31f4afd6a98f39bf2bf57e10bf7e93fbbe101416084f8e62255af114a97346e7 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

RUSSKAYA-GOLAYA.exe

windows7-x64

8

RUSSKAYA-GOLAYA.exe

windows10-2004-x64

8

Sharing

General

Target

a36461ad57fb84080379a99bf6b7a6fe
Size

128KB
Sample

240225-k2thcaha3s
MD5

a36461ad57fb84080379a99bf6b7a6fe
SHA1

cd39a749ad5faecb06287c1f92b207bc769093d3
SHA256

31f4afd6a98f39bf2bf57e10bf7e93fbbe101416084f8e62255af114a97346e7
SHA512

8bc60aae977c129e16d28a0d67b941066804878c1a17c84f85084094817539dfae7471aa7496571cd030103825b6b27119880cb0f05f070645f0c08e2f316785
SSDEEP

3072:YnHXMpxcGxFyhQ0bOqYoxIcEWubRRWIhQ/WD5K969+i:QHmGY/o0o+hBbR5hQODo96Ii

Score

8^/10

discovery

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

RUSSKAYA-GOLAYA.exe

Resource

win7-20240221-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

RUSSKAYA-GOLAYA.exe

Resource

win10v2004-20240221-en

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  RUSSKAYA-GOLAYA.exe
- Size
  
  239KB
- MD5
  
  759cb81096a6fde1b9ede08255248159
- SHA1
  
  cff5496d52b61098a04251c050c6e04b5ad13178
- SHA256
  
  9a00a517d51a4750fefc9fa7bb471a7ab9de1fbaf3d37ade6442682987a628a9
- SHA512
  
  8c44879a5a58addae21e521a87b5a3c6a466abb71dfc7e3db3026331f6b49cbbc27df4fc8f9e74cfcc1e69e64660bfd5cb3a0bf7096e48a385b9fa9df06c3794
- SSDEEP
  
  3072:QBAp5XhKpN4eOyVTGfhEClj8jTk+0hijkEDboYxU044U/1K+Cgw5CKHy:HbXE9OiTGfhEClq9YEXoyDjURJJUy
Score

8^/10

discovery
- Blocklisted process makes network request
- Drops file in Drivers directory
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.