Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    06-06-2024 12:07

General

  • Target

    fidesz.exe

  • Size

    9.8MB

  • MD5

    84a059ee61f1bbcd28614261e4c2fab7

  • SHA1

    f0aaf940a4f38c6401d2fb4420e99039ee01018f

  • SHA256

    7fea5d9e79be7e8f908d57cd2c0e35bc742e9257fb6cd71502498e2ed35bf82a

  • SHA512

    05c603eb7fbeac88bde2fb00009e60e50f98a90fc6975d4b584115f076489ab1738bc4ce27b4ec94a8ee1bfe22bdafee00d5a73e66206e45eb788a6542ee4241

  • SSDEEP

    196608:LhLglQA1HeT39IigFeE9TFa0Z8DOjCdylhY8gh70W8/LeoCvmQyyeBD:Qp1+TtIiRY9Z8D8CclyhCW8SztSD

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\fidesz.exe
    "C:\Users\Admin\AppData\Local\Temp\fidesz.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2280
    • C:\Users\Admin\AppData\Local\Temp\fidesz.exe
      "C:\Users\Admin\AppData\Local\Temp\fidesz.exe"
      2⤵
      • Loads dropped DLL
      PID:1804

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI22802\python312.dll

    Filesize

    6.6MB

    MD5

    3c388ce47c0d9117d2a50b3fa5ac981d

    SHA1

    038484ff7460d03d1d36c23f0de4874cbaea2c48

    SHA256

    c98ba3354a7d1f69bdca42560feec933ccba93afcc707391049a065e1079cddb

    SHA512

    e529c5c1c028be01e44a156cd0e7cad0a24b5f91e5d34697fafc395b63e37780dc0fac8f4c5d075ad8fe4bd15d62a250b818ff3d4ead1e281530a4c7e3ce6d35