gcleaner | f519ea0d39a931a45080d38a92be52d00b404c765da37a3f3c881fe5cf8c671a | Triage

Submit
Reports

Overview

overview

Static

static

3

JaffaCakes...95.exe

windows7-x64

JaffaCakes...95.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_58d5bf32259ea9ddae6d6e80dc92d795
Size

309KB
Sample

250107-kkr8ystjex
MD5

58d5bf32259ea9ddae6d6e80dc92d795
SHA1

7ec0c11fdc7363998c72de7997324196c8dba1d4
SHA256

f519ea0d39a931a45080d38a92be52d00b404c765da37a3f3c881fe5cf8c671a
SHA512

02208107f5c5eca99aee098cec391c4dda8531023987dc61b013314041ab72675c4b4c6be81cf375302a60d3384b018e5073cde0491bd2883a597ed26d937355
SSDEEP

6144:Za30xb98+cMz7h9QtI6xDISpTrDC8dWZtjeJIADG8el:Zi0xR8+PDCI8PgjKxD

Score

10^/10

gcleaner onlylogger discovery loader

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_58d5bf32259ea9ddae6d6e80dc92d795.exe

Resource

win7-20241010-en

gcleaner onlylogger discovery loader

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_58d5bf32259ea9ddae6d6e80dc92d795.exe

Resource

win10v2004-20241007-en

gcleaner onlylogger discovery loader

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

gcleaner

C2

gcl-gb.biz

45.9.20.13

Targets

- Target
  
  JaffaCakes118_58d5bf32259ea9ddae6d6e80dc92d795
- Size
  
  309KB
- MD5
  
  58d5bf32259ea9ddae6d6e80dc92d795
- SHA1
  
  7ec0c11fdc7363998c72de7997324196c8dba1d4
- SHA256
  
  f519ea0d39a931a45080d38a92be52d00b404c765da37a3f3c881fe5cf8c671a
- SHA512
  
  02208107f5c5eca99aee098cec391c4dda8531023987dc61b013314041ab72675c4b4c6be81cf375302a60d3384b018e5073cde0491bd2883a597ed26d937355
- SSDEEP
  
  6144:Za30xb98+cMz7h9QtI6xDISpTrDC8dWZtjeJIADG8el:Zi0xR8+PDCI8PgjKxD
Score

10^/10

gcleaner onlylogger discovery loader
- GCleaner
  GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.
  loader gcleaner
- Gcleaner family
  gcleaner
- OnlyLogger
  A tiny loader that uses IPLogger to get its payload.
  loader onlylogger
- Onlylogger family
  onlylogger
- OnlyLogger payload
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gcleaneronlyloggerdiscoveryloader

behavioral2

gcleaneronlyloggerdiscoveryloader

© 2018-2025

Terms | Privacy