General
-
Target
ba1c9a5ec6aa3c4fce995803e11c0ff8479ee34729d79e5ac5b313f4d65e94c8
-
Size
228KB
-
Sample
240702-wjjqzaycmp
-
MD5
53359c9f826a4668be076e49c96a9cb7
-
SHA1
1339f0ea0250663e216da34125490baed93e2b1f
-
SHA256
ba1c9a5ec6aa3c4fce995803e11c0ff8479ee34729d79e5ac5b313f4d65e94c8
-
SHA512
b900e7830cc91b2ccaf6bb054e7c680e60decb5149191e986e1d95d03241cefd1004586d406df973f1cfb8a8ccf665b8016297c18e4c5e71eee8b91b633bfebf
-
SSDEEP
6144:2ELo6jIKrJh/NHlSLkad5oWy63CroyrYh7:2Es6jDPZEYIeWyyCrFrY
Static task
static1
Behavioral task
behavioral1
Sample
ba1c9a5ec6aa3c4fce995803e11c0ff8479ee34729d79e5ac5b313f4d65e94c8.exe
Resource
win7-20240508-en
Malware Config
Extracted
gcleaner
185.172.128.90
185.172.128.69
-
url_path
/advdlc.php
Targets
-
-
Target
ba1c9a5ec6aa3c4fce995803e11c0ff8479ee34729d79e5ac5b313f4d65e94c8
-
Size
228KB
-
MD5
53359c9f826a4668be076e49c96a9cb7
-
SHA1
1339f0ea0250663e216da34125490baed93e2b1f
-
SHA256
ba1c9a5ec6aa3c4fce995803e11c0ff8479ee34729d79e5ac5b313f4d65e94c8
-
SHA512
b900e7830cc91b2ccaf6bb054e7c680e60decb5149191e986e1d95d03241cefd1004586d406df973f1cfb8a8ccf665b8016297c18e4c5e71eee8b91b633bfebf
-
SSDEEP
6144:2ELo6jIKrJh/NHlSLkad5oWy63CroyrYh7:2Es6jDPZEYIeWyyCrFrY
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-