Overview

overview

8

Static

static

3

RUSSKAYA-GOLAYA.exe

windows7-x64

8

RUSSKAYA-GOLAYA.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    7945272b03a0948c65a2c82a5ddf4359

  • Size

    78KB

  • Sample

    231226-szychsegf7

  • MD5

    7945272b03a0948c65a2c82a5ddf4359

  • SHA1

    c39bc76af2f8d9ecee7b133eb849b86e03e8824f

  • SHA256

    895ef37ec886fc6e6c33f65ddbf0baa683aadc3b0bc99c1426c630da4682c545

  • SHA512

    c14ec36d20393c154d8856534a0c3de6269877adfb4741f27aaa2bdcc10dbb26a4833bd93ba6088d731f4501e564ea735cb3c2bb986410ccfa81bd92926b67bc

  • SSDEEP

    1536:HQwfwimgTY23tG90wIsWfHlWKSd+QSqWU5FMQCoFuJlmSKV/I0JZXdLxoSg5Kgm2:Hnoimg13tG90HdQ3Sqt2oFUU5/IOBdLW

Score
8/10

Malware Config

Targets

    • Target

      RUSSKAYA-GOLAYA.exe

    • Size

      180KB

    • MD5

      55e47874ef9912a4309c4c90af7b67f8

    • SHA1

      bda07533ed744d3c78ee34ab416d883504212e3e

    • SHA256

      c3199ed5f9a3d4e51e4ff8287875a04a91602e348dcef11c403e90d96eea59f7

    • SHA512

      d01550350e18c0507e8f45e1a970cfd6bfa910c2a334fe65ffc26f7347e9b967906a950bd6918fa2c19aebfdf087f2f82bf3a47e96af1ef903697d3672edad36

    • SSDEEP

      3072:TBAp5XhKpN4eOyVTGfhEClj8jTk+0h6ejmo:+bXE9OiTGfhEClq9dejD

    Score
    8/10

    • Blocklisted process makes network request

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks