Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
JaffaCakes118_c6bc7c434fe8b83b3de3c7ca08118cc2
-
Size
424KB
-
Sample
250109-nb3vwazram
-
MD5
c6bc7c434fe8b83b3de3c7ca08118cc2
-
SHA1
54b15634573558745e4c2d91ac6c0d6a271c1b1c
-
SHA256
6b057b128b1429ba9438f1101fd00d68171940538d47fe959831a8cc97165c67
-
SHA512
50f3f8ddfc06286acb332d7ac88ef4923d9247df889126508cb2fcee9e6b3e38a8b97822d91f4d52ed783d3282fb2da28f0c2a7882299e02d3659c8bcccefd75
-
SSDEEP
6144:RhICu62ubK3N4MA5YYY6YYSUsSlXkjYQAZwFjefjjEtdUsL3r:miTuisSFkjYQA2FEjEtd
Malware Config
Extracted
gcleaner
ggg-cl.biz
45.9.20.13
Targets
-
-
Target
JaffaCakes118_c6bc7c434fe8b83b3de3c7ca08118cc2
-
Size
424KB
-
MD5
c6bc7c434fe8b83b3de3c7ca08118cc2
-
SHA1
54b15634573558745e4c2d91ac6c0d6a271c1b1c
-
SHA256
6b057b128b1429ba9438f1101fd00d68171940538d47fe959831a8cc97165c67
-
SHA512
50f3f8ddfc06286acb332d7ac88ef4923d9247df889126508cb2fcee9e6b3e38a8b97822d91f4d52ed783d3282fb2da28f0c2a7882299e02d3659c8bcccefd75
-
SSDEEP
6144:RhICu62ubK3N4MA5YYY6YYSUsSlXkjYQAZwFjefjjEtdUsL3r:miTuisSFkjYQA2FEjEtd
Score10/10-
GCleaner
GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.
-
Gcleaner family
-
OnlyLogger
A tiny loader that uses IPLogger to get its payload.
-
Onlylogger family
-
OnlyLogger payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-