Overview

overview

10

Static

static

3

66da2fce1b...36.exe

windows7-x64

10

66da2fce1b...36.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_d19a0b4f78aa97f1c6a59df8759630b33714efce7a436b5327a7ca08c2cbb64b

  • Size

    2.4MB

  • Sample

    241223-vaej8avng1

  • MD5

    a38ced83aff0fd4a0444b41852b40eca

  • SHA1

    ba89782daef802bd9b617ffed28d442fab22de03

  • SHA256

    d19a0b4f78aa97f1c6a59df8759630b33714efce7a436b5327a7ca08c2cbb64b

  • SHA512

    e54da521cc3d77029998d41ec94dff37e8838b0b26908e90b8ffd2d5d8f14467e347f96a7a8153bb26a0c21328573e64fbe976cb6ae050b7a6466437c27c7cb1

  • SSDEEP

    49152:XbBIPseIpz20cz/pSu1WElxNLgAbnK1xjXF6cbe7+I1P1/y5hN:Xb6PHIpz20cz/Z/HLgA27lbeKI1wDN

Score
10/10
gcleanerdiscoveryloader

Malware Config

Extracted

Family

gcleaner

C2

45.139.105.171

85.31.46.167

107.182.129.235

171.22.30.106

Targets

    • Target

      66da2fce1b9eb472cf52d47a3ed5d5ccf8fb1bd15b9b6dc809ac6a913a6f4c36

    • Size

      2.5MB

    • MD5

      610c2597ef8c38dd051382291134cec5

    • SHA1

      30f8795164de19201eb3f9334ebf05261587a038

    • SHA256

      66da2fce1b9eb472cf52d47a3ed5d5ccf8fb1bd15b9b6dc809ac6a913a6f4c36

    • SHA512

      cfb1a782e2f17babbbd4f3205a31b9a74758abab7120f4015bbd4d3154a58b1c9ce67048d9c99ea6bf2db1a0c591ec4ed9a513868fed45370546f1014e0b6792

    • SSDEEP

      49152:Z2G9By3esCTp2WInd7SU1WM5x9L+AZ7KxTRn76K5e7mANjNRA5hq:MG943xCTp2WIndPHzL+AsNf5eaANgDq

    Score
    10/10
    gcleanerdiscoveryloader

    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

      loadergcleaner

    • Gcleaner family

      gcleaner

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks