Overview

overview

8

Static

static

3

GOLAYA-TOPLESS.exe

windows7-x64

4

GOLAYA-TOPLESS.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    24812764621783dad2f0d6ec41da44f5

  • Size

    88KB

  • Sample

    231231-cyx3csfdfr

  • MD5

    24812764621783dad2f0d6ec41da44f5

  • SHA1

    0c339aeee24a98ecae44e2d3e89e9a599d1c6cad

  • SHA256

    a21973259874074601addf2d845658e98020b99381e244e58773fed3f3780a87

  • SHA512

    57fc1602a437d40f49c8b9ef1acb4e77a860425db3f62752ad90939898a517fc4b5ee4c3d41e708092e549238919bad68ba575db9822db4a1ae9f0377d2c8aeb

  • SSDEEP

    1536:8QwHfvMS0xcGxFyhQkrnb1Mq9WbB7fS+lE+dFNpRD+xIh7N0YNPrEiJolmX:8nHXMpxcGxFyhQ0bOqYxf7v3YKj3JoUX

Score
8/10

Malware Config

Targets

    • Target

      GOLAYA-TOPLESS.exe

    • Size

      180KB

    • MD5

      f28c1e58c5766a111297588e8ab02361

    • SHA1

      3d55a55fd6d193d32742fe89bf6041f9182ee447

    • SHA256

      6e239da433517b0856f91d212baebdf1963d80ba6c546a440da19121580818ca

    • SHA512

      e09add020c39a8fa5b14f094679daa9d0645f4c0fe39a33194e9c4c3cdadee05986904084387437203387d97be4381c9714e47451aff01e6a7e6fcb5ec9797fd

    • SSDEEP

      3072:6BAp5XhKpN4eOyVTGfhEClj8jTk+0hL/eSZZvLf6CNsPrXJ8WYQKaLba:JbXE9OiTGfhEClq90GSZZvLCCNsPrXJa

    Score
    8/10

    • Blocklisted process makes network request

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks