General
-
Target
Seven.zip
-
Size
1.1MB
-
Sample
240428-kydmqacc33
-
MD5
7f89a808a9bf87a6b18a12561edc5729
-
SHA1
dbd760afcb635ab56313ccd84e2047fefdeafa81
-
SHA256
120b77c162514bba6833acdb4a5d0ad7d902f07d3b1d32a8b37712fa20186527
-
SHA512
939c53a7d0c947d6fe4164d9bc19b020448921be6d4c944e44e5dfc18a14f84b11b3e759a01bbc9b9467763fa09982d3433e461b6975bc536edeb43d597e4033
-
SSDEEP
24576:rYlfW6XpAt8ir5GoIsWH+qlPRlqgdgBW4cnwQZ0W6BPWARMy:rI9ITlhO+qV/dgTcwQaf
Malware Config
Targets
-
-
Target
Seven.dll
-
Size
1.0MB
-
MD5
1412a64a17332acca92cc6695ad01c7d
-
SHA1
ef4f86f9b2dadc38ffa9614e784931d7a541f4c9
-
SHA256
3fba0757320e7aa3474c340254c0353272fce421148822d81f0b011632f7ec83
-
SHA512
7fd287b75497770e6ffd80a2b87aab69053fc9274271994361163446c01e0f4fd2ce936a1c08aa24057e952e188cae7a72ea8d3f295486a0d3cda4f61a28fd16
-
SSDEEP
24576:8AiJaitoiH5M8MuWRCqjPxlSgdwf4ieJAwdEA65PmKVxT9z:/e/h90CqLXdwVeOwKPT9
Score1/10 -
-
-
Target
Seven.exe
-
Size
139KB
-
MD5
6503f847c3281ff85b304fc674b62580
-
SHA1
947536e0741c085f37557b7328b067ef97cb1a61
-
SHA256
afd7657f941024ef69ca34d1e61e640c5523b19b0fad4dcb1c9f1b01a6fa166f
-
SHA512
abc3b32a1cd7d0a60dd7354a9fcdff0bc37ec8a20bb2a8258353716d820f62d343c6ba9385ba893be0cca981bbb9ab4e189ccfeee6dd77cc0dc723e975532174
-
SSDEEP
3072:miS4omp03WQthI/9S3BZi08iRQ1G78IVn27bSfcJd8lto:miS4ompB9S3BZi0a1G78IVhcTct
Score10/10-
Modifies Windows Defender Real-time Protection settings
-
UAC bypass
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Disables cmd.exe use via registry modification
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Windows security modification
-
Checks whether UAC is enabled
-
Drops file in System32 directory
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Create or Modify System Process
1Windows Service
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1