gcleaner | b99685ee4f76d4468caf8b535188252e1ad75e7ab34f80867cd231f32117c350 | Triage

Sharing

General

Target

JaffaCakes118_b99685ee4f76d4468caf8b535188252e1ad75e7ab34f80867cd231f32117c350
Size

203KB
Sample

241221-3gh5zstqcj
MD5

8a6c3c8e078c89d7e311ed5893ed7e91
SHA1

ef5a2f443cbe7ce912197f3435b77fbf05f42606
SHA256

b99685ee4f76d4468caf8b535188252e1ad75e7ab34f80867cd231f32117c350
SHA512

cbb2ede0f697f0b4dfa75797f220c43d2a24148ec9c4642f8c2def88cc0dbb0bc19874e174c03b029106ed7db7f576d65ec357c869e8d38808b362f4ce049509
SSDEEP

6144:4OgIAgmQvmUWAM3Kis7VUbLnEsWgEGRkNFELJ8GE:HAgm4YhG7q/nEsW/NFwhE

Score

10^/10

gcleaner discovery loader

Malware Config

Extracted

Family

gcleaner

C2

208.67.104.97

85.31.46.167

107.182.129.235

171.22.30.106

Targets

- Target
  
  8ed5129e332f2e816c536462fe70a15c7846eba0a198f511547bdc97b7f4bd29
- Size
  
  369KB
- MD5
  
  74911e84a00d3b9894e474ac517dc104
- SHA1
  
  d72b6228bb3fc2361a5d5c3b58a0e99b51116fee
- SHA256
  
  8ed5129e332f2e816c536462fe70a15c7846eba0a198f511547bdc97b7f4bd29
- SHA512
  
  e5044a26d72b81e4146ba889540114722c6210015bc1f3aa03881ec629b69c88cab1f664c4cd9e8d030bfb52fd4527c81d7d0503cdc93e7362a87776f0eb5322
- SSDEEP
  
  6144:WILQs/6vmUWAMVKis7LUbrnEsWgEGlnlseu:WIksGYh07QnnEsWT
Score

10^/10

gcleaner discovery loader
- GCleaner
  GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.
  loader gcleaner
- Gcleaner family
  gcleaner
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gcleanerdiscoveryloader

behavioral2

gcleanerdiscoveryloader