General

  • Target

    a0757bbc553943597a8417f3fcafb6f2

  • Size

    79KB

  • Sample

    240223-116z2saa26

  • MD5

    a0757bbc553943597a8417f3fcafb6f2

  • SHA1

    adb6b11776476664d5b54334e489581f88644e82

  • SHA256

    5932c40633f064d040034a12bcddc56ca708116df6722903dee7e9a26c27b9e7

  • SHA512

    6201fc8fba75385ee2f18d6ca0e17060c781abf699f38cd6236b31303cd06557f82375fefe99fe01a2cc50c6bfc212907dd81f87b2085977fd199fbcf1441b99

  • SSDEEP

    1536:9QwHfvMS0xcGxFyhQkrnb1Mq9Wb1dVf4SSR5KoVjr6HC:9nHXMpxcGxFyhQ0bOqY5dWSIUoUHC

Score
8/10

Malware Config

Targets

    • Target

      GOLAYA-SEXY.exe

    • Size

      180KB

    • MD5

      60cbfc2f232c3190b9772c91d643e1ef

    • SHA1

      a3faa948e0bb149845b14b9e8d99bbf834893d52

    • SHA256

      405b0ed35de635046a977e7cb4a17c709d9471169fac1a493cfa4995497b2783

    • SHA512

      d9ac65966310962dcf173d0d24cb09e1b0201a1b558ea4904056c05bea1c3d2215a191de6acca12475e12ecdf988781ce94238de2e12b0c5f6e880379e2e9633

    • SSDEEP

      3072:OBAp5XhKpN4eOyVTGfhEClj8jTk+0hJiaqR//1Wcjej5EqhnBWz9T6M39rI2S:lbXE9OiTGfhEClq9mqR//1Wcjej5Eqhr

    Score
    8/10
    • Blocklisted process makes network request

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks