Overview

overview

8

Static

static

3

RUSSKAYA-GOLAYA.exe

windows7-x64

8

RUSSKAYA-GOLAYA.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    4f2b8409fcd95809193165b2135bd06c

  • Size

    90KB

  • Sample

    240110-beew1aahak

  • MD5

    4f2b8409fcd95809193165b2135bd06c

  • SHA1

    e5925a1462a172cca961d31807da81637738323c

  • SHA256

    98b47939c6de28dc4883e111eeabefdd901c479847b49eaaae153e0121df57ba

  • SHA512

    a5b92c9dffe71581ecbac7cbcc22a57b296b7eec32e5e63256597aa5cfa88e141bb43250736a4567f615e6c982ac54f0c252f51c4f0cfc9e55a727c08028b2e7

  • SSDEEP

    1536:LkDro9Ash6VQZtlRtQlQ7pYw/zQymCJVVBZHITMOHysSTj1B9Ip9fWRYVBXAgOnW:oDvsEU8lGpD/NZBZHlGysSTBB9Ip9cYh

Score
8/10

Malware Config

Targets

    • Target

      RUSSKAYA-GOLAYA.exe

    • Size

      180KB

    • MD5

      7d84bffc4315a67dcb9e07cd72c62134

    • SHA1

      a2113287b44c2f5678ae36ee178c35917b07ae0c

    • SHA256

      9e8b5fde5643d97f3d56b24eec2731f6ee896154c9711710f80aee4f3ffcd2cb

    • SHA512

      737b08471d1741397befe4f7435bf2bd17d64f7e79e78850b14e63c2800598d8c99758fb786f1788336f3bef9f68f16f310b4a7fc2a0b1dbf04c419af1d899a9

    • SSDEEP

      3072:bBAp5XhKpN4eOyVTGfhEClj8jTk+0hq4zRQhFS:GbXE9OiTGfhEClq9boWe

    Score
    8/10

    • Blocklisted process makes network request

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks