gcleaner | 0b3c6f82421d0b116f1a8ffe2f7e236f9a595c8d0ebf4eb79fad397151084d81 | Triage

Sharing

General

Target

2760-6-0x0000000000400000-0x0000000000C56000-memory.dmp
Size

8.3MB
Sample

250209-wqsmfsyngy
MD5

32cf727cdcf6fcfdf2c4a9536b7258d6
SHA1

8162b47ceb9af26a7c6b4f6f3d999aff6124d4b1
SHA256

0b3c6f82421d0b116f1a8ffe2f7e236f9a595c8d0ebf4eb79fad397151084d81
SHA512

f94c40e3200a46d326c2ab1af2da9c08ba0e6a7bfa98e77a31b5af067af6c49b7c804c19003e2015f555f8d7317bc0658c164c3aff2849719c15c82bccfe8569
SSDEEP

98304:mcXNjXAZgZ9JvyjlvQMEikos4Hk7YIQ43gUQwdghk8jlh:CEikos4Hk8w3DQBkeh

Score

10^/10

gcleaner discovery

Malware Config

Extracted

Family

gcleaner

C2

185.156.73.23

Targets

- Target
  
  2760-6-0x0000000000400000-0x0000000000C56000-memory.dmp
- Size
  
  8.3MB
- MD5
  
  32cf727cdcf6fcfdf2c4a9536b7258d6
- SHA1
  
  8162b47ceb9af26a7c6b4f6f3d999aff6124d4b1
- SHA256
  
  0b3c6f82421d0b116f1a8ffe2f7e236f9a595c8d0ebf4eb79fad397151084d81
- SHA512
  
  f94c40e3200a46d326c2ab1af2da9c08ba0e6a7bfa98e77a31b5af067af6c49b7c804c19003e2015f555f8d7317bc0658c164c3aff2849719c15c82bccfe8569
- SSDEEP
  
  98304:mcXNjXAZgZ9JvyjlvQMEikos4Hk7YIQ43gUQwdghk8jlh:CEikos4Hk8w3DQBkeh
Score

8^/10

discovery
- Downloads MZ/PE file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2