Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
c76b1ef604513820f0f370de853e20f8b7f204be77ffd427ac8a489081e0fbe6
-
Size
100KB
-
Sample
221030-ghy2yaeec5
-
MD5
84bc9eeaf06fb2ec2ed7cf1a31d29990
-
SHA1
1aaf0c20b5ffda8b5aa83f22819d5f56a77e2a5b
-
SHA256
c76b1ef604513820f0f370de853e20f8b7f204be77ffd427ac8a489081e0fbe6
-
SHA512
e349f6b83b8fac6a45123d9cea098d4f16657c032cfe15b2e4b34fd246e146c498cee372113c82106b3cc1c8f03bc303200ef1603717e4a00e416842662316c3
-
SSDEEP
3072:847excGxFLPkH9SnbZDaS+J9x0ozDXal/lgoXlYPut6rUIa:8+eGYtPk0Z+33x0cXalNgo1YfA
Static task
static1
Behavioral task
behavioral1
Sample
GOLAYA-SEXY.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
GOLAYA-SEXY.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
GOLAYA-SEXY.exe
-
Size
151KB
-
MD5
b779c9d9d65de1d790fcf370accedf6d
-
SHA1
e5f3899a534862bd2f0d4e5d621204963da70206
-
SHA256
0d875c05ddb62f0fac013ced4aca623d2cc48f4d48ce371db616fa11a9f3a13c
-
SHA512
901abc68bce172a06b2a98e09fd0c5282ccd191c24844078aaa98f358266a0dca96b4859b079fbfabbb1a6113db961f3c8149dc9b37f78e64ddf97d9196cb344
-
SSDEEP
3072:lBAp5XhKpN4eOyVTGfhEClj8jTk+0hiPQZJDoXlYPut6rUI1:AbXE9OiTGfhEClq99QZJDo1Yfr
Score8/10-
Blocklisted process makes network request
-
Drops file in Drivers directory
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-