gcleaner | 498584bb8da1a6c914fa04842a1f43b0669b6f5290d6a5fc7057d65bf4001785 | Triage

Submit
Reports

Overview

overview

Static

static

3

JaffaCakes...c0.exe

windows7-x64

JaffaCakes...c0.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_a4f8229f67112de642ba3f6b151914c0
Size

389KB
Sample

250108-rz3rkawmhk
MD5

a4f8229f67112de642ba3f6b151914c0
SHA1

857e1f127e7f0935c3507f3f1655426a8ce58366
SHA256

498584bb8da1a6c914fa04842a1f43b0669b6f5290d6a5fc7057d65bf4001785
SHA512

f6570e7b9de8d0b8eb9c4aaaff8cfe9ed46befede9a42addefeb64b1376a9233f956efe0f8dcf58f03eb9b6b8870c2eccb8243b303c11f108c929b5fdfccb2cc
SSDEEP

6144:y//ZuTghDBChyQ33dHFjjStR2E7ATe9SQxed6SXWLLT50SmIxQf21TVw:WhPRQ33dln0R2xaJsddXWLLtPxQu1

Score

10^/10

gcleaner onlylogger discovery loader

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_a4f8229f67112de642ba3f6b151914c0.exe

Resource

win7-20240903-en

gcleaner onlylogger discovery loader

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_a4f8229f67112de642ba3f6b151914c0.exe

Resource

win10v2004-20241007-en

gcleaner onlylogger discovery loader

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

gcleaner

C2

gcl-gb.biz

45.9.20.13

Targets

- Target
  
  JaffaCakes118_a4f8229f67112de642ba3f6b151914c0
- Size
  
  389KB
- MD5
  
  a4f8229f67112de642ba3f6b151914c0
- SHA1
  
  857e1f127e7f0935c3507f3f1655426a8ce58366
- SHA256
  
  498584bb8da1a6c914fa04842a1f43b0669b6f5290d6a5fc7057d65bf4001785
- SHA512
  
  f6570e7b9de8d0b8eb9c4aaaff8cfe9ed46befede9a42addefeb64b1376a9233f956efe0f8dcf58f03eb9b6b8870c2eccb8243b303c11f108c929b5fdfccb2cc
- SSDEEP
  
  6144:y//ZuTghDBChyQ33dHFjjStR2E7ATe9SQxed6SXWLLT50SmIxQf21TVw:WhPRQ33dln0R2xaJsddXWLLtPxQu1
Score

10^/10

gcleaner onlylogger discovery loader
- GCleaner
  GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.
  loader gcleaner
- Gcleaner family
  gcleaner
- OnlyLogger
  A tiny loader that uses IPLogger to get its payload.
  loader onlylogger
- Onlylogger family
  onlylogger
- OnlyLogger payload
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gcleaneronlyloggerdiscoveryloader

behavioral2

gcleaneronlyloggerdiscoveryloader

© 2018-2025

Terms | Privacy