Overview

overview

8

Static

static

3

RUSSKAYA-GOLAYA.exe

windows7-x64

8

RUSSKAYA-GOLAYA.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    087150598b2dd0efdafec8ad458cf5bc_JaffaCakes118

  • Size

    87KB

  • Sample

    241002-cxw4nswepc

  • MD5

    087150598b2dd0efdafec8ad458cf5bc

  • SHA1

    b8631cbb7f336889ea1f9015064d36fe86254f77

  • SHA256

    f76f106be9432e5b9f83a92361d55cf2f889ea8655a48ebcc858f3567481cdaf

  • SHA512

    0cd324dc7deb13c41fe8db6ee14914937eac9033d7a856205510042b61fae6b6fc2c74b64a271f0bf3331a26ce0e02b055e7d4b96e5416b2c9be8a37ab0d8aa8

  • SSDEEP

    1536:/vg1WKQmK74VzprUxe7kvLSPkIJNE9sq0Qs07tta3wcpFFtSJJr5pNLK3:/vgEL7Yo4PkH9sIbr+wcJtSJTpNLK3

Score
8/10
discovery

Malware Config

Targets

    • Target

      RUSSKAYA-GOLAYA.exe

    • Size

      180KB

    • MD5

      3e080ab7ed40be06a0da9f17c44bd6ec

    • SHA1

      8f4dd15b0cb7fefa1d5f64e5dfb786a7a1dc05f8

    • SHA256

      b569cbf09e89d5a87e21892099a4f6e76dcaad568af02793fa3149fc6e5e461b

    • SHA512

      7e3b54939793fa1554759d8c8ac93696fe1c8fa5ff0423457ba2cced679ff13a800d5f3cff6ec8e71cc504e910b2766b486b98b47575c6abb83d6ef885d03fed

    • SSDEEP

      3072:vBAp5XhKpN4eOyVTGfhEClj8jTk+0hgVL8ON:ybXE9OiTGfhEClq9zJ

    Score
    8/10
    discovery

    • Blocklisted process makes network request

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks