Extracted

• • Target

    JaffaCakes118_660f957f13470d2f9c34713c192920b2

  • Size

    434KB

  • MD5

    660f957f13470d2f9c34713c192920b2

  • SHA1

    07998033267d6a0c8cc6a562c78d9caadaafa918

  • SHA256

    3d3747aa4e6eb4782c1ae5bcb22b736cce54a41a810cd571f9b7eaa34896e9dd

  • SHA512

    7c09911d02ad0d8e05615b80cf228c186b319177beea26e899d5e054f2f35c42187f37b7a5a3d567e3663505aae39f1de274b3be86b1ccf22df2df168ac162cd

  • SSDEEP

    12288:sAo36NmWywy2hqZkuR2eNNhcXwxI7kYEKJFw:sDimTZHcwe7kDqFw

  Score

  10^/10

  gcleaneronlyloggerdiscoveryloader

  • GCleaner

    GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

    loadergcleaner

  • Gcleaner family

    gcleaner

  • OnlyLogger

    A tiny loader that uses IPLogger to get its payload.

    loaderonlylogger

  • Onlylogger family

    onlylogger

  • OnlyLogger payload

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Deletes itself

  behavioral1behavioral2