gcleaner | 0f145cbb1da8a22c08822022f87ca3d17a4da4d6fd35326f87b063d86dde37b6 | Triage

Sharing

General

Target

2025-04-03_436d3112aa04540098a1d4b7cb5683dc_amadey_black-basta_cobalt-strike_luca-stealer_smoke-loader
Size

164KB
Sample

250403-txl25s1qz2
MD5

436d3112aa04540098a1d4b7cb5683dc
SHA1

91bf6118884b4389a80d10e41e7b94e0df51f520
SHA256

0f145cbb1da8a22c08822022f87ca3d17a4da4d6fd35326f87b063d86dde37b6
SHA512

a3353b19b6d378879dce9f7c6fa553cd7b41897a2cc2039c56585081fadff0ebc538342d8b734c5b908ac7b4c5905ce122f33b36bfedb8cb21457a31169825c9
SSDEEP

3072:lpiDiHmJzLHgP03WYt7ulin1MVo5+FwVDoC8naf5sLi4/HVd7B3AHygjsftjFjQq:lpiDiHmJzLHgP03WYt7ulin1MVo5+Fws

Score

10^/10

gcleaner discovery

Malware Config

Extracted

Family

gcleaner

C2

185.156.73.98

45.91.200.135

Targets

- Target
  
  2025-04-03_436d3112aa04540098a1d4b7cb5683dc_amadey_black-basta_cobalt-strike_luca-stealer_smoke-loader
- Size
  
  164KB
- MD5
  
  436d3112aa04540098a1d4b7cb5683dc
- SHA1
  
  91bf6118884b4389a80d10e41e7b94e0df51f520
- SHA256
  
  0f145cbb1da8a22c08822022f87ca3d17a4da4d6fd35326f87b063d86dde37b6
- SHA512
  
  a3353b19b6d378879dce9f7c6fa553cd7b41897a2cc2039c56585081fadff0ebc538342d8b734c5b908ac7b4c5905ce122f33b36bfedb8cb21457a31169825c9
- SSDEEP
  
  3072:lpiDiHmJzLHgP03WYt7ulin1MVo5+FwVDoC8naf5sLi4/HVd7B3AHygjsftjFjQq:lpiDiHmJzLHgP03WYt7ulin1MVo5+Fws
Score

8^/10

discovery
- Downloads MZ/PE file
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1