Overview

overview

8

Static

static

GOLAYA-DEVOCHKA.exe

windows7-x64

8

GOLAYA-DEVOCHKA.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f18d7dee183da100646a90c1b06ed49ce800584c0f8f7d2c5f5a409111856afd

  • Size

    124KB

  • Sample

    221206-c2xwrshb52

  • MD5

    6f0bb652cb5210b55ee058f2ac437e26

  • SHA1

    f87ef13f9ce36565e60b89007b4c5b52625ea223

  • SHA256

    f18d7dee183da100646a90c1b06ed49ce800584c0f8f7d2c5f5a409111856afd

  • SHA512

    fb0e34689f79c4302f7f66b837dc7efb9fcb1116991ca4e12b6b0be23d6098c85cc117df4973a2c13959ea0efb4ca58c7d94a5a45f6499f49466c573d6007d82

  • SSDEEP

    3072:nnHXMpxcGxFyhQ0bOqYJrC06GdkEfj+BXsJDBWsC+wQKV:nHmGY/o0JrV6GJ+5QFWQwB

Score
8/10
discovery

Malware Config

Targets

    • Target

      GOLAYA-DEVOCHKA.exe

    • Size

      239KB

    • MD5

      3b6a823d2a38f447bfa16008f5c1486c

    • SHA1

      a73038f71665e91fcbcbf2d7c34b7601dd88d805

    • SHA256

      216e9686036f1f962f05526b583ed2b26f6666e8a3783e8f42883c4a09e8f86a

    • SHA512

      a65c311f7c54db12c8cd738259df95afdf2dc01d19f21c61c3e3ef410c079df1af5475fe62cb73f01dab625b09b52b358315ac62899388dc6e9e6f101ed38f53

    • SSDEEP

      3072:MBAp5XhKpN4eOyVTGfhEClj8jTk+0hYoO/MgjqEWBr+Cgw5CKH6:7bXE9OiTGfhEClq95/MghJJU6

    Score
    8/10
    discovery

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks