Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

GOLAYA-DEVOCHKA.exe

windows7-x64

8

GOLAYA-DEVOCHKA.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5999646e2e8108f6f2b0b21d94b36a39

  • Size

    84KB

  • Sample

    240113-2l6w6sgdb6

  • MD5

    5999646e2e8108f6f2b0b21d94b36a39

  • SHA1

    6c24c8a7789eb85419b4ef28ac73dc687e6621aa

  • SHA256

    7bed1ed539113b764e25e2d21a87daf4f3be935b8bc000b98ec4fb96ca910d60

  • SHA512

    3d9b7bb10cb2a5c0cb81f3d95087cef0c5e33644d6ffff0ce05d8bd09ee69dcae0351095841c6a0565822c6bce34d8e6d401b454bfc538b638a4104d51be5b22

  • SSDEEP

    1536:sQwHfvMS0xcGxFyhQkrnb1Mq9WbTs4AWf8VGKwki4JG/PZd1Z5QE:snHXMpxcGxFyhQ0bOqY/X8VGKEyG/xh9

Score
8/10

Malware Config

Targets

    • Target

      GOLAYA-DEVOCHKA.exe

    • Size

      181KB

    • MD5

      c1eac9961bf688d75ec96b4d38eedfde

    • SHA1

      af7224a1329c61d9057496428cb95c7cebb3f584

    • SHA256

      de19911598a83d5b504cf7b4c24f5f6f8b68dcc6b72b8f79c3b2d353c93accfd

    • SHA512

      c0f76c82c57da5f52deafd3c7b6ec17dcf9653d4ac7f488645743cd61f43dcf196d6647fa6de2345c8ada61a03aeba2b73d9bdd7162689df0a816311ebc9e01a

    • SSDEEP

      3072:xBAp5XhKpN4eOyVTGfhEClj8jTk+0hUEQT3a3:0bXE9OiTGfhEClq9rEQo

    Score
    8/10

    • Blocklisted process makes network request

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks