Overview

overview

10

Static

static

3

59bfcda291...cc.exe

windows7-x64

10

59bfcda291...cc.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    59bfcda291863abd7a9cf23c93d3eb4e0f7bd330e73abf556ccae800654454cc

  • Size

    2.2MB

  • Sample

    240626-w1b3fszarj

  • MD5

    f9bb3e9b569398cd817553a32399a896

  • SHA1

    0019655cbcd48357475087b9f2cdacf35f03a92a

  • SHA256

    59bfcda291863abd7a9cf23c93d3eb4e0f7bd330e73abf556ccae800654454cc

  • SHA512

    b0c3ab68eebebc868fa7c2f5e67f9413f5a2cadd0f5e1535dd12abd9bbde3340b452a0a7ed9639ce9c1d71b028a544628e32470a069d1a671b94d312c96e30a0

  • SSDEEP

    24576:YicdCGtEVKOrEVpzL7rkPesE30gImy/MyaqHHKNWm2+t9e5jV7SnW7eYp:Yic4G6VKOrUpjGYI7Mwqwm2p5xf7eM

Score
10/10
gcleanerloader

Malware Config

Extracted

Family

gcleaner

C2

45.12.253.56

45.12.253.72

45.12.253.98

45.12.253.75
Attributes
  • url_path

    /default/puk.php

Targets

    • Target

      59bfcda291863abd7a9cf23c93d3eb4e0f7bd330e73abf556ccae800654454cc

    • Size

      2.2MB

    • MD5

      f9bb3e9b569398cd817553a32399a896

    • SHA1

      0019655cbcd48357475087b9f2cdacf35f03a92a

    • SHA256

      59bfcda291863abd7a9cf23c93d3eb4e0f7bd330e73abf556ccae800654454cc

    • SHA512

      b0c3ab68eebebc868fa7c2f5e67f9413f5a2cadd0f5e1535dd12abd9bbde3340b452a0a7ed9639ce9c1d71b028a544628e32470a069d1a671b94d312c96e30a0

    • SSDEEP

      24576:YicdCGtEVKOrEVpzL7rkPesE30gImy/MyaqHHKNWm2+t9e5jV7SnW7eYp:Yic4G6VKOrUpjGYI7Mwqwm2p5xf7eM

    Score
    10/10
    gcleanerloader

    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

      loadergcleaner

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks