Overview

overview

10

Static

static

3

b58e7960e3...aa.exe

windows7-x64

10

b58e7960e3...aa.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b58e7960e34921d61b87169ed3465b816145d06f04ab42723688bf12e3201faa

  • Size

    270KB

  • Sample

    241205-cdkxasykam

  • MD5

    07288e5e03cd70d0ac2cc306bc45083c

  • SHA1

    610dd36a7ac135f6a7b130bbe5a8a0f65dfb3475

  • SHA256

    b58e7960e34921d61b87169ed3465b816145d06f04ab42723688bf12e3201faa

  • SHA512

    a15bf038508474fd987390feae4afe4eacb5cb71086535f3ba0ae9c196d6fc53ef848c53ff7da817754adcffa3218ef62a178c8ea36991138a9eb28552407340

  • SSDEEP

    3072:J2CMdPt9W8LTxXLJBOf8wm2xxDOmRkgx8NYg+5DkD+IqgUJX07GAC0G4rVwx6C+F:0dl99LTxXTe8wtxkSkYgFvqryPfV+4

Score
10/10
gcleanerdiscoveryloader

Malware Config

Extracted

Family

gcleaner

C2

45.12.253.56

45.12.253.72

45.12.253.98

45.12.253.75

Targets

    • Target

      b58e7960e34921d61b87169ed3465b816145d06f04ab42723688bf12e3201faa

    • Size

      270KB

    • MD5

      07288e5e03cd70d0ac2cc306bc45083c

    • SHA1

      610dd36a7ac135f6a7b130bbe5a8a0f65dfb3475

    • SHA256

      b58e7960e34921d61b87169ed3465b816145d06f04ab42723688bf12e3201faa

    • SHA512

      a15bf038508474fd987390feae4afe4eacb5cb71086535f3ba0ae9c196d6fc53ef848c53ff7da817754adcffa3218ef62a178c8ea36991138a9eb28552407340

    • SSDEEP

      3072:J2CMdPt9W8LTxXLJBOf8wm2xxDOmRkgx8NYg+5DkD+IqgUJX07GAC0G4rVwx6C+F:0dl99LTxXTe8wtxkSkYgFvqryPfV+4

    Score
    10/10
    gcleanerdiscoveryloader

    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

      loadergcleaner

    • Gcleaner family

      gcleaner

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks