Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
0dcdcd711ce5c3bc085d642ab64c3d4b2e075cf3b8eda0f218f01f258c73faf6
-
Size
127KB
-
Sample
220919-r4q9bshcbr
-
MD5
1d1e5ff4536b87095d413840723ec1e2
-
SHA1
2ccede4f3882d673dc5c02f22251468f0afc7740
-
SHA256
0dcdcd711ce5c3bc085d642ab64c3d4b2e075cf3b8eda0f218f01f258c73faf6
-
SHA512
d47c3af983c9cdd4d098ababc7a29e1113384451de99688ed2be3f5cca57afc61e2ac6dd630a22c200f258d2f51fdbf9c5b93b6e6add1cb07365493ad5e7a5fc
-
SSDEEP
3072:avgEL7Yo4PkH9sIb8WlJc2rftwh8lupNcnSXWje7sI+a7yJ:avgEPYo4Pktlq2rbluTcn4WRaWJ
Static task
static1
Behavioral task
behavioral1
Sample
GOLAYA-TOPLESS.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
GOLAYA-TOPLESS.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
GOLAYA-TOPLESS.exe
-
Size
238KB
-
MD5
43fe764bb0d948ccae24fcbd8ac7c17e
-
SHA1
5f787deaec858095f6894f892b71b7e03a05d106
-
SHA256
f5c517c991353a148cea7f08bdb6e9eb34abc7e2fe98e25ae99dbd9f9a951aff
-
SHA512
e985b9f2bc813d66f2cd2a3b5e31a5dbf9e23f8046719e39657acd8b50554f6de2dce104d78ca5436a007c157bb4cc60d0c6355df9748271be5cfddfc2178b0d
-
SSDEEP
3072:jBAp5XhKpN4eOyVTGfhEClj8jTk+0hsquxV/hvdG+Cgw5CKHm:ObXE9OiTGfhEClq9XqK/hvxJJUm
Score8/10-
Blocklisted process makes network request
-
Drops file in Drivers directory
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-