Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

GOLAYA-SEXY.exe

windows7-x64

8

GOLAYA-SEXY.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3b55dc74b5a32caf0ffa1d8a102476d2

  • Size

    80KB

  • Sample

    231225-y99feshfbj

  • MD5

    3b55dc74b5a32caf0ffa1d8a102476d2

  • SHA1

    9ad6e2b60276d6d2cdeabe95ced7ac19d4d96cbc

  • SHA256

    744002d187dfb8c074920cc759b8aa65b99d9fc6aed271f827193e6e96cbe3f5

  • SHA512

    31a92eccb330e6b8d6de1ea65873a6165042b62812ad730c74a080537f13d2999d000be76389aaea545a270ea9691d558b252e774feb9987d79cc3e0454f542e

  • SSDEEP

    1536:DkDro9Ash6VQZtlRtQlQ7pYw/zQymCJVVBZ9SZztEJe+9N+KZupBaY153u9Kwrp3:QDvsEU8lGpD/NZBZ9a3uN+zvx3YKW

Score
8/10

Malware Config

Targets

    • Target

      GOLAYA-SEXY.exe

    • Size

      180KB

    • MD5

      69a9db2003415946eb1185c9ab4d6ca4

    • SHA1

      a4e84147d24c578a9a0ac9b4b08815d45cf035c1

    • SHA256

      39f420b486362ecca29eb4c068e665c2bd126f6f526049c26491539d1135582f

    • SHA512

      2ddd0734c50bf4ecb5be23127e1354d641d78c49d4f20c703ef36621db6af9c1dcc2447f3d04527ea9fe56cdaf425c651b932139faed62537ceee3b662c14ad8

    • SSDEEP

      3072:oBAp5XhKpN4eOyVTGfhEClj8jTk+0hN7+mYnhIAhyYwYs:fbXE9OiTGfhEClq9s+mYnhIAhyT

    Score
    8/10

    • Blocklisted process makes network request

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks