Extracted

• • Target

    60b5b44e2f4b3f0ac140cfeb211bfb5db10451ca4e4f22c20b529064753e05c2.exe

  • Size

    434KB

  • MD5

    658f5cc491e8dfa795631aaec4d413c6

  • SHA1

    369afb0cd235845a682abaaa7c0dd28f6dafaf3b

  • SHA256

    60b5b44e2f4b3f0ac140cfeb211bfb5db10451ca4e4f22c20b529064753e05c2

  • SHA512

    eae0511ade4786db99dda64226b40583c9ad0a46018f64f8148e155a3e0974135a92595efd0884e2727a90f146398e1c6e085fad4935de2dbde22c88c4fbc876

  • SSDEEP

    12288:zzI8cv58+wGnt8MWn03argrhMqoI8brrCP1buwrC:zkHhWGntq0XD8vrCNiGC

  Score

  10^/10

  gcleaneronlyloggerdiscoveryloader

  • GCleaner

    GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

    loadergcleaner

  • Gcleaner family

    gcleaner

  • OnlyLogger

    A tiny loader that uses IPLogger to get its payload.

    loaderonlylogger

  • Onlylogger family

    onlylogger

  • OnlyLogger payload

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Deletes itself

  behavioral1behavioral2