44
SSDEEP

6144:+LcLktZ1GAZVf38bUv5YIl1TIN9zFYc5xGNi:+ALktH9Kbkew9IH6Ni

Score

10^/10

gcleaner discovery loader

Malware Config

Extracted

Family

gcleaner

C2

80.66.75.114

Targets

- Target
  
  470eb3cbcee0130e7aaeb1439d61818336c961d78b6f37cb03cdfaaba0c9522b
- Size
  
  317KB
- MD5
  
  b51035da617f85c1e578c77ceb2fb9d9
- SHA1
  
  da4341124e46f11e80ad881ff58b40822172c016
- SHA256
  
  470eb3cbcee0130e7aaeb1439d61818336c961d78b6f37cb03cdfaaba0c9522b
- SHA512
  
  e6f8ac1edd6498a9268e5b8ad481a4b7e0cc200b72685ceaa09a722501c6dc640ef4b03f4c0189ea466c393cfe3d947342463edccab771d738fb304ea4854a44
- SSDEEP
  
  6144:+LcLktZ1GAZVf38bUv5YIl1TIN9zFYc5xGNi:+ALktH9Kbkew9IH6Ni
Score

10^/10

gcleaner discovery loader
- GCleaner
  GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.
  loader gcleaner
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gcleanerdiscoveryloader

behavioral2

gcleanerdiscoveryloader