Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

GOLAYA-RUSSKAYA.exe

windows7-x64

8

GOLAYA-RUSSKAYA.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8e5aac0a961597e4e24cb14bf737240d

  • Size

    121KB

  • Sample

    240204-gdlaaaaff5

  • MD5

    8e5aac0a961597e4e24cb14bf737240d

  • SHA1

    dc0b801646c9a8534c97d3965bd368d074580e50

  • SHA256

    ad36375e1b1d0291ac090e95586a9a73d48252fdf6694f5ab43fdb14389440e7

  • SHA512

    c142625a4e86cdd7747d268160aa8166b2a1fd2c108cd2e869b307c5a70594c7bb21b7058f8a2b18d14f95fe02ae613ab16dd842b4c5150bb9460328b5de83b2

  • SSDEEP

    3072:jvgEL7Yo4PkH9sIbjF+bUl7UrtvgW3EcUJr+s2d7F7o:jvgEPYo4PkrM4lwFW3cto

Score
8/10
discovery

Malware Config

Targets

    • Target

      GOLAYA-RUSSKAYA.exe

    • Size

      239KB

    • MD5

      d141270ed4ca25be1fd7cd61f1d91f1a

    • SHA1

      b5860a78425caa29e00f575de4bcf8dc3314e966

    • SHA256

      eeb248baee68277a58652fa4a8a5c55357027be32389f6fd01c73bc4c3a1b8fd

    • SHA512

      510814a7ad4416d39372f347b774cb7170900a7fc6e7eb07f84212f861a586b406964f3599bd3533a9884c891fc75335eb7daaa562fe1e60ef2f3b7a7f85b110

    • SSDEEP

      6144:dbXE9OiTGfhEClq9npor2Iw7Wuq1IOlWJJUK:NU9XiuiSoTlc

    Score
    8/10
    discovery

    • Blocklisted process makes network request

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks