gcleaner | 7a256b038122ef5ea5a47314154b3ba2b19d9cdfaaa07ab1da92e89836cdc1ed | Triage

Sharing

General

Target

JaffaCakes118_7a256b038122ef5ea5a47314154b3ba2b19d9cdfaaa07ab1da92e89836cdc1ed
Size

203KB
Sample

241225-cqfhcavkem
MD5

c7db2459e9e29769937ea9a6c38cd862
SHA1

6c41802f97d401abf048e1032b2609e35c67b14b
SHA256

7a256b038122ef5ea5a47314154b3ba2b19d9cdfaaa07ab1da92e89836cdc1ed
SHA512

f8f556added74fefbcbcd0dd29110115d686f321a6078f1477cc4854297f97f9e7c2767a623b5db2ec2ba0cdcf58738d825bdf6a9282628005980e905ce75fd5
SSDEEP

6144:yO0EEVz3z7uQjeBEdeLAIAV5dwc9HhA0I5vSH3vaiGqZYIPj:yOoz3DjeBkeuwqHaSMQ

Score

10^/10

gcleaner discovery loader

Malware Config

Extracted

Family

gcleaner

C2

208.67.104.97

85.31.46.167

107.182.129.235

171.22.30.106

Targets

- Target
  
  afa3a368d1fb18c5dc814a473f8d4e403d5ba0054c883d7327ee938ba42a81c5
- Size
  
  369KB
- MD5
  
  9769372a8322c24f7047364f6305eaff
- SHA1
  
  1a8d10e005b5a45e1f7678a890e95cdd436daf2e
- SHA256
  
  afa3a368d1fb18c5dc814a473f8d4e403d5ba0054c883d7327ee938ba42a81c5
- SHA512
  
  d403c8d3ebf47f0693f4cc94c6d724c75f972b07a77351aabace6d7142078e9586fb1790c6253557ac95a721d6be8617a9ecb8e8b94d0b70d95674c22b4c07b7
- SSDEEP
  
  6144:lGnluiET3z7uQjeBEdeBAIAV5Pwc9XhA0b7ttttbz:lGluiET3DjeBkegwqX
Score

10^/10

gcleaner discovery loader
- GCleaner
  GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.
  loader gcleaner
- Gcleaner family
  gcleaner
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gcleanerdiscoveryloader

behavioral2

gcleanerdiscoveryloader