Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

GOLAYA-BABE.exe

windows7-x64

8

GOLAYA-BABE.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f9b2cba23dfe15ec85db324f4bc7cf3b_JaffaCakes118

  • Size

    78KB

  • Sample

    240419-g7pvkaah46

  • MD5

    f9b2cba23dfe15ec85db324f4bc7cf3b

  • SHA1

    0db5668e7c88b63db0fe9b7cecbc14f22bf43ba1

  • SHA256

    09822a9e0ed2148b5f128663d49d79813d9a21e93504d9cea74ff1645bd094e6

  • SHA512

    3c761e8f0ed02c72474539decc9e4ec75a91304688ef6a34f1ddb87b235869a8974669728d9a65b2c4841f6e98b1909e7fccc215c6a251eec5ebb63dd04d4c6e

  • SSDEEP

    1536:8QwfwimgTY23tG90wIsWfHlWKSd+QSqWU5FJ2hZ+cYS4BHKFJtBf9ntlsp0Og:8noimg13tG90HdQ3Sqtlm+VSFJ/lntl7

Score
8/10

Malware Config

Targets

    • Target

      GOLAYA-BABE.exe

    • Size

      180KB

    • MD5

      2e7d20079b41b69b3b16ecbd895be189

    • SHA1

      c63b1f1a9ec96ca7b0fc0d92bc082593e1df85e0

    • SHA256

      8aac418dfae104c626385ba620705f3d8f83ad9753020474a7fd41db3e808fc6

    • SHA512

      ab1326e5b177a7d32f7d97c0d3efce235df0da4d2b2faf40528fe399e0adccb6e7c67c2aac07f15294be6c23f12b966c9fc3135d9b8f561e99f10a5ad98532e9

    • SSDEEP

      3072:TBAp5XhKpN4eOyVTGfhEClj8jTk+0h6eXmUS:+bXE9OiTGfhEClq9deXY

    Score
    8/10

    • Blocklisted process makes network request

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks