gcleaner | ef0b1d3c1b17e4b700f4ee78a2a078063a87ee01e23778e557f036ab2c80feeb

Analysis

max time kernel
141s
max time network
142s
platform
windows7_x64
resource
win7-20240220-en
resource tags

arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
submitted
28-06-2024 04:51

Target

ef0b1d3c1b17e4b700f4ee78a2a078063a87ee01e23778e557f036ab2c80feeb.exe
Size

332KB
MD5

b1e62fb0c2fbd63e14bbc0dbb8c759a8
SHA1

4c79383307a81ceb0d65377ee61862682cc579c7
SHA256

ef0b1d3c1b17e4b700f4ee78a2a078063a87ee01e23778e557f036ab2c80feeb
SHA512

e773f435f855147bf393a218ba2c0a1f5a806c8617c01c1d77addacede216702af33c9c16933fd6d942bd04380c5f0fd693797ec373449c06b607511a98daeee
SSDEEP

6144:3LYcF4qRjE9UP+PYUAJalV2QwFz0ZtQaXvarj:30cqYUAUlV2QwFz0Zt3Xyr

Score

10^/10

Family

gcleaner

185.172.128.90

185.172.128.69

Attributes

GCleaner
GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.
loader gcleaner

C:\Users\Admin\AppData\Local\Temp\ef0b1d3c1b17e4b700f4ee78a2a078063a87ee01e23778e557f036ab2c80feeb.exe
"C:\Users\Admin\AppData\Local\Temp\ef0b1d3c1b17e4b700f4ee78a2a078063a87ee01e23778e557f036ab2c80feeb.exe"
1⤵
PID:2924

memory/2924-1-0x0000000002460000-0x0000000002560000-memory.dmp

Filesize
1024KB

Download
memory/2924-3-0x0000000000400000-0x000000000042F000-memory.dmp

Filesize
188KB

Download
memory/2924-2-0x0000000000220000-0x000000000024D000-memory.dmp

Filesize
180KB

Download
memory/2924-4-0x0000000000400000-0x000000000236F000-memory.dmp

Filesize
31.4MB

Download
memory/2924-6-0x0000000002460000-0x0000000002560000-memory.dmp

Filesize
1024KB

Download