Extracted

• • Target

    JaffaCakes118_6c8687d57b149be4e5575afa1794f283

  • Size

    409KB

  • MD5

    6c8687d57b149be4e5575afa1794f283

  • SHA1

    a228c867b0ceacbb75ab44ec45dae68c081c4df1

  • SHA256

    f873c1a418170113f79e3356c5b8285beab0cc44428c1887194c268615ff19d3

  • SHA512

    d599b32d0dc7bb625f07973097f85db1ef25afa0e919008095a3cb395d5cf8c8480e8f3b5450719f0a497a772ad8ad7bd012297d97ba989ec6c01141fbac221b

  • SSDEEP

    12288:KN+bBm5x8WjedFR/X7dNXvaXanqLNL8N5c:Kj5xzjeN/X7dNEanQ

  Score

  10^/10

  gcleaneronlyloggerdiscoveryloader

  • GCleaner

    GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

    loadergcleaner

  • Gcleaner family

    gcleaner

  • OnlyLogger

    A tiny loader that uses IPLogger to get its payload.

    loaderonlylogger

  • Onlylogger family

    onlylogger

  • OnlyLogger payload

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Deletes itself

  behavioral1behavioral2