gcleaner | 5c35f6f5ff30cb9d91b1bdebabe346708b1b0b9a0dafa4b2eab9ae135a326d80 | Triage

Sharing

General

Target

1956-6-0x0000000000400000-0x0000000000C67000-memory.dmp
Size

8.4MB
Sample

250209-ppe7ea1kdz
MD5

e9708f75fb9682aa0c8988bd3a77181a
SHA1

7b2ec62798c98f27630c597d2a9ac1cf43338c8d
SHA256

5c35f6f5ff30cb9d91b1bdebabe346708b1b0b9a0dafa4b2eab9ae135a326d80
SHA512

ffac30ad7022ad334aaa28bbd9f10b9f2e9673a610fa99c21ea3de336368216b1fc5c32bd4f063785110fb2ca7b6fcafc03e0807c52c9d4a57a4af7189b73ac6
SSDEEP

98304:mcf3O+4IiYUJSQqjO2FjCvpmuWUvl23ZzL58Xlr+:h3OJrxmuWOlcnwd+

Score

10^/10

gcleaner discovery

Malware Config

Extracted

Family

gcleaner

C2

185.156.73.23

Targets

- Target
  
  1956-6-0x0000000000400000-0x0000000000C67000-memory.dmp
- Size
  
  8.4MB
- MD5
  
  e9708f75fb9682aa0c8988bd3a77181a
- SHA1
  
  7b2ec62798c98f27630c597d2a9ac1cf43338c8d
- SHA256
  
  5c35f6f5ff30cb9d91b1bdebabe346708b1b0b9a0dafa4b2eab9ae135a326d80
- SHA512
  
  ffac30ad7022ad334aaa28bbd9f10b9f2e9673a610fa99c21ea3de336368216b1fc5c32bd4f063785110fb2ca7b6fcafc03e0807c52c9d4a57a4af7189b73ac6
- SSDEEP
  
  98304:mcf3O+4IiYUJSQqjO2FjCvpmuWUvl23ZzL58Xlr+:h3OJrxmuWOlcnwd+
Score

8^/10

discovery
- Downloads MZ/PE file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2