Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
ba77eeab97e2a4b63d6f0a374f2043a59d658e71408c18614f8cd781eefa1527
-
Size
119KB
-
Sample
221205-26ecnafe98
-
MD5
a22c2ac2d274edebcc7de91f3c9648ec
-
SHA1
c9a54c8adbcba4ada0480deef0f3704c9edb6739
-
SHA256
ba77eeab97e2a4b63d6f0a374f2043a59d658e71408c18614f8cd781eefa1527
-
SHA512
492702d3437e7431623e9926bea9f4080de002a19ce0198e932fe9051b679f5d6a0a8a543f5163db4df7fbaf3ab9930bce7630d6db4ff51254e3b9f6a1fbf261
-
SSDEEP
3072:jnHXMpxcGxFyhQ0bOqYDl8WgmFHZ47et+jGkNby6gX2:rHmGY/o0h87mUSt+jRuZm
Static task
static1
Behavioral task
behavioral1
Sample
GOLAYA-BABE.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
GOLAYA-BABE.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
GOLAYA-BABE.exe
-
Size
239KB
-
MD5
471ee52782395766d6e60db78eea6bf1
-
SHA1
86886592b9281a9b640c06b3cb7742955405d0ee
-
SHA256
f251a94739170aaf1ad716e6f31645cc3bb2350fc5e0ccc135511d9618f0386c
-
SHA512
c2759eff3ce5ebebbe779bda325a1b35d1c9a10c06f15c99f1b3ac760ed9376540a20c0bb99f406db46b6e20ae361ac7c41bc5b1edfc981daed89bc2f89327dd
-
SSDEEP
3072:OBAp5XhKpN4eOyVTGfhEClj8jTk+0hbRBrICPwXAFxTTw1BV56nt1UrknjaT5/e4:lbXE9OiTGfhEClq9aW6EBMbJ4JJUG
Score8/10-
Blocklisted process makes network request
-
Drops file in Drivers directory
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-