Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

RUSSKAYA-GOLAYA.exe

windows7-x64

8

RUSSKAYA-GOLAYA.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    05a2047aa890b3d7258a3832c8a96e18

  • Size

    88KB

  • Sample

    231224-txw74sahdr

  • MD5

    05a2047aa890b3d7258a3832c8a96e18

  • SHA1

    724005202448c03047d6d241e33179d1551cdaac

  • SHA256

    0d0babda6297c3cc1a5d03bb9d33bb8731027418381a77034d9510e7f2221d1a

  • SHA512

    60fcb0fedab72620986e163dd5c2218070bcf39f3e83818b782400a6bb1aa83cdb687e0898cf7b4be4957a46de64d798c02b957020e842842ff854479d116485

  • SSDEEP

    1536:gQwHfvMS0xcGxFyhQkrnb1Mq9Wb2A/Vpo45mBAc5/pGyUiE+eKV2GYSsSGy:gnHXMpxcGxFyhQ0bOqYqA/IAUAU/0yU2

Score
8/10

Malware Config

Targets

    • Target

      RUSSKAYA-GOLAYA.exe

    • Size

      180KB

    • MD5

      fdc849111653249dd6ebe00d6d293760

    • SHA1

      ece8bcb2bd22dfbe218e8c9104d2813bc624ec31

    • SHA256

      538b9ff9b6e06025b93fa25ebbf7d06f7280813b97e826b7413981ae543d7429

    • SHA512

      83e22626e4c46324d2d0cc60a545e4341123aeca1d96c9d23925e441cda137bfbb3ff463acba3514a896d9fb8851ffdf63248f628fed14e0df07b3e013c64866

    • SSDEEP

      3072:TBAp5XhKpN4eOyVTGfhEClj8jTk+0hg/eSZZvLf6CNsPrXJ8WYQKaLl:+bXE9OiTGfhEClq9vGSZZvLCCNsPrXJh

    Score
    8/10

    • Blocklisted process makes network request

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks