Overview

overview

8

Static

static

3

RUSSKAYA-GOLAYA.exe

windows7-x64

8

RUSSKAYA-GOLAYA.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4bc6f7e98c14c8a614b6379c01de1b95

  • Size

    84KB

  • Sample

    231226-cmjqlagga4

  • MD5

    4bc6f7e98c14c8a614b6379c01de1b95

  • SHA1

    0ebcb365a0cfe7652c0e981c40f79adc5598dc0e

  • SHA256

    3b89fd13934a44224e671faa9fe0d64d66629c7ed28f910af6b775eb214f0fa3

  • SHA512

    ee14d1836d098062ac20e346c346e94a25c382bbeb74509320da44d72d37328f06a6043691f83f3975fb0738a22e4a76d2313122a3be132b986d7779e68a4f94

  • SSDEEP

    1536:rUnVN5HOHUEs6iqcuyIJ4fnb07w3317N5iLB2aH+TVjfJXu6Nthvb3W61fgInDRs:rUnLYCq/Fufnb07Y1C2aH4nu6zhvb3Xw

Score
8/10

Malware Config

Targets

    • Target

      RUSSKAYA-GOLAYA.exe

    • Size

      180KB

    • MD5

      79edd945122f4c8e7a4eb728f12168a4

    • SHA1

      6b003a03c1a1752661e4beb10eb47a55de396e16

    • SHA256

      7705d494ac9653a3d421c4199f53e3d00661cafce7c560fd5e561a0946a6b445

    • SHA512

      8a71176d2489453c1480be2d4d27b96675a5fd8b12b6aa8c804cca429c15c99c7925e60b1baf27e5b48386626955d793f1912aabfce013d04e10c2fc50b05772

    • SSDEEP

      3072:iBAp5XhKpN4eOyVTGfhEClj8jTk+0hUEQeozxaN:xbXE9OiTGfhEClq9rEQFE

    Score
    8/10

    • Blocklisted process makes network request

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks