General
-
Target
Seven.zip
-
Size
1.1MB
-
Sample
240428-kqfr4scb9w
-
MD5
041c52fb40ed624159eceeb49dfa1a8a
-
SHA1
1344e7dcac5205514c540a4c2f2cacda9c8d15bd
-
SHA256
9ab6ff2c7ecf0bef297c8b0b58122c42e18e087665d043aff7a9d3d02641f86f
-
SHA512
f0873744d77000f4c95082245d38ef413822d6ea68c40b7e446a708021f23aad15e4193b1bcd4ae0aef5da45121d709e6f9220f2cacd8c9abc8572d2958c2d29
-
SSDEEP
24576:rpEW6Xkuspb0ij5ELfW9mqbbLlQsdmDsWkzcVvmZBszSg9a9:rFzpbDQfMmqp9dmQWkzctm3SC
Static task
static1
Behavioral task
behavioral1
Sample
Seven.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
Seven.dll
-
Size
1.0MB
-
MD5
29297b690d4bb0543d3e9ebbe1555d8f
-
SHA1
847133ce34c5fc98e460793882a0aa20a9156805
-
SHA256
c0a2826eba6f61dbb8dd76bd6dd2459a2cf4849691edd8156333f22d403f6219
-
SHA512
3b83c60518f1294660e63e7c88ed6368762f214b726e3837f93d7905910f66a2b310004c5c9f733961eb61c0ba3821501caba41952cd7fa5193bb5bc610bd66e
-
SSDEEP
24576:kAiJNu23T0i558nhWjoqjbDlCsdU9sC+ZujdAhjANmgI:6L3TJyhmoq5ndUKC+Zu5AN
Score1/10 -
-
-
Target
Seven.exe
-
Size
139KB
-
MD5
6503f847c3281ff85b304fc674b62580
-
SHA1
947536e0741c085f37557b7328b067ef97cb1a61
-
SHA256
afd7657f941024ef69ca34d1e61e640c5523b19b0fad4dcb1c9f1b01a6fa166f
-
SHA512
abc3b32a1cd7d0a60dd7354a9fcdff0bc37ec8a20bb2a8258353716d820f62d343c6ba9385ba893be0cca981bbb9ab4e189ccfeee6dd77cc0dc723e975532174
-
SSDEEP
3072:miS4omp03WQthI/9S3BZi08iRQ1G78IVn27bSfcJd8lto:miS4ompB9S3BZi0a1G78IVhcTct
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Disables cmd.exe use via registry modification
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops desktop.ini file(s)
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Create or Modify System Process
1Windows Service
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1