Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
dae54b3f9609c3f81e5d22008d9f0d623f80f918b13fb5924461a0fdb8d5376c
-
Size
116KB
-
Sample
221203-gaeckacg8w
-
MD5
f9b9e28b922262e055c1802303cb2a82
-
SHA1
282e3bf877878d65c3b631f0f3009114cad2efb6
-
SHA256
dae54b3f9609c3f81e5d22008d9f0d623f80f918b13fb5924461a0fdb8d5376c
-
SHA512
3eb0092e62757e5d26554a9a513c95faa47e179db4d6f158c74693993b8c3773db4e73cee5f5b9a9334d421dee4a09b3850186d8d12292a32b7c5dfa3cb34dec
-
SSDEEP
3072:6l0img13tG90HdQ3Sqt1k4e7iAJjU+hLMDgs2z4kF7fKB:6ljpD9Q3Tt1Le7iAVU+ODX2z4vB
Static task
static1
Behavioral task
behavioral1
Sample
GOLAYA-TOPLESS.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
GOLAYA-TOPLESS.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
GOLAYA-TOPLESS.exe
-
Size
239KB
-
MD5
9ea5d4e300dd6c096812711fa3c677d2
-
SHA1
91ae3f2c828d65fc1d862abda77c875a433a09f8
-
SHA256
fa673f26eca0e92ae23fd52290a15fed2115c3cce647c93a9d52a069d3f82aaa
-
SHA512
807886572612c5593192318f2ac65fc0d42a77989ac86ccfd730b9544f5fb14fb4aa54aa10bbc7c0f76cde779149da8662d5abba173a503fd942f9669985949e
-
SSDEEP
3072:7BAp5XhKpN4eOyVTGfhEClj8jTk+0hWmKlv+Cgw5CKHK:mbXE9OiTGfhEClq9PTQJJUK
Score8/10-
Blocklisted process makes network request
-
Drops file in Drivers directory
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-