Overview

overview

8

Static

static

3

GOLAYA-SEXY.exe

windows7-x64

8

GOLAYA-SEXY.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    8b99974039c8ace597dd1e927d7335b7

  • Size

    84KB

  • Sample

    240203-gw843aahb9

  • MD5

    8b99974039c8ace597dd1e927d7335b7

  • SHA1

    d8fb1d899b475d906465dc893bbaf381542b47df

  • SHA256

    010c1f564d8c1026f08a65c9b4bf904ccea411e2e39638b3237bb760511cd7f3

  • SHA512

    768152eaaa541f6ccd1fc701bc862a4c0ab3ee79372b6ce026f6908be9989cdda6d321ade4420658d4a1c10d3bd0a7ebaec23a43e1528d16f165f3304425c0a0

  • SSDEEP

    1536:mQwHfvMS0xcGxFyhQkrnb1Mq9WbDkg0VOiB+BoBcuZqZUBgVW7NY7:mnHXMpxcGxFyhQ0bOqYj0M5OyqqM7NY7

Score
8/10

Malware Config

Targets

    • Target

      GOLAYA-SEXY.exe

    • Size

      181KB

    • MD5

      3f3f35a78689a29a598c14a9fd9aa3c3

    • SHA1

      62c154bb8cbffc5eda9737b898fff0da0a59d0c7

    • SHA256

      b9da462914ae7cfe9f04e712d5a61569fadc10e36e337206f8cc47d199ca0631

    • SHA512

      748dba9c36ef0808f08e24963fce9f47538c8f619d7e2e8a65dc6f94d6b8ef8de49b158b778af3de96ce46d01b3c14f1042e3ae8a7d48e13e751965200faabe2

    • SSDEEP

      3072:xBAp5XhKpN4eOyVTGfhEClj8jTk+0hUEQT3/e:0bXE9OiTGfhEClq9rEQa

    Score
    8/10

    • Blocklisted process makes network request

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks