gcleaner | 760411256946417a3c6c312e90aa7b0413ccc222c3e71b28664cfc1dc9473cb5 | Triage

Sharing

General

Target

760411256946417a3c6c312e90aa7b0413ccc222c3e71b28664cfc1dc9473cb5.exe
Size

293KB
Sample

241207-dcgc6asjhv
MD5

cca908b0a2ebb3f46942751b34a0842c
SHA1

1bed03fb395eaa50d749d25a5bd56ad518834f84
SHA256

760411256946417a3c6c312e90aa7b0413ccc222c3e71b28664cfc1dc9473cb5
SHA512

b4c2a22e7c7a969a6d3245d25ddff362821b31adf5c8590e6eb13b6cccb841d3b3661e74047262afcef15b95684f85e1cc7ecda4b226ae8544d8de91604dca06
SSDEEP

6144:FPkIFgRpxRjUvTqYP7Ot8ulOoIY265q6:mrRqN66SF2qH

Score

10^/10

gcleaner discovery loader

Malware Config

Extracted

Family

gcleaner

C2

92.63.197.221

45.91.200.135

Targets

- Target
  
  760411256946417a3c6c312e90aa7b0413ccc222c3e71b28664cfc1dc9473cb5.exe
- Size
  
  293KB
- MD5
  
  cca908b0a2ebb3f46942751b34a0842c
- SHA1
  
  1bed03fb395eaa50d749d25a5bd56ad518834f84
- SHA256
  
  760411256946417a3c6c312e90aa7b0413ccc222c3e71b28664cfc1dc9473cb5
- SHA512
  
  b4c2a22e7c7a969a6d3245d25ddff362821b31adf5c8590e6eb13b6cccb841d3b3661e74047262afcef15b95684f85e1cc7ecda4b226ae8544d8de91604dca06
- SSDEEP
  
  6144:FPkIFgRpxRjUvTqYP7Ot8ulOoIY265q6:mrRqN66SF2qH
Score

10^/10

gcleaner discovery loader
- GCleaner
  GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.
  loader gcleaner
- Gcleaner family
  gcleaner
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gcleanerdiscoveryloader

behavioral2

gcleanerdiscoveryloader