General
-
Target
Seven.zip
-
Size
1.1MB
-
Sample
240428-zf37zsgf47
-
MD5
15e71549e34ba3b4ff31823870b1cab6
-
SHA1
5dfe29a177e9688d266dd9dffe6d7a7a734f18b3
-
SHA256
750e06612ae86afd1f42936b820d01073a8d1c87c3e063e9bcdebb6db67208ae
-
SHA512
94d7800b341dc54baf07c85d936606cf6491b594589b42501beab471dce1deb8184da7a4b2e8c4efd0b61a8917e5d0a4e1d099bbcee7047a57ed2771b9e3c81f
-
SSDEEP
24576:lwoBiq1qaiih5uL2Z1WfsyjvFl26r0d/34NUhu8nphk5BgEGopaAuG4vM:lwPa/11GsyPZr0d/INz83k56powE
Static task
static1
Behavioral task
behavioral1
Sample
Seven.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
Seven.dll
-
Size
1.0MB
-
MD5
0f8177c60ca06fac2c5653b23a46cd31
-
SHA1
6e2b6faaac7267c5091f5b417e6dce7aa7596b9f
-
SHA256
0b912ab7e2eb7fb75d7da4e3263a37bdb70034d5cc2f29a141cf48d9f6b0c6df
-
SHA512
ed99d1352344dc7752b81d51a2c4da3d3562251b753feed7d23bd9f0c98c96d207f85c7b2f2f45a98fa48a01a11f83af9ca038dbadc510b41eaf2c0521c1a810
-
SSDEEP
24576:lAiJRwAiH5qLEZDWJyqjvHlc6dM5l3QhOtuqlThEbBGAGo9aSAE:RwH3DIyqJXdM5lAhPqvEbElo/
Score1/10 -
-
-
Target
Seven.exe
-
Size
139KB
-
MD5
6503f847c3281ff85b304fc674b62580
-
SHA1
947536e0741c085f37557b7328b067ef97cb1a61
-
SHA256
afd7657f941024ef69ca34d1e61e640c5523b19b0fad4dcb1c9f1b01a6fa166f
-
SHA512
abc3b32a1cd7d0a60dd7354a9fcdff0bc37ec8a20bb2a8258353716d820f62d343c6ba9385ba893be0cca981bbb9ab4e189ccfeee6dd77cc0dc723e975532174
-
SSDEEP
3072:miS4omp03WQthI/9S3BZi08iRQ1G78IVn27bSfcJd8lto:miS4ompB9S3BZi0a1G78IVhcTct
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Disables cmd.exe use via registry modification
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Drops desktop.ini file(s)
-
Drops file in System32 directory
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Create or Modify System Process
1Windows Service
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1