Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

GOLAYA-TOPLESS.exe

windows7-x64

8

GOLAYA-TOPLESS.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bbcdbe57c22290b38a1bacd71209814efeded172b4ea112c14eae5c3be201ce4

  • Size

    130KB

  • Sample

    220919-wlaababeb5

  • MD5

    70c7bb2b961053d3e3b576bfcf3af167

  • SHA1

    699b447f10a31a1bbbca770aa056d771a74f04bc

  • SHA256

    bbcdbe57c22290b38a1bacd71209814efeded172b4ea112c14eae5c3be201ce4

  • SHA512

    33d1e25fbad83d565f03ebac5dc4061f5db39e516adeb452be8f7d37bcf8deded1398df064467683191ccc5500f68de69a02b3d8fbc41126571f758d44e420e3

  • SSDEEP

    3072:Tl0img13tG90HdQ3SqtRCHMd6eVPFIOF7SJD1/LgOczW1GgoI:TljpD9Q3TtEO5V7gVM1Skgn

Score
8/10
discovery

Malware Config

Targets

    • Target

      GOLAYA-TOPLESS.exe

    • Size

      239KB

    • MD5

      3730b5f97b072915e3543161c40f31a5

    • SHA1

      cf9d927d863408c27eb855b1f213a3be692848b2

    • SHA256

      f6995a80e724cd266992ce7b856085a54e8567466ca1dbe8c3eba8977eb70b9c

    • SHA512

      fa0404bed565520dbc58b1f3b5abd0026ed3979eaaf736811bbed1e1e2523770bfd8b80c01faabf6f57b486e246b0bbcbe009098d27b2c081f8afef8c4f9d0d1

    • SSDEEP

      3072:mBAp5XhKpN4eOyVTGfhEClj8jTk+0hB+iwDomG0Ej+Cgw5CKH6:dbXE9OiTGfhEClq9Q+pD7G0VJJU6

    Score
    8/10
    discovery

    • Blocklisted process makes network request

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks