Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

GOLAYA-SEXY.exe

windows7-x64

8

GOLAYA-SEXY.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5e6b5768e2a120a72a9c92afbcf8ff0f49eedc476621b7442de1d8bbec430da2

  • Size

    86KB

  • Sample

    221202-wc3v9saa76

  • MD5

    835b7c755e15a81e619b9c60215a1c4b

  • SHA1

    4011739420679b782b2fbca3c5d0863b1313d957

  • SHA256

    5e6b5768e2a120a72a9c92afbcf8ff0f49eedc476621b7442de1d8bbec430da2

  • SHA512

    704e83247d42c159139f64c6d3582032dc5045f8517db5fc22a2d49eef4d402a9f9d28c4bfbacfaeecb12440eb1871ada9f8990f863e2256d2b93e5642928922

  • SSDEEP

    1536:PlfbwimgTY23tG90wIsWfHlWKSd+QSqWU5FdCmCWuKw6kS+AJtBcg9HGULnQxYya:Pl0img13tG90HdQ3SqtRjCT7fmJtBfQk

Score
8/10

Malware Config

Targets

    • Target

      GOLAYA-SEXY.exe

    • Size

      181KB

    • MD5

      3f0da76b4c682e86aeb9a8a425eaa903

    • SHA1

      650b36332381beac233426a3fb4bfeaca92a1296

    • SHA256

      ffa647bd5ec34f2f982bd2695abf1be734d323b66617c9e7f8bdaed49832ec6e

    • SHA512

      29010590d712e329c322430340c3cd28c88d7242fefebe0f404c04f7eb703351b27c5faf01771259bb768c1ed7d14cf1730f626a372754d6579b91656bdc4c92

    • SSDEEP

      3072:YBAp5XhKpN4eOyVTGfhEClj8jTk+0hD+iG+v5y1rF0t8:PbXE9OiTGfhEClq9iktFb

    Score
    8/10

    • Blocklisted process makes network request

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks