Overview

overview

8

Static

static

3

RUSSKAYA-GOLAYA.exe

windows7-x64

8

RUSSKAYA-GOLAYA.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    46ce7fedc8e30e052e8b50e35460f9d5

  • Size

    99KB

  • Sample

    231226-axlxlaeden

  • MD5

    46ce7fedc8e30e052e8b50e35460f9d5

  • SHA1

    865f3a53736ffa66050dff8d2a40f21832c89fda

  • SHA256

    0028637d99ddfa365039055f85d555dedcc5f7dca30591f9ecfa29363bf5e250

  • SHA512

    0521ea0316138f53ad991ebf79523e5e5b4aebdea201c5463800b5dedfe49411caf4414337ba410e747d5fd93ef5aee3996bc8775e258036e7a33bd271959d90

  • SSDEEP

    3072:/47excGxFLPkH9SnbZDaIcsMYwcWlRZ7LTMF+L7DpL:/+eGYtPk0Z+KqhEF+L7DF

Score
8/10
discovery

Malware Config

Targets

    • Target

      RUSSKAYA-GOLAYA.exe

    • Size

      149KB

    • MD5

      45948515abac612ef6990c8afb6a2fc8

    • SHA1

      e945d0b8e6e33477dfbca2c18f5517554945f21f

    • SHA256

      5d9cf712292390a61de64ba8549352013e69aaf497555483afedb5b14454c387

    • SHA512

      d55ff0944f80342fa81aaff2c243e6a8271ab01ea02b91354277a774bc2a94a3a2f5a0aaede1bf5bcaf0e075b01bab557525098803a5fe4fbfb43ed56ec0b724

    • SSDEEP

      3072:lBAp5XhKpN4eOyVTGfhEClj8jTk+0hio1mLMF7Dpn:AbXE9OiTGfhEClq9u1YMF7D1

    Score
    8/10
    discovery

    • Blocklisted process makes network request

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.