gcleaner | 5f22cdd211e1eeecd51c49cc00d25d0487a0e640ef6b29c15a1c73e9fe5ebb85 | Triage

Sharing

General

Target

2025-04-04_d4f78da9d41ce523460feca46012d652_amadey_black-basta_cobalt-strike_luca-stealer_smoke-loader
Size

164KB
Sample

250404-jebtcavlw9
MD5

d4f78da9d41ce523460feca46012d652
SHA1

ccfde298aa6ea0ad06f533f8dc33c464e2af1591
SHA256

5f22cdd211e1eeecd51c49cc00d25d0487a0e640ef6b29c15a1c73e9fe5ebb85
SHA512

920274bd33f46457eaa2ae44fbf2fedb7748d885e3198f6e5d709b84d6a28fa2a9bcdf8a0f4e1717f9e104b94bb3d590791a404e9ac2ac2ca6b004fb5bc757ec
SSDEEP

3072:lpiDiHmJzLHgP03WYt7ulin1MVo5+FwVDoC8naf5sLi4/HVd7B3AHygjsftjFjQr:lpiDiHmJzLHgP03WYt7ulin1MVo5+FwV

Score

10^/10

gcleaner discovery

Malware Config

Extracted

Family

gcleaner

C2

185.156.73.98

45.91.200.135

Targets

- Target
  
  2025-04-04_d4f78da9d41ce523460feca46012d652_amadey_black-basta_cobalt-strike_luca-stealer_smoke-loader
- Size
  
  164KB
- MD5
  
  d4f78da9d41ce523460feca46012d652
- SHA1
  
  ccfde298aa6ea0ad06f533f8dc33c464e2af1591
- SHA256
  
  5f22cdd211e1eeecd51c49cc00d25d0487a0e640ef6b29c15a1c73e9fe5ebb85
- SHA512
  
  920274bd33f46457eaa2ae44fbf2fedb7748d885e3198f6e5d709b84d6a28fa2a9bcdf8a0f4e1717f9e104b94bb3d590791a404e9ac2ac2ca6b004fb5bc757ec
- SSDEEP
  
  3072:lpiDiHmJzLHgP03WYt7ulin1MVo5+FwVDoC8naf5sLi4/HVd7B3AHygjsftjFjQr:lpiDiHmJzLHgP03WYt7ulin1MVo5+FwV
Score

8^/10

discovery
- Downloads MZ/PE file
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1