Extracted

• • Target

    JaffaCakes118_5144211e10e4f1d9d37f2d4db73a4905

  • Size

    434KB

  • MD5

    5144211e10e4f1d9d37f2d4db73a4905

  • SHA1

    1eb0bbefb50adbd8e715ba489f29ebd1a2bff26e

  • SHA256

    f86e0b6a25979857689621f97e1e5f922184951e3461738869756b0228552e5a

  • SHA512

    84d5d8af932d2e82ad774593fd931cd58fa39c33aca29fae590da1ea02442d7f29ce4cc45000fc4b3532f1981977b58a7a755b07a87bd74389857f568992e46a

  • SSDEEP

    12288:zzI8cv58+wGnt8MWn03argrhMqoI8brrCP1buwr:zkHhWGntq0XD8vrCNiG

  Score

  10^/10

  gcleaneronlyloggerdiscoveryloader

  • GCleaner

    GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

    loadergcleaner

  • Gcleaner family

    gcleaner

  • OnlyLogger

    A tiny loader that uses IPLogger to get its payload.

    loaderonlylogger

  • Onlylogger family

    onlylogger

  • OnlyLogger payload

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Deletes itself

  behavioral1behavioral2