Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

GOLAYA-DEVOCHKA.exe

windows7-x64

8

GOLAYA-DEVOCHKA.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bbba23cef55969a1c612dfdc8dc1c8f9

  • Size

    78KB

  • Sample

    240308-tznzhsbg76

  • MD5

    bbba23cef55969a1c612dfdc8dc1c8f9

  • SHA1

    68026a27bd639d803b6de9e62a3a53a9a3dd5ad4

  • SHA256

    3c50bf2628fc2e0615aad14a072049d9b334d00cecc23c6838a0972400bc139e

  • SHA512

    55b3dd2d10dee9a32e5bee9322942c242b7a56e55a4835387fc4920a358651bbc42c59ccdb9a9762d1914df08ab9dd6b6f7dfd715fb8a0fe7ac6769adbd76410

  • SSDEEP

    1536:JQwfwimgTY23tG90wIsWfHlWKSd+QSqWU5FJ2hZ+cYS4BHKFJtBf9ntlsp0Ov:Jnoimg13tG90HdQ3Sqtlm+VSFJ/lntls

Score
8/10

Malware Config

Targets

    • Target

      GOLAYA-DEVOCHKA.exe

    • Size

      180KB

    • MD5

      2e7d20079b41b69b3b16ecbd895be189

    • SHA1

      c63b1f1a9ec96ca7b0fc0d92bc082593e1df85e0

    • SHA256

      8aac418dfae104c626385ba620705f3d8f83ad9753020474a7fd41db3e808fc6

    • SHA512

      ab1326e5b177a7d32f7d97c0d3efce235df0da4d2b2faf40528fe399e0adccb6e7c67c2aac07f15294be6c23f12b966c9fc3135d9b8f561e99f10a5ad98532e9

    • SSDEEP

      3072:TBAp5XhKpN4eOyVTGfhEClj8jTk+0h6eXmUS:+bXE9OiTGfhEClq9deXY

    Score
    8/10

    • Blocklisted process makes network request

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks