gcleaner | 324-2118-0x0000000000400000-0x0000000000C65000-memory[.]dmp | Triage

Sharing

General

Target

324-2118-0x0000000000400000-0x0000000000C65000-memory.dmp
Size

8.4MB
MD5

ff153380423e946aff59b64d9da72bf1
SHA1

5ecf75a28793a4658d72850c1017cb5717f56e61
SHA256

d54e0632360f9e7200508fa66a7a27a97dbccdb23c9bcabe15ad64540a4f62ef
SHA512

68650ca6fb589619724c77780090c8ba88784261c7cd91d4b393c2510c31951a9f88d19f6780eccab76ad7133a79534c126a52fbd357559146b33f6f8a2756e3
SSDEEP

98304:vjilXy7kk1vrvTLP3KaS1OvvRjwOtnbZ0lnB:agLTLP3KJ1avJtVeB

Score

10^/10

gcleaner

Malware Config

Signatures

Gcleaner family
gcleaner

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
324-2118-0x0000000000400000-0x0000000000C65000-memory.dmp

Files

324-2118-0x0000000000400000-0x0000000000C65000-memory.dmp
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ