Overview

overview

8

Static

static

3

RUSSKAYA-GOLAYA.exe

windows7-x64

8

RUSSKAYA-GOLAYA.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    46ce7fedc8e30e052e8b50e35460f9d5

  • Size

    99KB

  • Sample

    231226-axlxlaeden

  • MD5

    46ce7fedc8e30e052e8b50e35460f9d5

  • SHA1

    865f3a53736ffa66050dff8d2a40f21832c89fda

  • SHA256

    0028637d99ddfa365039055f85d555dedcc5f7dca30591f9ecfa29363bf5e250

  • SHA512

    0521ea0316138f53ad991ebf79523e5e5b4aebdea201c5463800b5dedfe49411caf4414337ba410e747d5fd93ef5aee3996bc8775e258036e7a33bd271959d90

  • SSDEEP

    3072:/47excGxFLPkH9SnbZDaIcsMYwcWlRZ7LTMF+L7DpL:/+eGYtPk0Z+KqhEF+L7DF

Score
8/10
discovery

Malware Config

Targets

    • Target

      RUSSKAYA-GOLAYA.exe

    • Size

      149KB

    • MD5

      45948515abac612ef6990c8afb6a2fc8

    • SHA1

      e945d0b8e6e33477dfbca2c18f5517554945f21f

    • SHA256

      5d9cf712292390a61de64ba8549352013e69aaf497555483afedb5b14454c387

    • SHA512

      d55ff0944f80342fa81aaff2c243e6a8271ab01ea02b91354277a774bc2a94a3a2f5a0aaede1bf5bcaf0e075b01bab557525098803a5fe4fbfb43ed56ec0b724

    • SSDEEP

      3072:lBAp5XhKpN4eOyVTGfhEClj8jTk+0hio1mLMF7Dpn:AbXE9OiTGfhEClq9u1YMF7D1

    Score
    8/10
    discovery

    • Blocklisted process makes network request

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks