Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Overview
overview
4Static
static
3Voicemod P...hy.rar
windows7-x64
3Voicemod P...hy.rar
windows10-2004-x64
3Voicemod P...ME.txt
windows7-x64
1Voicemod P...ME.txt
windows10-2004-x64
1Voicemod P...op.exe
windows7-x64
1Voicemod P...op.exe
windows10-2004-x64
1Voicemod P...ck.txt
windows7-x64
1Voicemod P...ck.txt
windows10-2004-x64
1Voicemod P...up.exe
windows7-x64
4Voicemod P...up.exe
windows10-2004-x64
4Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240729-en -
resource tags
arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system -
submitted
06/08/2024, 15:52
Static task
static1
Behavioral task
behavioral1
Sample
Voicemod Pro by mr.motchy.rar
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
Voicemod Pro by mr.motchy.rar
Resource
win10v2004-20240802-en
Behavioral task
behavioral3
Sample
Voicemod Pro by mr.motchy/READ ME.txt
Resource
win7-20240704-en
Behavioral task
behavioral4
Sample
Voicemod Pro by mr.motchy/READ ME.txt
Resource
win10v2004-20240802-en
Behavioral task
behavioral5
Sample
Voicemod Pro by mr.motchy/VoicemodCrack/VoicemodDesktop.exe
Resource
win7-20240729-en
Behavioral task
behavioral6
Sample
Voicemod Pro by mr.motchy/VoicemodCrack/VoicemodDesktop.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral7
Sample
Voicemod Pro by mr.motchy/VoicemodCrack/lib/crack.txt
Resource
win7-20240708-en
Behavioral task
behavioral8
Sample
Voicemod Pro by mr.motchy/VoicemodCrack/lib/crack.txt
Resource
win10v2004-20240802-en
Behavioral task
behavioral9
Sample
Voicemod Pro by mr.motchy/VoicemodSetup.exe
Resource
win7-20240704-en
Behavioral task
behavioral10
Sample
Voicemod Pro by mr.motchy/VoicemodSetup.exe
Resource
win10v2004-20240802-en
General
-
Target
Voicemod Pro by mr.motchy/VoicemodCrack/VoicemodDesktop.exe
-
Size
2.7MB
-
MD5
237551f6b806666f9c0c3f5669380195
-
SHA1
5a7aa3c8460e1be4e4cd3d244a59b285a8dcdda6
-
SHA256
2a4176466f2a9cb6edfb74f04ecc737672363876b7df6b06fe5132533eaf0d05
-
SHA512
87eaa33d93513f217d754acde0191ae0c7b73a9443602e8cbb44da09e66a33a19bcbb8a503fce7a08ed15174afe5f1dc708896fb415fca174a721b22bf969f69
-
SSDEEP
49152:/3bKUlADq0GArjFFLqIHaLafIXYXpdwbSC:eUToFFL5HHfWwpdweC
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 2488 wrote to memory of 2648 2488 VoicemodDesktop.exe 30 PID 2488 wrote to memory of 2648 2488 VoicemodDesktop.exe 30 PID 2488 wrote to memory of 2648 2488 VoicemodDesktop.exe 30
Processes
-
C:\Users\Admin\AppData\Local\Temp\Voicemod Pro by mr.motchy\VoicemodCrack\VoicemodDesktop.exe"C:\Users\Admin\AppData\Local\Temp\Voicemod Pro by mr.motchy\VoicemodCrack\VoicemodDesktop.exe"1⤵
- Suspicious use of WriteProcessMemory
PID:2488 -
C:\Windows\system32\WerFault.exeC:\Windows\system32\WerFault.exe -u -p 2488 -s 6282⤵PID:2648
-