gcleaner | a67187ab9cf0994e8bf84c9179de45a96d356970628253a2ccd8ee81d6dd9f7a | Triage

Sharing

General

Target

2025-04-03_136f9ad308cb9695a301db6c5243563c_amadey_black-basta_cobalt-strike_luca-stealer_smoke-loader
Size

164KB
Sample

250403-thhfeaywct
MD5

136f9ad308cb9695a301db6c5243563c
SHA1

a85d641ec8ff0e6cb00dbddeee95f058b262023a
SHA256

a67187ab9cf0994e8bf84c9179de45a96d356970628253a2ccd8ee81d6dd9f7a
SHA512

440715fffbe7aaf1f51e32e36d18bed09ee4a2c71ec0d03de8c63e249e6af4472d9e42d139d2be0ef9914ae89b9a6a66b564c3398fcdae9b8bbdd55b2c77fbab
SSDEEP

3072:kpiDiHSJzLHgP03WYt7ulin1MVo5+FwVDoC8naf5sLi4/HVd7B3AHygjsftjFjQ2:kpiDiHSJzLHgP03WYt7ulin1MVo5+Fw0

Score

10^/10

gcleaner discovery

Malware Config

Extracted

Family

gcleaner

C2

185.156.73.98

45.91.200.135

Targets

- Target
  
  2025-04-03_136f9ad308cb9695a301db6c5243563c_amadey_black-basta_cobalt-strike_luca-stealer_smoke-loader
- Size
  
  164KB
- MD5
  
  136f9ad308cb9695a301db6c5243563c
- SHA1
  
  a85d641ec8ff0e6cb00dbddeee95f058b262023a
- SHA256
  
  a67187ab9cf0994e8bf84c9179de45a96d356970628253a2ccd8ee81d6dd9f7a
- SHA512
  
  440715fffbe7aaf1f51e32e36d18bed09ee4a2c71ec0d03de8c63e249e6af4472d9e42d139d2be0ef9914ae89b9a6a66b564c3398fcdae9b8bbdd55b2c77fbab
- SSDEEP
  
  3072:kpiDiHSJzLHgP03WYt7ulin1MVo5+FwVDoC8naf5sLi4/HVd7B3AHygjsftjFjQ2:kpiDiHSJzLHgP03WYt7ulin1MVo5+Fw0
Score

8^/10

discovery
- Downloads MZ/PE file
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1