General
-
Target
JaffaCakes118_57adc8f2d8b412478bbe12f650d204d9
-
Size
324KB
-
Sample
250101-q7sqwszldn
-
MD5
57adc8f2d8b412478bbe12f650d204d9
-
SHA1
68e44600199d09d089b0d1578877baa1c4328ad3
-
SHA256
75ebc3327a9adb4a9a7a78dbe0927c25d53a7e8a3cfd2fead2580e7dcbea44a4
-
SHA512
65899b1cf4d8a9efcbce235c89b668d4c75fee3315ac293815e54eb6bb657d6ba51422df7d37f479d3c710791c55e6f441b0f5593b6828e89b3752f61eba0d78
-
SSDEEP
6144:IIUQFwFFglbbdDFnQk5LoFfGl6G9hCaY7B/:MawolbbxFQAh70
Malware Config
Extracted
gcleaner
ggg-cl.biz
45.9.20.13
Targets
-
-
Target
JaffaCakes118_57adc8f2d8b412478bbe12f650d204d9
-
Size
324KB
-
MD5
57adc8f2d8b412478bbe12f650d204d9
-
SHA1
68e44600199d09d089b0d1578877baa1c4328ad3
-
SHA256
75ebc3327a9adb4a9a7a78dbe0927c25d53a7e8a3cfd2fead2580e7dcbea44a4
-
SHA512
65899b1cf4d8a9efcbce235c89b668d4c75fee3315ac293815e54eb6bb657d6ba51422df7d37f479d3c710791c55e6f441b0f5593b6828e89b3752f61eba0d78
-
SSDEEP
6144:IIUQFwFFglbbdDFnQk5LoFfGl6G9hCaY7B/:MawolbbxFQAh70
Score10/10-
GCleaner
GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.
-
Gcleaner family
-
OnlyLogger
A tiny loader that uses IPLogger to get its payload.
-
Onlylogger family
-
OnlyLogger payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-