Overview

overview

3

Static

static

VoicemodDesktop.exe

windows7-x64

3

VoicemodDesktop.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    91s
  • max time network
    141s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01/01/2023, 00:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    VoicemodDesktop.exe

  • Size

    7.1MB

  • MD5

    de75f7866bb832f5b6eda4bacbc51e01

  • SHA1

    27973ba4cb21f39fb41e6287ff5b5e67c90042a0

  • SHA256

    6cf88a9080b7cae2d969a287a20ad15ed839ff1e2a552cd1467beda5195e7c22

  • SHA512

    56e93d3457cb8fa4031bdc9f8e6874b444b82ba5376fb86671cdefb6786344c4a73a1718006dbe3662dc3f68f11e7ffabcb637d851d2bbbc7e2f98fff9667d57

  • SSDEEP

    196608:hhLlV4Ci11LYiT6SmKnV+wpwfAn0SM0lIrqn2wnzSi4to4TvniB2Ze:hyCi11LYiT6SmKnV/w4n0SM0lIrqn2wh

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\VoicemodDesktop.exe
    "C:\Users\Admin\AppData\Local\Temp\VoicemodDesktop.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:4528
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 4528 -s 2528
      2⤵
      • Program crash
      PID:2852
  • C:\Windows\system32\WerFault.exe
    C:\Windows\system32\WerFault.exe -pss -s 204 -p 4528 -ip 4528
    1⤵
      PID:2640

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4528-132-0x0000028093B90000-0x00000280942A6000-memory.dmp

      Filesize

      7.1MB

      Download

    • memory/4528-133-0x00007FF91DE10000-0x00007FF91E8D1000-memory.dmp

      Filesize

      10.8MB

      Download

    • memory/4528-134-0x00007FF91DE10000-0x00007FF91E8D1000-memory.dmp

      Filesize

      10.8MB

      Download