Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

GOLAYA-RUSSKAYA.exe

windows7-x64

8

GOLAYA-RUSSKAYA.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5453fc4c81305ffb7a886dfa066f3ec3

  • Size

    89KB

  • Sample

    231226-e5g1tsfcf4

  • MD5

    5453fc4c81305ffb7a886dfa066f3ec3

  • SHA1

    0a52197a8dad18514be93ebd293407a7df35685d

  • SHA256

    8020c5f45f39ed89e7d8340942bec111c745f0624d33c99381c07e83becb8801

  • SHA512

    f3de9cfdbcffccb0ba5c998a4383dc971c56c68bc51b84c2cd18d67b1a878557e4a85d7109cd6d4c7611a8dfb76ab2946db4ec4f4ba058397d7bc7c1a46a210a

  • SSDEEP

    1536:MUnVN5HOHUEs6iqcuyIJ4fnb07w3317NbesR3SRXAlO+aSPVTtHduqvIJkaU:MUnLYCq/Fufnb07YPe8CJADDNtMqvMU

Score
8/10

Malware Config

Targets

    • Target

      GOLAYA-RUSSKAYA.exe

    • Size

      181KB

    • MD5

      b1d337c0c73cbea038b997d6abaddb31

    • SHA1

      4f4d45e58de9ee50b01e53846143427d942268ef

    • SHA256

      3fd1978f95b6bc6efab67e2b2b98b0c373cccc10757457f7735dc3b2a4f29720

    • SHA512

      3c25bd65e87fa431ab7ade6c61bbf825b18633d7bee97ca8061ae4d0f68c9715d14e6f411d83471daaab0a0f93927f90d3bfb93a5abacfce0cda342807a6c573

    • SSDEEP

      3072:rBAp5XhKpN4eOyVTGfhEClj8jTk+0hR4udk4Rjb+o:WbXE9OiTGfhEClq9Xuvjbz

    Score
    8/10

    • Blocklisted process makes network request

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks