Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

GOLAYA-SEXY.exe

windows7-x64

8

GOLAYA-SEXY.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0b27d9761dd03f446635126549558de439f77ff78126930251c2567a310df6d9

  • Size

    113KB

  • Sample

    221011-rxyptsacel

  • MD5

    113da7d0d202837cded8f2e34ec025c0

  • SHA1

    0d56bb678cd5c6840134fd0bc85e80fb790fd198

  • SHA256

    0b27d9761dd03f446635126549558de439f77ff78126930251c2567a310df6d9

  • SHA512

    c8bdbc32eb1f281f604da140540a2a3c99e00dcd8612b33f68b5a2c65cc54a6c06de35fe1b1efadcbc34464aaee38541cf5923a48309248b2827b2d54e652c67

  • SSDEEP

    3072:lu3tG90HdQ3SqtQx/AllOMLEryxLioDqZEUqfTIKE:laD9Q3Tt4iOMgreioDqZEXTIf

Score
8/10
discovery

Malware Config

Targets

    • Target

      GOLAYA-SEXY.exe

    • Size

      170KB

    • MD5

      073edfea6695c3a6aaddfc50022aeffc

    • SHA1

      3e9692abde823bb7ffba12522912357e4b224b95

    • SHA256

      cd7f758c95be6a86958d1ebbcdedaefbeebb6bc8e0808b612aa93676ba70f2c1

    • SHA512

      770e8dfdb7087100c0dd49e5bf80aa7336a843757aeb71af8efd392c8c634825727fa0c474510cb867e66ba167b72b7e21df2212a094733308b6ddae97e0b022

    • SSDEEP

      3072:gBAp5XhKpN4eOyVTGfhEClj8jTk+0h66dU7qS0F2yxLioDqZEUqfTIK8:XbXE9OiTGfhEClq9n6WqV4eioDqZEXT2

    Score
    8/10
    discovery

    • Blocklisted process makes network request

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks