Overview

overview

7

Static

static

3

Seven.exe

windows10-2004-x64

1

Seven.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Seven.zip

  • Size

    1.1MB

  • Sample

    240428-jw22vsbe5w

  • MD5

    800ee265e03f7e83e9905b6779087a68

  • SHA1

    5f2f74803ae7fe4303cf6a6e2dd698b16332a8af

  • SHA256

    96a64f2229b15be37129ffc610bb1f1e4b94bf8e222b357def21fd651c1e5fb8

  • SHA512

    abd88fb4ee04fa277ed29d00927af277f8abdc25e293d4a259476693955200d1db79b6ca359988c9c02df739d44563031758cf598a41a5e703c7fffa0b58ec50

  • SSDEEP

    24576:rPgX8bNd4bkeih5mKmWluqPZNlsGdmFkWPQjM3Ng+ZBqIYo3NqAO8:r3dskTyUuqV7dmF9PQ6g+vqxoRH

Score
7/10
spywarestealer

Malware Config

Targets

    • Target

      Seven.dll

    • Size

      1.0MB

    • MD5

      a5e2ce0811c52ead510a6caac245076f

    • SHA1

      680ab9931f7b9499cb00fbc9d5b5d3404fef7749

    • SHA256

      f7e37b6508ce55100b2cf9d22a9a0a5bd8698c6bd822a7982dc3107b862cc88f

    • SHA512

      d2c4fc571006a51767fdb2952a91c07dd9e3646c6807ab4b771fc635330f774f87ac56eed5e13574b0e609aed457f4c1efb555bac27dca8bb12b9f1dcccce260

    • SSDEEP

      24576:fAiJKf8bKyiT5igSWjoqjZdleGd+dk2h4RURN4+1DqAYo9TY:UfAKd6Ooq9ld+d1h4I4+xqpo

    Score
    1/10
    behavioral1

    • Target

      Seven.exe

    • Size

      139KB

    • MD5

      6503f847c3281ff85b304fc674b62580

    • SHA1

      947536e0741c085f37557b7328b067ef97cb1a61

    • SHA256

      afd7657f941024ef69ca34d1e61e640c5523b19b0fad4dcb1c9f1b01a6fa166f

    • SHA512

      abc3b32a1cd7d0a60dd7354a9fcdff0bc37ec8a20bb2a8258353716d820f62d343c6ba9385ba893be0cca981bbb9ab4e189ccfeee6dd77cc0dc723e975532174

    • SSDEEP

      3072:miS4omp03WQthI/9S3BZi08iRQ1G78IVn27bSfcJd8lto:miS4ompB9S3BZi0a1G78IVhcTct

    Score
    7/10
    spywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

1
T1552

Credentials In Files

1
T1552.001

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks