73120cd3de5e9f59cbbe497f8861d08aac2153d9521daf380522179c8ca61c9d | Triage

Sharing

General

Target

Seven.zip
Size

1.1MB
Sample

240429-nqt7aahh8z
MD5

fda95d4ed1b9050c5a254c35bf29b9c3
SHA1

7b06b4f13f8a816aaf7cb9a159f0cce4fc9e2cce
SHA256

73120cd3de5e9f59cbbe497f8861d08aac2153d9521daf380522179c8ca61c9d
SHA512

b93c27c2e7778b4c312cbf41f0069ca901741d6071ce71f79f199c00a292bae4c937c1298d79641a2749ac3fa53383f24e5e7b5c58fa09492802b01d5d8b1c3e
SSDEEP

24576:y601dnNxiJnDfefkqjVplCuN00+44ZuQN4Pw8yzuxnvSHz:41d2T0kqp3N00+4+gDk6Y

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  Seven.dll
- Size
  
  1.0MB
- MD5
  
  2082e9b980be1d9a5f28e8014e0e79c3
- SHA1
  
  391c769526e1cf969d30df590fb99cd376ddb7f9
- SHA256
  
  116ec1a91dfbd7c529651ebb454dfdd1d2f2dde84abc10aef4b7b0e77776b6ec
- SHA512
  
  6bf8e2aa621175998266aa695dbf46c8e944696b6139849d5ee7f2ca8d586e5b3d78629621a5326ead848a30d500be681e7a43666b4df2e35502cf9508dd93b7
- SSDEEP
  
  24576:85A5tpIbJNdiTHNxWn2qjVRl4uh8CIMCZysn4fe0GTqXV:8IgbWDK2qdRh8CIMsU/m
Score

1^/10
behavioral1
- Target
  
  Seven.exe
- Size
  
  139KB
- MD5
  
  6503f847c3281ff85b304fc674b62580
- SHA1
  
  947536e0741c085f37557b7328b067ef97cb1a61
- SHA256
  
  afd7657f941024ef69ca34d1e61e640c5523b19b0fad4dcb1c9f1b01a6fa166f
- SHA512
  
  abc3b32a1cd7d0a60dd7354a9fcdff0bc37ec8a20bb2a8258353716d820f62d343c6ba9385ba893be0cca981bbb9ab4e189ccfeee6dd77cc0dc723e975532174
- SSDEEP
  
  3072:miS4omp03WQthI/9S3BZi08iRQ1G78IVn27bSfcJd8lto:miS4ompB9S3BZi0a1G78IVhcTct
Score

7^/10

spyware stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops desktop.ini file(s)
- Legitimate hosting services abused for malware hosting/C2
- Drops file in System32 directory
behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2