General
-
Target
Voicemod crack.exe
-
Size
761.7MB
-
Sample
230204-vzyz6ahc5s
-
MD5
05242383b19c459e4ac2d76f823a6602
-
SHA1
12d531a3a39bf0571051e88410707216b72924bf
-
SHA256
22bb6a288e7d0f7da2f0f210619c8da124890f3c6d04b8ed86c07bc655a9b18e
-
SHA512
85444aba6dc8cbf2b9f7344c8b684ba6e16cd2aa1bf05746e279c73b4025673a7374b6f5b24662c92d401aeab76c9fe8b7b1fc26740f032c1ce863305390bde0
-
SSDEEP
6144:c9pdgQXdMITwYr19KY2oSQ7e8b5Y+3d0LPSYlhZGfq82weM9xKUagjZbafgUB3XK:c9pdgSxr19K/H18HdpYbcfpFKSwguq
Static task
static1
Behavioral task
behavioral1
Sample
Voicemod crack.exe
Resource
win7-20221111-en
Malware Config
Extracted
vidar
2.3
408
https://t.me/mantarlars
https://steamcommunity.com/profiles/76561199474840123
-
profile_id
408
Targets
-
-
Target
Voicemod crack.exe
-
Size
761.7MB
-
MD5
05242383b19c459e4ac2d76f823a6602
-
SHA1
12d531a3a39bf0571051e88410707216b72924bf
-
SHA256
22bb6a288e7d0f7da2f0f210619c8da124890f3c6d04b8ed86c07bc655a9b18e
-
SHA512
85444aba6dc8cbf2b9f7344c8b684ba6e16cd2aa1bf05746e279c73b4025673a7374b6f5b24662c92d401aeab76c9fe8b7b1fc26740f032c1ce863305390bde0
-
SSDEEP
6144:c9pdgQXdMITwYr19KY2oSQ7e8b5Y+3d0LPSYlhZGfq82weM9xKUagjZbafgUB3XK:c9pdgSxr19K/H18HdpYbcfpFKSwguq
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-