Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

GOLAYA-TOPLESS.exe

windows7-x64

8

GOLAYA-TOPLESS.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    58d679c7ebd167d597e2fbaca28045181d04e4c88116e4a7d91472af3592163f

  • Size

    118KB

  • Sample

    221129-pcz12sge58

  • MD5

    0953b91b7d63936208f08cc8d2f1aa28

  • SHA1

    9fe2b788a5c08832df7444b84b049ba9f0a231a5

  • SHA256

    58d679c7ebd167d597e2fbaca28045181d04e4c88116e4a7d91472af3592163f

  • SHA512

    da6d51b6627bfddd9280c4761d9b8e0cf4dde7a5764f41bf485f5a9ce75b1a7866bdd360448e0a6c2747583acb31d417d93978eb7bee3515bc21d2fba453ab6e

  • SSDEEP

    3072:OlTfMl7o9H/10ktQl6HVVcdTb7CHEEIfU089O2C:AiiHN0kXHVWdTuhCUb9Ot

Score
8/10
discovery

Malware Config

Targets

    • Target

      GOLAYA-TOPLESS.exe

    • Size

      237KB

    • MD5

      e61bd730e06e58b62b401ec80fee428e

    • SHA1

      46833a190b51364c9e965c06e52e6b04445265cc

    • SHA256

      32c82a37972dafc4b423b117c5dfbff89cb2a6e35badecab68119e1d0ab48c7a

    • SHA512

      b41181d0cbf9223b40a161072e13b03d25b90889adc23e603fd9212e6b654c51e8314e4319cb9b16e9580037ea5d24d571d8f499464c0e9f431cb9acdbbdac62

    • SSDEEP

      3072:tBAp5XhKpN4eOyVTGfhEClj8jTk+0hGrGivgXrC2S7yfH84zsEn/iOjt7hM8Wjzd:obXE9OiTGfhEClq9bweKRZLoJJUG

    Score
    8/10
    discovery

    • Blocklisted process makes network request

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks