General
-
Target
Seven.zip
-
Size
1.1MB
-
Sample
240428-bhv3dsce84
-
MD5
1d417165bf6ac9d4cca5a1ddbade4385
-
SHA1
4e4e3cca1c4e6c7212c71be6fd83826ea4fa8a0a
-
SHA256
fc4013d9e78d2a01af336047eb3ec81cf5f3414389770965f2411b919cfbd8d9
-
SHA512
eec1b63f79c1932821f4b1abec3775c0d3274e07bf43729fd8369302510dec876fba0b87a311d9bc41bffeb143452484bd0f637771a450efb7a9e819e1a5237e
-
SSDEEP
24576:Xecbg8USB8LEI+ab9Ei55OhpNWtEqp71lIudQkhEALkvX5AM1SyrjK1:XbbkHR9VUzYEqBjdQh8kf2L
Static task
static1
Behavioral task
behavioral1
Sample
Seven.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
Seven.dll
-
Size
1.0MB
-
MD5
f63b415b310e811b1b37cc99d0b464e2
-
SHA1
8e14fcf9a4e96fed39bee29761fc36bc5bdec0b4
-
SHA256
f5a82dd7a7933a1a416b0755a9582e3ef3f8d4807b10ea2a45b3812fb5c271d5
-
SHA512
1203fe972621e3c24a175ab7bb8b5f966e5d0a455cbe949181f0516cb6b15243035b4bddb6774fc90cd18b0dc93b57472bfd15d742c8d12309325c556948f411
-
SSDEEP
24576:NAiJqEAwab98iF5IhDDWDwqj7tloudYchE0TCX3J+Al8algr:+99dCXewqrDdY54CHg
Score1/10 -
-
-
Target
Seven.exe
-
Size
139KB
-
MD5
6503f847c3281ff85b304fc674b62580
-
SHA1
947536e0741c085f37557b7328b067ef97cb1a61
-
SHA256
afd7657f941024ef69ca34d1e61e640c5523b19b0fad4dcb1c9f1b01a6fa166f
-
SHA512
abc3b32a1cd7d0a60dd7354a9fcdff0bc37ec8a20bb2a8258353716d820f62d343c6ba9385ba893be0cca981bbb9ab4e189ccfeee6dd77cc0dc723e975532174
-
SSDEEP
3072:miS4omp03WQthI/9S3BZi08iRQ1G78IVn27bSfcJd8lto:miS4ompB9S3BZi0a1G78IVhcTct
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Disables cmd.exe use via registry modification
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Drops desktop.ini file(s)
-
Drops file in System32 directory
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Create or Modify System Process
1Windows Service
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1