Overview

overview

8

Static

static

3

GOLAYA-TOPLESS.exe

windows7-x64

8

GOLAYA-TOPLESS.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    6694ef7a8c877ca29496c549b3d519f8

  • Size

    131KB

  • Sample

    231226-ma8t3aedf8

  • MD5

    6694ef7a8c877ca29496c549b3d519f8

  • SHA1

    12bff320340ba4e7b8d79338674479c5c4ffae4a

  • SHA256

    1044712e97e70f54a8a13c2d0afaf3c9eff6bf50e2554b468f2911c210db5a66

  • SHA512

    c777a469fc42affd2ea5993559f63fda2a9a72ec9b1c916d0c093f95937c44b386918ffb1f0654e40c2c8bbb1913d527b63d05298269e645e9e3cafa5cf3cb61

  • SSDEEP

    3072:cnHXMpxcGxFyhQ0bOqYW6Qn6RuhCmICnACTIUAf9QnwhmHE:MHmGY/o0W6Q6R8CsnVTI4wh+E

Score
8/10
discovery

Malware Config

Targets

    • Target

      GOLAYA-TOPLESS.exe

    • Size

      238KB

    • MD5

      7710fc4fcea932679b40d31d409ae117

    • SHA1

      bb5dfd38943356d6c1cff6b12d32f1cb54af6d35

    • SHA256

      11abaf6a3b196588408e4d7fe8bf9a7d9b1a9b9bb3eeeb3dc2215be38f18eefa

    • SHA512

      7fb1e792e8d2533a5aa4927971249d59f25fe2fe7067b9a1dbbb71aa1a5964bd7efb75822c73ffdef9ff118982e42b870c883229fa37eee228f3d11026574b06

    • SSDEEP

      6144:MbXE9OiTGfhEClq9528TfdRoWRg+lN/JJUm:oU9XiuiJ8DRxl5

    Score
    8/10
    discovery

    • Blocklisted process makes network request

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks