gcleaner | 5f9fca740396ba14711a1b715aa611ed17fc2f833ae15c2ac582fbda3b2246d7 | Triage

Submit
Reports

Overview

overview

Static

static

3

cryptolaemus

windows10-2004-x64

cryptolaemus

windows11-21h2-x64

Sharing

General

Target

5f9fca740396ba14711a1b715aa611ed17fc2f833ae15c2ac582fbda3b2246d7
Size

393KB
Sample

240625-ygys8aygka
MD5

24da98fdaea0c10333d7e76961364b8b
SHA1

51b07f1d4f0bc033f01a080bf8a223e25ab01096
SHA256

5f9fca740396ba14711a1b715aa611ed17fc2f833ae15c2ac582fbda3b2246d7
SHA512

ef7ea515cfb1c694a26e557adf2dff8f27c88eafef7d145f6b377419e62591a0b962feda5cb72db48384260dd03dc4d3f430d1f0e9bd6096a5b004bf55f71463
SSDEEP

6144:SLoMkVriKlRdB9TImCYNPKrhOJxKK9I35coVK84Nz:ScMUrz1B924PK1OJxKKuGoEbN

Score

10^/10

gcleaner loader

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

5f9fca740396ba14711a1b715aa611ed17fc2f833ae15c2ac582fbda3b2246d7.exe

Resource

win10v2004-20240611-en

gcleaner loader

windows10-2004-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

5f9fca740396ba14711a1b715aa611ed17fc2f833ae15c2ac582fbda3b2246d7.exe

Resource

win11-20240508-en

gcleaner loader

windows11-21h2-x64

3 signatures

150 seconds

Malware Config

Extracted

Family

gcleaner

C2

185.172.128.90

5.42.64.56

185.172.128.69

Targets

- Target
  
  5f9fca740396ba14711a1b715aa611ed17fc2f833ae15c2ac582fbda3b2246d7
- Size
  
  393KB
- MD5
  
  24da98fdaea0c10333d7e76961364b8b
- SHA1
  
  51b07f1d4f0bc033f01a080bf8a223e25ab01096
- SHA256
  
  5f9fca740396ba14711a1b715aa611ed17fc2f833ae15c2ac582fbda3b2246d7
- SHA512
  
  ef7ea515cfb1c694a26e557adf2dff8f27c88eafef7d145f6b377419e62591a0b962feda5cb72db48384260dd03dc4d3f430d1f0e9bd6096a5b004bf55f71463
- SSDEEP
  
  6144:SLoMkVriKlRdB9TImCYNPKrhOJxKK9I35coVK84Nz:ScMUrz1B924PK1OJxKKuGoEbN
Score

10^/10

gcleaner loader
- GCleaner
  GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.
  loader gcleaner
- Downloads MZ/PE file
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy