Overview

overview

8

Static

static

3

RUSSKAYA-GOLAYA.exe

windows7-x64

8

RUSSKAYA-GOLAYA.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3322c22a1d105cfe68f4d7204fb84a96

  • Size

    79KB

  • Sample

    231225-wn4lyahhgp

  • MD5

    3322c22a1d105cfe68f4d7204fb84a96

  • SHA1

    4a795df1937e6fe1500a166f55680ad0147e5cc0

  • SHA256

    171be849e0f6cc1be6e190a265a647d5a08c0cede3711f016f2879fe5bb6e3a5

  • SHA512

    9f45602d9191a3d1b636df293b2180ed2e99c32709bd50a1346d375f2daa2d4d8ee1a949bdafc383cd02be44d709b120163d32d29b644e5839c5ef74c20b4eb1

  • SSDEEP

    1536:lQwHfvMS0xcGxFyhQkrnb1Mq9Wb1dVf4SSR5KoVjr6Hu:lnHXMpxcGxFyhQ0bOqY5dWSIUoUHu

Score
8/10

Malware Config

Targets

    • Target

      RUSSKAYA-GOLAYA.exe

    • Size

      180KB

    • MD5

      60cbfc2f232c3190b9772c91d643e1ef

    • SHA1

      a3faa948e0bb149845b14b9e8d99bbf834893d52

    • SHA256

      405b0ed35de635046a977e7cb4a17c709d9471169fac1a493cfa4995497b2783

    • SHA512

      d9ac65966310962dcf173d0d24cb09e1b0201a1b558ea4904056c05bea1c3d2215a191de6acca12475e12ecdf988781ce94238de2e12b0c5f6e880379e2e9633

    • SSDEEP

      3072:OBAp5XhKpN4eOyVTGfhEClj8jTk+0hJiaqR//1Wcjej5EqhnBWz9T6M39rI2S:lbXE9OiTGfhEClq9mqR//1Wcjej5Eqhr

    Score
    8/10

    • Blocklisted process makes network request

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks