Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

RUSSKAYA-GOLAYA.exe

windows7-x64

8

RUSSKAYA-GOLAYA.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a36461ad57fb84080379a99bf6b7a6fe

  • Size

    128KB

  • Sample

    240225-k2thcaha3s

  • MD5

    a36461ad57fb84080379a99bf6b7a6fe

  • SHA1

    cd39a749ad5faecb06287c1f92b207bc769093d3

  • SHA256

    31f4afd6a98f39bf2bf57e10bf7e93fbbe101416084f8e62255af114a97346e7

  • SHA512

    8bc60aae977c129e16d28a0d67b941066804878c1a17c84f85084094817539dfae7471aa7496571cd030103825b6b27119880cb0f05f070645f0c08e2f316785

  • SSDEEP

    3072:YnHXMpxcGxFyhQ0bOqYoxIcEWubRRWIhQ/WD5K969+i:QHmGY/o0o+hBbR5hQODo96Ii

Score
8/10
discovery

Malware Config

Targets

    • Target

      RUSSKAYA-GOLAYA.exe

    • Size

      239KB

    • MD5

      759cb81096a6fde1b9ede08255248159

    • SHA1

      cff5496d52b61098a04251c050c6e04b5ad13178

    • SHA256

      9a00a517d51a4750fefc9fa7bb471a7ab9de1fbaf3d37ade6442682987a628a9

    • SHA512

      8c44879a5a58addae21e521a87b5a3c6a466abb71dfc7e3db3026331f6b49cbbc27df4fc8f9e74cfcc1e69e64660bfd5cb3a0bf7096e48a385b9fa9df06c3794

    • SSDEEP

      3072:QBAp5XhKpN4eOyVTGfhEClj8jTk+0hijkEDboYxU044U/1K+Cgw5CKHy:HbXE9OiTGfhEClq9YEXoyDjURJJUy

    Score
    8/10
    discovery

    • Blocklisted process makes network request

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks