user@threatcheck.sh ~ threat-analysis
bash
$ analyze-threat Trojan:Win32/GCleaner.PGGL!MTB
Trojan:Win32/GCleaner.PGGL!MTB - Windows Defender threat signature analysis

Trojan:Win32/GCleaner.PGGL!MTB - Windows Defender Threat Analysis

$ cat analysis.txt
=== THREAT ANALYSIS REPORT ===
Threat Name: Trojan:Win32/GCleaner.PGGL!MTB
Classification:
Type:Trojan
Platform:Win32
Family:GCleaner
Detection Type:Concrete
Known malware family with identified signatures
Variant:PGGL
Specific signature variant within the malware family
Suffix:!MTB
Detected via machine learning and behavioral analysis
Detection Method:Behavioral
Confidence:Very High
False-Positive Risk:Low

Concrete signature match: Trojan - Appears legitimate but performs malicious actions for 32-bit Windows platform, family GCleaner

Summary:

Trojan:Win32/GCleaner.PGGL!MTB is a malicious program identified by Windows Defender through concrete machine learning behavioral analysis. As a Trojan, it typically infiltrates systems disguised as legitimate software, aiming to establish unauthorized access, steal data, or perform other harmful actions. This threat poses a significant risk to system integrity and user data.

Severity:
High
VDM Static Detection:
No detailed analysis available from definition files.
Known malware which is associated with this threat:
Filename: 09399731a95e45d9686274ed4fec4be4
549ff38d22cb037605227ae1a728c9ccc867529580029f091bc85b024441136d
26/01/2026
VirusTotalDownload Sample
Filename: 47cb68ba95082b3dfc1b986234a6b6f5
72932089ed5a586ffbf84c04563b038e24fa68864c086b1436065822ccf5b7e0
26/01/2026
VirusTotalDownload Sample
Filename: 7cbbea28c042ecdf91ea1a06344c1da6
84f7b412c87ad3144ef69c3b4adf6270a86f3edcf0196e923b5d48ee843138fc
26/01/2026
VirusTotalDownload Sample
Filename: 82d118dcf0476bb35ab152fb16cee481
487ecf9a91e20418cb944e887d01ec1f989263107322d1b05c8a3c5dfa88a746
26/01/2026
VirusTotalDownload Sample
Filename: 86869a3cf03868034d0f2684606f7566
05a3746c27c84441779d09b879d97e077086eddc47d7343e517bce904fc8d7e2
26/01/2026
VirusTotalDownload Sample
Remediation Steps:
Immediately allow Windows Defender to quarantine or remove the detected threat. Perform a full system scan with up-to-date antivirus software. Isolate the affected device from the network if possible, and monitor system logs for any further suspicious activity or signs of compromise. Consider resetting user account passwords if sensitive data exposure is a concern.
=== END REPORT ===
$ reanalyze-threat
This analysis was last updated on 26/01/2026. Do you want to analyze it again?
$ ls available-commands/
→ cd /home
user@threatcheck.sh:~$