gcleaner | f79d78fc34936f3fade6e3fdc0c60a632cf3c4399bcdb72fca91d7a96edc4971 | Triage

Submit
Reports

Overview

overview

Static

static

3

aebf139b78...18.exe

windows7-x64

aebf139b78...18.exe

windows10-2004-x64

Sharing

General

Target

aebf139b7872db35a814631c6edd15ad_JaffaCakes118
Size

251KB
Sample

241129-ehmmsszkgl
MD5

aebf139b7872db35a814631c6edd15ad
SHA1

6b877f1b77945405a5fb6e0280cf8bcd6164de0e
SHA256

f79d78fc34936f3fade6e3fdc0c60a632cf3c4399bcdb72fca91d7a96edc4971
SHA512

f8cacb425a440341b5e74a2f0799579597b1f609d2550183178625f8de3b8edacb3e665f7987f1dba6341634874065aa8a2a59f0e5c8d0b35f80a06ac8284ef5
SSDEEP

6144:MJLWAmTu9YBu5KOyLwzaASd6UrRgoxJgTBI:MJqAV2BuFyLwlGRxYT

Score

10^/10

gcleaner onlylogger discovery loader

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

aebf139b7872db35a814631c6edd15ad_JaffaCakes118.exe

Resource

win7-20240903-en

gcleaner onlylogger discovery loader

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

aebf139b7872db35a814631c6edd15ad_JaffaCakes118.exe

Resource

win10v2004-20241007-en

gcleaner onlylogger discovery loader

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

gcleaner

C2

gc-prtnrs.top

gcc-prtnrs.top

Targets

- Target
  
  aebf139b7872db35a814631c6edd15ad_JaffaCakes118
- Size
  
  251KB
- MD5
  
  aebf139b7872db35a814631c6edd15ad
- SHA1
  
  6b877f1b77945405a5fb6e0280cf8bcd6164de0e
- SHA256
  
  f79d78fc34936f3fade6e3fdc0c60a632cf3c4399bcdb72fca91d7a96edc4971
- SHA512
  
  f8cacb425a440341b5e74a2f0799579597b1f609d2550183178625f8de3b8edacb3e665f7987f1dba6341634874065aa8a2a59f0e5c8d0b35f80a06ac8284ef5
- SSDEEP
  
  6144:MJLWAmTu9YBu5KOyLwzaASd6UrRgoxJgTBI:MJqAV2BuFyLwlGRxYT
Score

10^/10

gcleaner onlylogger discovery loader
- GCleaner
  GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.
  loader gcleaner
- Gcleaner family
  gcleaner
- OnlyLogger
  A tiny loader that uses IPLogger to get its payload.
  loader onlylogger
- Onlylogger family
  onlylogger
- OnlyLogger payload
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gcleaneronlyloggerdiscoveryloader

behavioral2

gcleaneronlyloggerdiscoveryloader

© 2018-2025

Terms | Privacy