d743ec9bf9d6642cdf645536e96a7651afbf6175911d5e283f77afa7321cd089 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

10f08092b5c5b5784322b41906ecd10e
Size

86KB
Sample

231225-jznzeagfep
MD5

10f08092b5c5b5784322b41906ecd10e
SHA1

eb19c3ce76862da52e48140335727d71392dd378
SHA256

d743ec9bf9d6642cdf645536e96a7651afbf6175911d5e283f77afa7321cd089
SHA512

61f5c73198a4082964021f02e37f0d3f7a45ccd4bbee4b12add71bd6d24bc98559ae27f6f6c192b20b4e9596f462fa4e4d4e12d4afc385bb000ab401224d4f52
SSDEEP

1536:nlfbwimgTY23tG90wIsWfHlWKSd+QSqWU5FdCmCWuKw6kS+AJtBcg9HGULnQxYyH:nl0img13tG90HdQ3SqtRjCT7fmJtBfQl

Score

8^/10

Malware Config

Targets

- Target
  
  GOLAYA-BABE.exe
- Size
  
  181KB
- MD5
  
  3f0da76b4c682e86aeb9a8a425eaa903
- SHA1
  
  650b36332381beac233426a3fb4bfeaca92a1296
- SHA256
  
  ffa647bd5ec34f2f982bd2695abf1be734d323b66617c9e7f8bdaed49832ec6e
- SHA512
  
  29010590d712e329c322430340c3cd28c88d7242fefebe0f404c04f7eb703351b27c5faf01771259bb768c1ed7d14cf1730f626a372754d6579b91656bdc4c92
- SSDEEP
  
  3072:YBAp5XhKpN4eOyVTGfhEClj8jTk+0hD+iG+v5y1rF0t8:PbXE9OiTGfhEClq9iktFb
Score

8^/10
- Drops file in Drivers directory
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2