gcleaner | 8f799e6a978d4f3d5f8fa0a8b949f5b99985d0a5f9af99ad4f3f92f39c33d3d9 | Triage

Sharing

General

Target

JaffaCakes118_8f799e6a978d4f3d5f8fa0a8b949f5b99985d0a5f9af99ad4f3f92f39c33d3d9
Size

1.6MB
Sample

241224-xhyn6svjek
MD5

5033ac01c2d049f7ca297753728db3e5
SHA1

7f60fb372450da13fac7f7d0536e5c5e5522f553
SHA256

8f799e6a978d4f3d5f8fa0a8b949f5b99985d0a5f9af99ad4f3f92f39c33d3d9
SHA512

4e4930d9fd5f00978f476663de2b532091f07746df1b1371cfe4bcec86444953295c3a9761a2b38032df097dc4538f834807e6815a917ec423e48a41e8cfc709
SSDEEP

12288:Udt56ehi/H9SDomjDBvMYojCmDu7Jig2:ciXLDS2

Score

10^/10

gcleaner

Malware Config

Extracted

Family

gcleaner

C2

208.67.104.97

85.31.46.167

Attributes

url_path
....!..../software.php

....!..../software.php

Targets

- Target
  
  JaffaCakes118_8f799e6a978d4f3d5f8fa0a8b949f5b99985d0a5f9af99ad4f3f92f39c33d3d9
- Size
  
  1.6MB
- MD5
  
  5033ac01c2d049f7ca297753728db3e5
- SHA1
  
  7f60fb372450da13fac7f7d0536e5c5e5522f553
- SHA256
  
  8f799e6a978d4f3d5f8fa0a8b949f5b99985d0a5f9af99ad4f3f92f39c33d3d9
- SHA512
  
  4e4930d9fd5f00978f476663de2b532091f07746df1b1371cfe4bcec86444953295c3a9761a2b38032df097dc4538f834807e6815a917ec423e48a41e8cfc709
- SSDEEP
  
  12288:Udt56ehi/H9SDomjDBvMYojCmDu7Jig2:ciXLDS2
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2