May 30, 2026
C2 Hosts: 5
GCleaner
C2 Infrastructure
Hosting/VPS 83%
ISP/Residential 8%
Business 4%
Unknown 4%
Last 7 days
May 29, 2026
C2 Hosts: 13
May 28, 2026
C2 Hosts: 26
May 26, 2026
C2 Hosts: 1
| Date | C2 Hosts |
|---|---|
| May 30, 2026 | 5 |
| May 29, 2026 | 13 |
| May 28, 2026 | 26 |
| May 26, 2026 | 1 |
Further Reading
MalwareAnalysisReports/GCleaner/GCleaner Techincal Analysis with BinaryNinja.md at main · VenzoV/MalwareAnalysisReports
Reports in .MD format. Contribute to VenzoV/MalwareAnalysisReports development by creating an account on GitHub.
github.com
Deep Analysis of GCleaner
GCleaner is a Pay-Per-Install (PPI) loader first discovered in early 2019, it has been used to deploy other malicious families like…
n1ght-w0lf.github.io
NullMixer drops Redline Stealer, SmokeLoader and other malware
NullMixer is a dropper delivering a number of Trojans, such as RedLine Stealer, SmokeLoader, Satacom, and others.
securelist.com