gcleaner | f008899dac52a14491523f997279392bfe562bcd17aa478313e1b627e43d682d | Triage

Sharing

General

Target

f008899dac52a14491523f997279392bfe562bcd17aa478313e1b627e43d682d
Size

303KB
Sample

240926-3ad8fswcqh
MD5

8fe039aa5103fcbc29712cce73c35267
SHA1

c12df2f751445a2aa03ee15b6c0275765ce70285
SHA256

f008899dac52a14491523f997279392bfe562bcd17aa478313e1b627e43d682d
SHA512

d06728b6f4f7dfe6a9663fb3c0c6200f6699e6ed67d89d2adebe1560791fb82500cb333ffc94294dafc73d55af8bf706967870f8291edf352989277a30f22408
SSDEEP

6144:vLJkYRKuTCz7dBN2dZtaK6oxHdnUFYc5AR:vdkOd+3J27taK3x9bR

Score

10^/10

gcleaner discovery loader

Malware Config

Extracted

Family

gcleaner

C2

80.66.75.114

Targets

- Target
  
  f008899dac52a14491523f997279392bfe562bcd17aa478313e1b627e43d682d
- Size
  
  303KB
- MD5
  
  8fe039aa5103fcbc29712cce73c35267
- SHA1
  
  c12df2f751445a2aa03ee15b6c0275765ce70285
- SHA256
  
  f008899dac52a14491523f997279392bfe562bcd17aa478313e1b627e43d682d
- SHA512
  
  d06728b6f4f7dfe6a9663fb3c0c6200f6699e6ed67d89d2adebe1560791fb82500cb333ffc94294dafc73d55af8bf706967870f8291edf352989277a30f22408
- SSDEEP
  
  6144:vLJkYRKuTCz7dBN2dZtaK6oxHdnUFYc5AR:vdkOd+3J27taK3x9bR
Score

10^/10

gcleaner discovery loader
- GCleaner
  GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.
  loader gcleaner
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gcleanerdiscoveryloader

behavioral2

gcleanerdiscoveryloader