Overview

overview

8

Static

static

3

GOLAYA-RUSSKAYA.exe

windows7-x64

8

GOLAYA-RUSSKAYA.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8e5aac0a961597e4e24cb14bf737240d

  • Size

    121KB

  • Sample

    240204-gdlaaaaff5

  • MD5

    8e5aac0a961597e4e24cb14bf737240d

  • SHA1

    dc0b801646c9a8534c97d3965bd368d074580e50

  • SHA256

    ad36375e1b1d0291ac090e95586a9a73d48252fdf6694f5ab43fdb14389440e7

  • SHA512

    c142625a4e86cdd7747d268160aa8166b2a1fd2c108cd2e869b307c5a70594c7bb21b7058f8a2b18d14f95fe02ae613ab16dd842b4c5150bb9460328b5de83b2

  • SSDEEP

    3072:jvgEL7Yo4PkH9sIbjF+bUl7UrtvgW3EcUJr+s2d7F7o:jvgEPYo4PkrM4lwFW3cto

Score
8/10
discovery

Malware Config

Targets

    • Target

      GOLAYA-RUSSKAYA.exe

    • Size

      239KB

    • MD5

      d141270ed4ca25be1fd7cd61f1d91f1a

    • SHA1

      b5860a78425caa29e00f575de4bcf8dc3314e966

    • SHA256

      eeb248baee68277a58652fa4a8a5c55357027be32389f6fd01c73bc4c3a1b8fd

    • SHA512

      510814a7ad4416d39372f347b774cb7170900a7fc6e7eb07f84212f861a586b406964f3599bd3533a9884c891fc75335eb7daaa562fe1e60ef2f3b7a7f85b110

    • SSDEEP

      6144:dbXE9OiTGfhEClq9npor2Iw7Wuq1IOlWJJUK:NU9XiuiSoTlc

    Score
    8/10
    discovery

    • Blocklisted process makes network request

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.