Overview

overview

10

Static

static

3

ff1aa31f4f...18.exe

windows7-x64

10

ff1aa31f4f...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ff1aa31f4f6715bfef4d623cede134b2_JaffaCakes118

  • Size

    265KB

  • Sample

    240421-mt8y6she5y

  • MD5

    ff1aa31f4f6715bfef4d623cede134b2

  • SHA1

    4500642f61626fd7cd4fa471169619460eeed7d2

  • SHA256

    aa9b6dcb936a8fe6826e12fbf628c3ca0c85b5eede66c450ff3b4838a84dcc2b

  • SHA512

    e1f46c46d3ae5e21c9c53e57470824f3d26f797684ed5b088d146324c736508b87f094354cb3f5c6ae0f69f1423d69455adf60d4d551515f2607f626b550f49a

  • SSDEEP

    3072:yqnuKBRTUZWtKkKjCS7jsiGTUexestDFP3ZgX7F7CKSuXYxUfJhse+VCI4K+iZPb:yqnu4DtKmSfsiUUerPI71SXWwehBiB

Score
10/10
gcleaneronlyloggerloader

Malware Config

Extracted

Family

gcleaner

C2

ggg-cl.biz

45.9.20.13

Targets

    • Target

      ff1aa31f4f6715bfef4d623cede134b2_JaffaCakes118

    • Size

      265KB

    • MD5

      ff1aa31f4f6715bfef4d623cede134b2

    • SHA1

      4500642f61626fd7cd4fa471169619460eeed7d2

    • SHA256

      aa9b6dcb936a8fe6826e12fbf628c3ca0c85b5eede66c450ff3b4838a84dcc2b

    • SHA512

      e1f46c46d3ae5e21c9c53e57470824f3d26f797684ed5b088d146324c736508b87f094354cb3f5c6ae0f69f1423d69455adf60d4d551515f2607f626b550f49a

    • SSDEEP

      3072:yqnuKBRTUZWtKkKjCS7jsiGTUexestDFP3ZgX7F7CKSuXYxUfJhse+VCI4K+iZPb:yqnu4DtKmSfsiUUerPI71SXWwehBiB

    Score
    10/10
    gcleaneronlyloggerloader

    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

      loadergcleaner

    • OnlyLogger

      A tiny loader that uses IPLogger to get its payload.

      loaderonlylogger

    • OnlyLogger payload

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks