General
-
Target
Seven.zip
-
Size
1.1MB
-
Sample
240428-j3j5mabf5y
-
MD5
9e9e5dc67cf80b6dee828cf1514bbbcf
-
SHA1
2823c47ec80de819ad799517ace3f5907b2fbe54
-
SHA256
722ae3dfc0ff26ee5c59193ce1bcfa8eee38db2918b1beefaa28e2d5acad5f1a
-
SHA512
1f72a6e418128c41411b306c5f73f216f40688d3c2d26c5f9e995f5cd140f3241f0b5f10f0040f1c556df719f650db687db318df2480e8ad16d6ccdca697488d
-
SSDEEP
24576:rKgX8bhZfHein5okU8WxqqX7zlEudsnaF/sGdHhLqX3DuIuabIUUM:rAhHFb1EqqVzdsnaF0GzqHDvbIUV
Static task
static1
Behavioral task
behavioral1
Sample
Seven.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
Seven.dll
-
Size
1.0MB
-
MD5
a23dcb9743fc0217e01abbf2cd39c02b
-
SHA1
90a1fb12f5d077f1ab53941dfad8d88b233194d3
-
SHA256
667f5709d680cb5ff6e743dc8cb3e293e8221b9f526a781a47f9ab3e0a472232
-
SHA512
82debfc0d3c923ad3367520cf624b5fa754cf1e96e941e5e42000f8fbfdcec757548a3e90a2b0b08f95125115d036b03530cbc85ea71b509c57cac6b097240d8
-
SSDEEP
24576:cAiJG5f/8iB5wqUwWj6qj71l+udMXYXH4qrPRLUDnDAkW:BB/5nZC6qD1dMXYXYqxU7D
Score1/10 -
-
-
Target
Seven.exe
-
Size
139KB
-
MD5
6503f847c3281ff85b304fc674b62580
-
SHA1
947536e0741c085f37557b7328b067ef97cb1a61
-
SHA256
afd7657f941024ef69ca34d1e61e640c5523b19b0fad4dcb1c9f1b01a6fa166f
-
SHA512
abc3b32a1cd7d0a60dd7354a9fcdff0bc37ec8a20bb2a8258353716d820f62d343c6ba9385ba893be0cca981bbb9ab4e189ccfeee6dd77cc0dc723e975532174
-
SSDEEP
3072:miS4omp03WQthI/9S3BZi08iRQ1G78IVn27bSfcJd8lto:miS4ompB9S3BZi0a1G78IVhcTct
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Disables cmd.exe use via registry modification
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops desktop.ini file(s)
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Create or Modify System Process
1Windows Service
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1