Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

RUSSKAYA-GOLAYA.exe

windows7-x64

8

RUSSKAYA-GOLAYA.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d9fc634345b1ae88655296cd77c5430270fed552ba35bcff85bd40bd5a6ea01d

  • Size

    90KB

  • Sample

    221129-v4bqesae86

  • MD5

    58c32cfa2694bdb2f6e00814fa3a5ce8

  • SHA1

    3233fe72c1073ac1f2e29a70e8e9a9cb6e1ba7df

  • SHA256

    d9fc634345b1ae88655296cd77c5430270fed552ba35bcff85bd40bd5a6ea01d

  • SHA512

    43f8e833aa657849abdbbaf6f68a9012ba9a2d99f16db1d9cfa2ac5111389a587db20365635d0b67243b013f67e62327e7f396ce9145f0a0dbe023add670811c

  • SSDEEP

    1536:v/lfbwimgTY23tG90wIsWfHlWKSd+QSqWU5FvlsvDibg1cF+fUbmaBdnE3oDqu29:Xl0img13tG90HdQ3SqtRaAUjfdaBdE3n

Score
8/10

Malware Config

Targets

    • Target

      RUSSKAYA-GOLAYA.exe

    • Size

      182KB

    • MD5

      a61b567cf0d6215a9816a9655525e2bc

    • SHA1

      481add92cc4cf0ba9954de2ba4daf8537202ac7d

    • SHA256

      f5996699457c022aee006070f20af5d74679f2c38e2a0a77a12806a9f3489077

    • SHA512

      c5b6920896d728042e9f9f67d60430ef0fcbfc9109b0b60473288cd4c7439a9d335c31cc6a0c0a7d439a4bef210bb6d0cfc880ede1da02f3a28f2b1770e78153

    • SSDEEP

      3072:QBAp5XhKpN4eOyVTGfhEClj8jTk+0h5TlWn6:HbXE9OiTGfhEClq9IlW6

    Score
    8/10

    • Blocklisted process makes network request

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks