7bc72601a99488910e0e3ebfd167b0e6c6a66ac7aa0de499699b7621859e320f

Analysis

max time kernel
118s
max time network
119s
platform
windows7_x64
resource
win7-20240729-en
resource tags

arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
submitted
06/08/2024, 15:52

Target

Voicemod Pro by mr.motchy/VoicemodCrack/VoicemodDesktop.exe
Size

2.7MB
MD5

237551f6b806666f9c0c3f5669380195
SHA1

5a7aa3c8460e1be4e4cd3d244a59b285a8dcdda6
SHA256

2a4176466f2a9cb6edfb74f04ecc737672363876b7df6b06fe5132533eaf0d05
SHA512

87eaa33d93513f217d754acde0191ae0c7b73a9443602e8cbb44da09e66a33a19bcbb8a503fce7a08ed15174afe5f1dc708896fb415fca174a721b22bf969f69
SSDEEP

49152:/3bKUlADq0GArjFFLqIHaLafIXYXpdwbSC:eUToFFL5HHfWwpdweC

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2488 wrote to memory of 2648	2488	VoicemodDesktop.exe	30
PID 2488 wrote to memory of 2648	2488	VoicemodDesktop.exe	30
PID 2488 wrote to memory of 2648	2488	VoicemodDesktop.exe	30

C:\Users\Admin\AppData\Local\Temp\Voicemod Pro by mr.motchy\VoicemodCrack\VoicemodDesktop.exe
"C:\Users\Admin\AppData\Local\Temp\Voicemod Pro by mr.motchy\VoicemodCrack\VoicemodDesktop.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2488
- C:\Windows\system32\WerFault.exe
  C:\Windows\system32\WerFault.exe -u -p 2488 -s 628
  2⤵
  PID:2648

memory/2488-0-0x000007FEF4EE3000-0x000007FEF4EE4000-memory.dmp

Filesize
4KB

Download
memory/2488-1-0x000000013FCF0000-0x000000013FFA2000-memory.dmp

Filesize
2.7MB

Download
memory/2488-2-0x000007FEF4EE0000-0x000007FEF58CC000-memory.dmp

Filesize
9.9MB

Download
memory/2488-3-0x000007FEF4EE3000-0x000007FEF4EE4000-memory.dmp

Filesize
4KB

Download
memory/2488-4-0x000007FEF4EE0000-0x000007FEF58CC000-memory.dmp

Filesize
9.9MB

Download