Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

RUSSKAYA-GOLAYA.exe

windows7-x64

8

RUSSKAYA-GOLAYA.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f4908dbdd0bdc4bcedf81e4bf1ee1c04dad34e3c321b5d197f27250f4362badf

  • Size

    100KB

  • Sample

    221019-sv499seadq

  • MD5

    91b3b58ea44ceacad7359f951d8813f0

  • SHA1

    d3aba03a9fb3f25bbee6109cc540ad9e048458b9

  • SHA256

    f4908dbdd0bdc4bcedf81e4bf1ee1c04dad34e3c321b5d197f27250f4362badf

  • SHA512

    7ab1ce955d28673ed7a8d9f7f4f673799663635a89e8971b82c3971c6aa8a7625cfda134f6f2114b0869a68a40fc722d368fdddc837a45449f76d87cdc2f4edd

  • SSDEEP

    3072:f47excGxFLPkH9SnbZDaKb0fA4HOSdgd7X4:f+eGYtPk0Z+e0eSdU7o

Score
8/10
discovery

Malware Config

Targets

    • Target

      RUSSKAYA-GOLAYA.exe

    • Size

      150KB

    • MD5

      545874cf7d80393aede1205d65071c96

    • SHA1

      7d0a43a6b48f5c6f8f19670ba5d7002e3d9579f4

    • SHA256

      b7f536b8797f5abc1f03efaad3f920e45f5cbdb99b6896cd30cdd597425bfc23

    • SHA512

      a828467270b8528ba8c91ea20a76e78c08140a800aa90652f66c5787c210195eb4b70c01a13f6a081f955e8ada1cd934a29b451c4dae7a027e90f8fb8ff44e92

    • SSDEEP

      3072:lBAp5XhKpN4eOyVTGfhEClj8jTk+0hiewi7Pgd7Xw:AbXE9OiTGfhEClq9APU7g

    Score
    8/10
    discovery

    • Blocklisted process makes network request

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks