Extracted

• • Target

    7ef9fc6490d54da33055614b608cbf2e_JaffaCakes118

  • Size

    338KB

  • MD5

    7ef9fc6490d54da33055614b608cbf2e

  • SHA1

    2b4c1379e1fdd86cf94e588ec98e0a8c7207a064

  • SHA256

    096bfa3e2f4fed058fb0e59c58cdeb20e2e19fa321f77bfcdf1215160afdd753

  • SHA512

    f6fb6da9996310c2f5ba08fd9f7023c13e88b21b0d4b8a8ce19716e63240982f0e23b61f5c426a4ae224734a6f49ebca3fe4e859504c130d7dc68a838db1bf77

  • SSDEEP

    6144:pvg9I9HtsWVrwzq3tgtBkOZ45t1RRBZx:pvg9I966rwgP9

  Score

  10^/10

  gcleaneronlyloggerdiscoveryloader

  • GCleaner

    GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

    loadergcleaner

  • Gcleaner family

    gcleaner

  • OnlyLogger

    A tiny loader that uses IPLogger to get its payload.

    loaderonlylogger

  • Onlylogger family

    onlylogger

  • OnlyLogger payload

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Deletes itself

  behavioral1behavioral2