Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
1b697f98ccd7aa0e93686e5c00b09d94b5b15f851f652f7aa57bd93333ba3f03
-
Size
124KB
-
Sample
221001-zlh41agbgr
-
MD5
454900166e5b1bc2da582b9d1cbc6980
-
SHA1
5d6f130771e2b0e9bfbd41a2206ce1c8dd61bcd3
-
SHA256
1b697f98ccd7aa0e93686e5c00b09d94b5b15f851f652f7aa57bd93333ba3f03
-
SHA512
90ed6330cb662e3087522667e3c1e72bd66786e47d969945126e6cb013e04806d826deb5891a25270e275d295d1e7c0b71e927e1088343a3264c275da013c820
-
SSDEEP
3072:GnHXMpxcGxFyhQ0bOqYJrC06GdkEfj+BcB9AHDMVTCjtD:iHmGY/o0JrV6GJ+q98DMxsD
Static task
static1
Behavioral task
behavioral1
Sample
GOLAYA-BABE.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
GOLAYA-BABE.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
GOLAYA-BABE.exe
-
Size
239KB
-
MD5
6839c4c1e533bdef312fa9501b7cd622
-
SHA1
0a4a288e686a64c0d926e5d5c7ddd46ec7eeeaa1
-
SHA256
5b40e9c2a5bbd190d09eade750b1ce1a48887f6822a3e8a4cf3f927c38088982
-
SHA512
d0cafe97a7ab0444424d88d6fddbe2bb0bc9d33abaaeec21101388982d40728d5114d30d1d9b3f7b5d0ea77cbfc6f8067256d4cd7613d14de74ccd196a1dd954
-
SSDEEP
3072:MBAp5XhKpN4eOyVTGfhEClj8jTk+0hYoO/MgjqEWBz+Cgw5CKHy:7bXE9OiTGfhEClq95/MgXJJUy
Score8/10-
Blocklisted process makes network request
-
Drops file in Drivers directory
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-