gcleaner | 9e9d0d07ddca8f763655b74e2c8ed07da5b3899c6dcd6635572028271225d7c8

Analysis

max time kernel
142s
max time network
149s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
02-07-2024 14:27

Target

9e9d0d07ddca8f763655b74e2c8ed07da5b3899c6dcd6635572028271225d7c8.exe
Size

227KB
MD5

2e2e86bc5b624f6f78e5337a56e784b7
SHA1

2d504a72261c661d51565056283182cc907d96b1
SHA256

9e9d0d07ddca8f763655b74e2c8ed07da5b3899c6dcd6635572028271225d7c8
SHA512

4e66595d0c276c3a76b0d17f274061cec82c5b03c8eab46b56198792fd1ce3401d734c18851378301e7772871298713c050e777b12b5a396629a9d15851ca8bf
SSDEEP

3072:2FLUfyYEtuglJ3HBTEiMD+6XXkql+MMKKIim5k1PFDdDWeVE3a5Pvy8Vf+3joMYU:OLUfyYEj3HnM/eK3EFDb+T8Vfnx

Score

10^/10

Family

gcleaner

185.172.128.90

185.172.128.69

Attributes

GCleaner
GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.
loader gcleaner

C:\Users\Admin\AppData\Local\Temp\9e9d0d07ddca8f763655b74e2c8ed07da5b3899c6dcd6635572028271225d7c8.exe
"C:\Users\Admin\AppData\Local\Temp\9e9d0d07ddca8f763655b74e2c8ed07da5b3899c6dcd6635572028271225d7c8.exe"
1⤵
PID:1252

memory/1252-1-0x0000000002890000-0x0000000002990000-memory.dmp

Filesize
1024KB

Download
memory/1252-3-0x0000000000400000-0x000000000042F000-memory.dmp

Filesize
188KB

Download
memory/1252-2-0x0000000000220000-0x000000000024D000-memory.dmp

Filesize
180KB

Download
memory/1252-4-0x0000000000400000-0x0000000002726000-memory.dmp

Filesize
35.1MB

Download
memory/1252-6-0x0000000002890000-0x0000000002990000-memory.dmp

Filesize
1024KB

Download