gcleaner | 845641edc3a511126a17a1f0b733232a8f9752bde7a0b8190dffa3e387251456 | Triage

Submit
Reports

Overview

overview

Static

static

3

ff5d698fad...18.exe

windows7-x64

ff5d698fad...18.exe

windows10-2004-x64

Sharing

General

Target

ff5d698fad039b90eec648304353d037_JaffaCakes118
Size

384KB
Sample

241219-lp4yzszlal
MD5

ff5d698fad039b90eec648304353d037
SHA1

3370709a2a74e0e33163391751fdce1b81c365dd
SHA256

845641edc3a511126a17a1f0b733232a8f9752bde7a0b8190dffa3e387251456
SHA512

6b78ea59bbc37fcd66557287e91cf06dbc21794eb41626a6248306c06cfa441a313ce2a9af811744e2c65e81eef563a24baaba04650dcee2ff54f42671b5c4b3
SSDEEP

6144:jclHzEKDMiOiXTteyPYzdRTNHdLYGvRDQMhLns5LiNLnRq:QT/3OiXTteyERTNqYJVscNt

Score

10^/10

gcleaner onlylogger discovery loader

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ff5d698fad039b90eec648304353d037_JaffaCakes118.exe

Resource

win7-20240903-en

gcleaner onlylogger discovery loader

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

ff5d698fad039b90eec648304353d037_JaffaCakes118.exe

Resource

win10v2004-20241007-en

gcleaner onlylogger discovery loader

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

gcleaner

C2

gc-prtnrs.top

gcc-prtnrs.top

Targets

- Target
  
  ff5d698fad039b90eec648304353d037_JaffaCakes118
- Size
  
  384KB
- MD5
  
  ff5d698fad039b90eec648304353d037
- SHA1
  
  3370709a2a74e0e33163391751fdce1b81c365dd
- SHA256
  
  845641edc3a511126a17a1f0b733232a8f9752bde7a0b8190dffa3e387251456
- SHA512
  
  6b78ea59bbc37fcd66557287e91cf06dbc21794eb41626a6248306c06cfa441a313ce2a9af811744e2c65e81eef563a24baaba04650dcee2ff54f42671b5c4b3
- SSDEEP
  
  6144:jclHzEKDMiOiXTteyPYzdRTNHdLYGvRDQMhLns5LiNLnRq:QT/3OiXTteyERTNqYJVscNt
Score

10^/10

gcleaner onlylogger discovery loader
- GCleaner
  GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.
  loader gcleaner
- Gcleaner family
  gcleaner
- OnlyLogger
  A tiny loader that uses IPLogger to get its payload.
  loader onlylogger
- Onlylogger family
  onlylogger
- OnlyLogger payload
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gcleaneronlyloggerdiscoveryloader

behavioral2

gcleaneronlyloggerdiscoveryloader

© 2018-2024

Terms | Privacy