Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

RUSSKAYA-GOLAYA.exe

windows7-x64

8

RUSSKAYA-GOLAYA.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    13e689b8bfe43ca37a0009bc315af3dc_JaffaCakes118

  • Size

    90KB

  • Sample

    241004-stblka1glr

  • MD5

    13e689b8bfe43ca37a0009bc315af3dc

  • SHA1

    7ddc8b5cfccb883e0931c2aee06baa3623860d2f

  • SHA256

    832d74bc668d27b9780da9cb9d59077906a197177fa0f05e55c24cfd76fbf79d

  • SHA512

    f1ad7610445c64bc041494e14edffe7f45cb6c85d7602750fd92383f339707b617e5227bd49be3f79fb8140c1f894af224c50ad7dfcb8e86039fc77b3104483f

  • SSDEEP

    1536:+kDro9Ash6VQZtlRtQlQ7pYw/zQymCJVVBZHITMOHysSTj1B9Ip9fWRYVBXAgOnI:VDvsEU8lGpD/NZBZHlGysSTBB9Ip9cYp

Score
8/10
discovery

Malware Config

Targets

    • Target

      RUSSKAYA-GOLAYA.exe

    • Size

      180KB

    • MD5

      4f0501d3741234b99f31ed8b7caad73c

    • SHA1

      b64354ecd96279f8eb9b9fbdeb9696cbae1458bb

    • SHA256

      f715c0b6d8971f65335ba0c4499e82c7f56df615209c7b5b30d79bb79f2c9b6d

    • SHA512

      373397915c7e9251b1a24359722efbf13f2c6b5081f8208fe8572c7bf94fa2c0bb4ac1064ff3dbc1fd0d84ac82820ecc20341cb1393b5c35df8a61f8b1623a4d

    • SSDEEP

      3072:bBAp5XhKpN4eOyVTGfhEClj8jTk+0hq4zRQhF4:GbXE9OiTGfhEClq9boWk

    Score
    8/10
    discovery

    • Blocklisted process makes network request

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks