Overview

overview

7

Static

static

3

Seven.exe

windows10-2004-x64

1

Seven.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    Seven.zip

  • Size

    1.1MB

  • Sample

    240427-dh8dtshf43

  • MD5

    8dd335f425034225d70adf5a64aa5dfd

  • SHA1

    1bf9bb20ebbf96ed748c692b4285dfe92f205b02

  • SHA256

    d56700971270686888ec9226178d2dcc3ad69ab7614b0522855850dd446b0be4

  • SHA512

    07dfd9d04402f386a22d605ef3a6e5981f0bf270f62423e7eb58999fac5d11566d818434a399bd51dada5bcf5368cb1c17fbdac081a89c1c6cb038b4759d2c51

  • SSDEEP

    24576:L1Io38LZgQiR5YZejW/6qx5plcid2mYeN81QtAAmTMxHP:LKgB48C6qrfd2AN8+tj

Score
7/10

Malware Config

Targets

    • Target

      Seven.dll

    • Size

      1.0MB

    • MD5

      3b85d801f9a223013513c4398ae62aba

    • SHA1

      0fc5e5649cdc486e4d7da65720640b76a6990a38

    • SHA256

      fb2ad73b32bc89eaacdbdc57e99a5e96110089c57b02b771e0b4cab985f1c7a4

    • SHA512

      db1b3164d603ffa06ff1e7eae04a1ad4ff456eaf4c815f0b4dae8b042746c12d3e4b5d0b12c8d536a027915b4aa587205f3bde919f06b09f5540aa405eea1941

    • SSDEEP

      24576:aAiJEwKiB5MZoxWhqqj5dlQidacYON2lulAiOJerO4:Nw3MCYqqdbdaqN2Ml

    Score
    1/10
    behavioral1

    • Target

      Seven.exe

    • Size

      139KB

    • MD5

      350273e0d2e8a9ba5e37b791016112a0

    • SHA1

      5bfb616dd46f67d1dcbbff55ca5917ffc1ec8b71

    • SHA256

      27297bf8139bea755e9297e7e1489d827d1ee09a8e1d94a3ef96a2edb2de61ba

    • SHA512

      b1e768524b4e840bd5f4163205122dd1725583245d8bfd5cbd89eb21a5fb9d33aff1b7b0ca42132b7dae469e025068ae663b3b02ad59927a558dc340141ec91b

    • SSDEEP

      3072:miS4omp03WQthI/9S3BZi08iRQ1G78IVn27bSfcJd8ltw:miS4ompB9S3BZi0a1G78IVhcTct

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Drops desktop.ini file(s)

    • Drops file in System32 directory

    behavioral2

MITRE ATT&CK Enterprise v15

Tasks