Overview

overview

10

Static

static

3

276761d421...ee.exe

windows7-x64

10

276761d421...ee.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    276761d421cffa2e2d69fed6f556707dfbd7ebcdc967a37bc33095328d7323ee.exe

  • Size

    1.7MB

  • Sample

    250112-xm3hxsvka1

  • MD5

    0c1090cab6d4a1562a52eb9c7cef855e

  • SHA1

    a1c264e77c5646f7ecab4e83324ab14d23222a0a

  • SHA256

    276761d421cffa2e2d69fed6f556707dfbd7ebcdc967a37bc33095328d7323ee

  • SHA512

    79cf1058483c0b281b6b8d4a05558172b7b617708675aade539dd867e1caf2d97417bad0ca9401bf83c6ba69ebc1bf59dac9e69b05ac941404dbea258cb994f5

  • SSDEEP

    49152:Z2u3AV81h8tsLiYNZ7i6S5M2MRDiYBtA5ha:MHCsYKdK2MRsDa

Score
10/10
gcleanerdiscoveryloader

Malware Config

Extracted

Family

gcleaner

C2

45.139.105.39

37.139.129.24

45.139.105.66

45.139.105.188
Attributes
  • url_path

    /get.php

    /setup.php

    /setup.php

Targets

    • Target

      276761d421cffa2e2d69fed6f556707dfbd7ebcdc967a37bc33095328d7323ee.exe

    • Size

      1.7MB

    • MD5

      0c1090cab6d4a1562a52eb9c7cef855e

    • SHA1

      a1c264e77c5646f7ecab4e83324ab14d23222a0a

    • SHA256

      276761d421cffa2e2d69fed6f556707dfbd7ebcdc967a37bc33095328d7323ee

    • SHA512

      79cf1058483c0b281b6b8d4a05558172b7b617708675aade539dd867e1caf2d97417bad0ca9401bf83c6ba69ebc1bf59dac9e69b05ac941404dbea258cb994f5

    • SSDEEP

      49152:Z2u3AV81h8tsLiYNZ7i6S5M2MRDiYBtA5ha:MHCsYKdK2MRsDa

    Score
    10/10
    gcleanerdiscoveryloader

    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

      loadergcleaner

    • Gcleaner family

      gcleaner

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks