General
-
Target
1871d3ab63012f446be1e1be153b8eb4965d32ff206b0d8e2c484e33362d1743
-
Size
119KB
-
Sample
221003-3gd62acbg7
-
MD5
5e6ac912c966e9b0a3a0c4c78d46dd84
-
SHA1
3f32f30b0b62ed8c7293caf4f14fcbd483b070f7
-
SHA256
1871d3ab63012f446be1e1be153b8eb4965d32ff206b0d8e2c484e33362d1743
-
SHA512
d9e52bcd297f1668e6f53e8f9adaaf760b118d61ca2814e82c522c1bf74fe6aeed7dd52c065a3044c24afb0001bdfe25069f2d959c8b73830827069156218d51
-
SSDEEP
3072:Frz/BRg1SR31UMrsj1BzoAGuw0bNtMPHS5Z+aQT:FP/BRg1SR31UMq+v0bzMPHGc
Static task
static1
Behavioral task
behavioral1
Sample
GOLAYA-TOPLESS.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
GOLAYA-TOPLESS.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
GOLAYA-TOPLESS.exe
-
Size
239KB
-
MD5
22c9f0d7dfadf25b221bee4d6fe9c39f
-
SHA1
171e6a865624222ae347d828a2a415a243c05951
-
SHA256
bc604cfca1473eb7ceb590689348f5a840a6e9425319e9ef120a893390345c58
-
SHA512
352265ba2ced7b5a6c2ee82f4fbf4788bf20a840684e827c548792e814f191da6be20b820bc8eebd77cfd27880904018cdc8ee5a54893e7eedd27e1cd196eee1
-
SSDEEP
3072:kBAp5XhKpN4eOyVTGfhEClj8jTk+0hM3GRjDNOoCya+Cgw5CKH2:zbXE9OiTGfhEClq9EjQKJJU2
Score8/10-
Blocklisted process makes network request
-
Drops file in Drivers directory
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-