General
-
Target
Seven.zip
-
Size
1.1MB
-
Sample
240428-dd779see82
-
MD5
0dd198c14b2006be7d335452523034ba
-
SHA1
20062a6cee35a04be08bbe9fc629c069135cb71a
-
SHA256
6b6b6baace50478d438324b1bbf37559fe2b16d16351c52f0a341df569bf4c26
-
SHA512
e070901cda4b5968c6632afec34804a8d4c5c3a5440d20ac9371b96479bd069feee4a5877b50b71fc402cc291b2768873708898b10d064e8d51d936ef1d0b8bf
-
SSDEEP
24576:rFNiMLLGPTdWmi75GXvW92qLZ5l2cdwWlkKIlKflCncKRLgdUc4LNa:rOMLsdWBIA2ql7dwhlKd51Uc4U
Static task
static1
Behavioral task
behavioral1
Sample
Seven.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
Seven.dll
-
Size
1.0MB
-
MD5
b34d5d687027d4db6eb96b29bfc78c51
-
SHA1
b2061ceacf392aff7c5425a7450cca518020daad
-
SHA256
f890e711cb314a763d8469c98b526640762072160252eb94445c1392e892211e
-
SHA512
79ddc3c9caba8a25b0ad9a5aac3d1e59b2c269159e5899aeeb2f5987c960267d90dce5d525bf2130c2ca3db81822d9d9040f3786836c54fece304fbb339b96e3
-
SSDEEP
24576:eAiJeI6iR5gpvWh4qjZjlMcdYCNkK+j41ZQJ0AXP0Zc4L:pIXe84qDZdYxj4v1jc4
Score1/10 -
-
-
Target
Seven.exe
-
Size
139KB
-
MD5
6503f847c3281ff85b304fc674b62580
-
SHA1
947536e0741c085f37557b7328b067ef97cb1a61
-
SHA256
afd7657f941024ef69ca34d1e61e640c5523b19b0fad4dcb1c9f1b01a6fa166f
-
SHA512
abc3b32a1cd7d0a60dd7354a9fcdff0bc37ec8a20bb2a8258353716d820f62d343c6ba9385ba893be0cca981bbb9ab4e189ccfeee6dd77cc0dc723e975532174
-
SSDEEP
3072:miS4omp03WQthI/9S3BZi08iRQ1G78IVn27bSfcJd8lto:miS4ompB9S3BZi0a1G78IVhcTct
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Disables cmd.exe use via registry modification
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Create or Modify System Process
1Windows Service
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1