General

  • Target

    020d370b51711b0814901d7cc32d8251affcc3506b9b4c15db659f3dbb6a2e6b

  • Size

    324KB

  • MD5

    6afa886e95cdd9d78047f17fd0ab6b45

  • SHA1

    247324c3c7672965f57446f18b5b77a5567e19ab

  • SHA256

    020d370b51711b0814901d7cc32d8251affcc3506b9b4c15db659f3dbb6a2e6b

  • SHA512

    cb1b3f7021881d6fd4f85a8b9a223903554f40e0908fed55a8b9c725dfddc319fc382d5219f403b537464559d4feb74c968bb48c156da813c67c9206b4c19bc5

  • SSDEEP

    6144:msYSsp5yL23j0Tj4M6aW4I7NMk5B8k3qX/SCm63P84AO8X3ESqAguOSfmiChsmG:msYSsp5R3j0Tj4XaW4I7NM0B9a0SyxLp

Score
10/10

Malware Config

Extracted

Family

gcleaner

C2

45.12.253.56

45.12.253.72

45.12.253.98

45.12.253.75

Attributes
  • url_path

    /default/puk.php

Signatures

  • Gcleaner family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 020d370b51711b0814901d7cc32d8251affcc3506b9b4c15db659f3dbb6a2e6b
    .exe windows:6 windows x86 arch:x86

    01e28360e3d419170740bd05c96866de


    Headers

    Imports

    Sections