Extracted

• • Target

    JaffaCakes118_4d255e96e5056f2c899884babcc55691

  • Size

    434KB

  • MD5

    4d255e96e5056f2c899884babcc55691

  • SHA1

    44caeb1df6288c94081b805ee17f66db34dc7834

  • SHA256

    e7678a0537796c6199bbc7fc5c143b475280564558250df218d62012c3b98506

  • SHA512

    ad2cebd784a525d3fe2e3523c4f3d2ab793da84811a41b08aae99141d9c53f545b180d36f05647ddef04bba200b6a0fc917e481913f3b2b0162c136ec8355c44

  • SSDEEP

    12288:GeSy7hLlys4W40FVHGZyrqXNqvgWw1Y90fuzO:GkpMs4WnFQgNwC90G6

  Score

  10^/10

  gcleaneronlyloggerdiscoveryloader

  • GCleaner

    GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

    loadergcleaner

  • Gcleaner family

    gcleaner

  • OnlyLogger

    A tiny loader that uses IPLogger to get its payload.

    loaderonlylogger

  • Onlylogger family

    onlylogger

  • OnlyLogger payload

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Deletes itself

  behavioral1behavioral2