c3fdfdaa9b5456e4f0d59f1a483b004147aa01fc7d6269e326d708328b2f4595 | Triage

Sharing

General

Target

Seven.zip
Size

1.1MB
Sample

240429-rrrz4acg32
MD5

1979fe7b821ca55ca2f7a2930370b527
SHA1

259d68fe475a8c64ce5f8b35dd964aaaa2ec6cc2
SHA256

c3fdfdaa9b5456e4f0d59f1a483b004147aa01fc7d6269e326d708328b2f4595
SHA512

56a6bfcb8cf9bf1d4f8a4ea0716d6cba532db8e489777b9057c86e7a5083107af18e2e02a619eadbea1084b2baf86bbcd3bffce42de9758358a438a0415d992f
SSDEEP

24576:W57Mhd0Wi7fch0To7G6jV3l4uXg5jhuTAyjO9fTs7Wrjp:W9XzKG6XRXgJhusyo791

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  Seven.dll
- Size
  
  1.0MB
- MD5
  
  0de5717b382d10fc4ebe55af41975da9
- SHA1
  
  b79b0414c3680a7f47c5d9693972e946cb121447
- SHA256
  
  6b810a79bbe72919b873547a6923cf0195efd04bbcdf4913ab2c02e20873f117
- SHA512
  
  02246b68c586a11263c221fb77b956aa33b170902bd827426b93bfec5754e39e21eebdb17e28ef3003c7478ffb12e9ba930d5915e0fc13fc3d50fd1f40dae077
- SSDEEP
  
  24576:P5A5tpOMihhYhs5Wjo6jVblMu5kFvhsTuQJwFrHyzu:PIWBnio63V5kNhsaQYL
Score

1^/10
behavioral1 behavioral2
- Target
  
  Seven.exe
- Size
  
  139KB
- MD5
  
  6503f847c3281ff85b304fc674b62580
- SHA1
  
  947536e0741c085f37557b7328b067ef97cb1a61
- SHA256
  
  afd7657f941024ef69ca34d1e61e640c5523b19b0fad4dcb1c9f1b01a6fa166f
- SHA512
  
  abc3b32a1cd7d0a60dd7354a9fcdff0bc37ec8a20bb2a8258353716d820f62d343c6ba9385ba893be0cca981bbb9ab4e189ccfeee6dd77cc0dc723e975532174
- SSDEEP
  
  3072:miS4omp03WQthI/9S3BZi08iRQ1G78IVn27bSfcJd8lto:miS4ompB9S3BZi0a1G78IVhcTct
Score

7^/10

spyware stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops desktop.ini file(s)
- Drops file in System32 directory
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Process Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4