gcleaner | 322e2172b60d694797e91a98109d97e2b167953bb82f8f0b007b159351f8350e | Triage

Submit
Reports

Overview

overview

Static

static

3

f62b83e691...18.exe

windows7-x64

f62b83e691...18.exe

windows10-2004-x64

Sharing

General

Target

f62b83e691c6723990cadfd22d20cb68_JaffaCakes118
Size

284KB
Sample

241215-28e2zatlhr
MD5

f62b83e691c6723990cadfd22d20cb68
SHA1

5bb867da154f957ae4f0f59cc7df348210438762
SHA256

322e2172b60d694797e91a98109d97e2b167953bb82f8f0b007b159351f8350e
SHA512

28bcf94a1b24954ee8af2516dd6e27f40a1810b613f4a6ff42e5c5c123ebf99825af12f12b89f0fc73edc6d0af75a283ae60e27d9a4c44001d17c3af9bfe2c38
SSDEEP

6144:tYvav4ebMYAZdqV4893oh/zTrRgxhzjTwa/RxJg:tEav0IV48FohrR0TY

Score

10^/10

gcleaner onlylogger discovery loader

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

f62b83e691c6723990cadfd22d20cb68_JaffaCakes118.exe

Resource

win7-20240729-en

gcleaner onlylogger discovery loader

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

f62b83e691c6723990cadfd22d20cb68_JaffaCakes118.exe

Resource

win10v2004-20241007-en

gcleaner onlylogger discovery loader

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

gcleaner

C2

gc-prtnrs.top

gcc-prtnrs.top

Targets

- Target
  
  f62b83e691c6723990cadfd22d20cb68_JaffaCakes118
- Size
  
  284KB
- MD5
  
  f62b83e691c6723990cadfd22d20cb68
- SHA1
  
  5bb867da154f957ae4f0f59cc7df348210438762
- SHA256
  
  322e2172b60d694797e91a98109d97e2b167953bb82f8f0b007b159351f8350e
- SHA512
  
  28bcf94a1b24954ee8af2516dd6e27f40a1810b613f4a6ff42e5c5c123ebf99825af12f12b89f0fc73edc6d0af75a283ae60e27d9a4c44001d17c3af9bfe2c38
- SSDEEP
  
  6144:tYvav4ebMYAZdqV4893oh/zTrRgxhzjTwa/RxJg:tEav0IV48FohrR0TY
Score

10^/10

gcleaner onlylogger discovery loader
- GCleaner
  GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.
  loader gcleaner
- Gcleaner family
  gcleaner
- OnlyLogger
  A tiny loader that uses IPLogger to get its payload.
  loader onlylogger
- Onlylogger family
  onlylogger
- OnlyLogger payload
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gcleaneronlyloggerdiscoveryloader

behavioral2

gcleaneronlyloggerdiscoveryloader

© 2018-2024

Terms | Privacy