Overview

overview

8

Static

static

3

GOLAYA-DEVOCHKA.exe

windows7-x64

8

GOLAYA-DEVOCHKA.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0bebd609d97b3c78cc075bbe33bed942

  • Size

    89KB

  • Sample

    231230-c4yk3sdffj

  • MD5

    0bebd609d97b3c78cc075bbe33bed942

  • SHA1

    e4b7c72943238525fed21e3dbdcfeb45d23f8159

  • SHA256

    588990e04dfe361079538b8279c55651c2e4aa0dd1db059a07ce8c5d865ef58a

  • SHA512

    f922f239bcc4f658351826e8a830e9af1fce5099d97931d2c37df341db78ffc2c5dffd5bc7b2a5f4c04a9b23dd1902543d38a6058e01c1f534e6426025adf2b2

  • SSDEEP

    1536:Jvg1WKQmK74VzprUxe7kvLSPkIJNE9sq0Qs07tes/nqgxk5B3JxHKJISOuXsdQ5c:JvgEL7Yo4PkH9sIb8s/q6g3COHJ9bCMn

Score
8/10

Malware Config

Targets

    • Target

      GOLAYA-DEVOCHKA.exe

    • Size

      180KB

    • MD5

      b5bfc25ec5d0d2576975e6df14cee8f2

    • SHA1

      ff48876248f0f0ff668aa7d67e2243bd9a3fd465

    • SHA256

      e39b4d47bafb657aa37f821378b6140e21643173551f0c01adf8dbf4a3f0d748

    • SHA512

      aaaafcad061f3ce56aeb0a636fb375dbb8eda5d34e4ce743037ff90ec00b3cd972bbf671881f0a3fb3ab9a03f0782944454f78eed2cf33c72aff2e758e52ce6f

    • SSDEEP

      3072:fBAp5XhKpN4eOyVTGfhEClj8jTk+0hD+V64pfPFxI:ibXE9OiTGfhEClq9VzfPFa

    Score
    8/10

    • Blocklisted process makes network request

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks