General
-
Target
Seven.zip
-
Size
1.1MB
-
Sample
240428-anzgbscb3s
-
MD5
0ab09f51bee81c0fa65b9b062719a0cc
-
SHA1
7a04e46e29c846b9f6eaef008930edcce78262e6
-
SHA256
f95fad91a4492faf1727f2e51defc1d461b3156c86f84f696b94c06a5024f61c
-
SHA512
c06e8a381484998376ede8758fe810ac94fca195da7d53e567c34e1cff735f4ec51d3b446873672653ef8a8a378438ba9c836a550597ad2f3f48a2bb7718ad54
-
SSDEEP
24576:X9pYNeRE8asb9CiB50hpJWduqF7blOud4+hEexBgnBtWyb2anPPk:XNZf9/O/YuqjJd4LI6BoV
Static task
static1
Behavioral task
behavioral1
Sample
Seven.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
Seven.dll
-
Size
1.0MB
-
MD5
255fdbd6444a2d52b18deee047f75f86
-
SHA1
c63fa6cc6775db3d710170326bf2fa4ebc67236d
-
SHA256
6715d5638705558f084b2997826b89f0de61dbb9c1ef0d4a80835243aa8df110
-
SHA512
3155d40eea1a11c2a560f001a41b488cb180f51370048a3b8b9a8afdf562dd3dec360f2dc17342590f1c41a805beb52907f245b4577308424cfa2763c72097a8
-
SSDEEP
24576:5AiJqEAwab98iF5IhDDWDwqj7tloudYchE0TCX3J+Al8algr:y99dCXewqrDdY54CHg
Score1/10 -
-
-
Target
Seven.exe
-
Size
139KB
-
MD5
6503f847c3281ff85b304fc674b62580
-
SHA1
947536e0741c085f37557b7328b067ef97cb1a61
-
SHA256
afd7657f941024ef69ca34d1e61e640c5523b19b0fad4dcb1c9f1b01a6fa166f
-
SHA512
abc3b32a1cd7d0a60dd7354a9fcdff0bc37ec8a20bb2a8258353716d820f62d343c6ba9385ba893be0cca981bbb9ab4e189ccfeee6dd77cc0dc723e975532174
-
SSDEEP
3072:miS4omp03WQthI/9S3BZi08iRQ1G78IVn27bSfcJd8lto:miS4ompB9S3BZi0a1G78IVhcTct
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Drops file in System32 directory
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Create or Modify System Process
1Windows Service
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1