Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

RUSSKAYA-GOLAYA.exe

windows7-x64

8

RUSSKAYA-GOLAYA.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    550947ef18266a71c4bff1fb9a0b182c

  • Size

    78KB

  • Sample

    231226-fbk13ageb9

  • MD5

    550947ef18266a71c4bff1fb9a0b182c

  • SHA1

    69283ccc76a0dd03b6927ce058835bad1b9a967f

  • SHA256

    9b5cf3ea956cd9ea39a38f54a4f39916503122540a05ae7dc474a029aa3a290a

  • SHA512

    5097d3fd290cd2f6865be08aa43221f2d7d0bda3cd2cf5d90351f81437a8f461fedd37ee21645dbfb2c526c8380fb784ea5d18a4060f545f8f320af01ae82c96

  • SSDEEP

    1536:fQwfwimgTY23tG90wIsWfHlWKSd+QSqWU5FMQCoFuJlmSKV/I0JZXdLxoSg5Kgm+:fnoimg13tG90HdQ3Sqt2oFUU5/IOBdLe

Score
8/10

Malware Config

Targets

    • Target

      RUSSKAYA-GOLAYA.exe

    • Size

      180KB

    • MD5

      55e47874ef9912a4309c4c90af7b67f8

    • SHA1

      bda07533ed744d3c78ee34ab416d883504212e3e

    • SHA256

      c3199ed5f9a3d4e51e4ff8287875a04a91602e348dcef11c403e90d96eea59f7

    • SHA512

      d01550350e18c0507e8f45e1a970cfd6bfa910c2a334fe65ffc26f7347e9b967906a950bd6918fa2c19aebfdf087f2f82bf3a47e96af1ef903697d3672edad36

    • SSDEEP

      3072:TBAp5XhKpN4eOyVTGfhEClj8jTk+0h6ejmo:+bXE9OiTGfhEClq9dejD

    Score
    8/10

    • Blocklisted process makes network request

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks