Analysis
-
max time kernel
142s -
max time network
145s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
-
submitted
30-06-2024 07:12
General
-
Target
fcbc5368450fced9d7e11786ab4fd92010cc9e57ef9e16b714deec5a0bf36847.exe
-
Size
240KB
-
MD5
6f0cfbd656c35c037a6cde9c2dfa6112
-
SHA1
0549b408ee38fa08cc36e0a74d3ce3efe138bb80
-
SHA256
fcbc5368450fced9d7e11786ab4fd92010cc9e57ef9e16b714deec5a0bf36847
-
SHA512
82303860a27cafa1468477fc689d7a8212ef472bc83e99cd9951e01971035c21b77d22a0a03c2727fde8cf3e83211ea7d7834d763150c1f2d2578ebd05b187db
-
SSDEEP
6144:5167iAzXCJ/aXG4lqsq/4B5p9E0vHTSW:5c7iAzXCJPuq/w9E0fV
Score
10/10
Malware Config
Extracted
Family
gcleaner
C2
185.172.128.90
185.172.128.69
Attributes
-
url_path
/advdlc.php
Signatures
-
GCleaner
GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.
Processes
-
C:\Users\Admin\AppData\Local\Temp\fcbc5368450fced9d7e11786ab4fd92010cc9e57ef9e16b714deec5a0bf36847.exe"C:\Users\Admin\AppData\Local\Temp\fcbc5368450fced9d7e11786ab4fd92010cc9e57ef9e16b714deec5a0bf36847.exe"1⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1424-1-0x0000000002D40000-0x0000000002E40000-memory.dmpFilesize
1024KB
-
memory/1424-3-0x0000000000400000-0x000000000042F000-memory.dmpFilesize
188KB
-
memory/1424-2-0x0000000000250000-0x000000000027D000-memory.dmpFilesize
180KB
-
memory/1424-4-0x0000000000400000-0x0000000002BF5000-memory.dmpFilesize
40.0MB
-
memory/1424-6-0x0000000002D40000-0x0000000002E40000-memory.dmpFilesize
1024KB