7bc72601a99488910e0e3ebfd167b0e6c6a66ac7aa0de499699b7621859e320f

Resubmissions

15-11-2024 20:12

15-11-2024 20:08

max time kernel
117s
max time network
119s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
15-11-2024 20:08

Target

Voicemod Pro by mr.motchy/VoicemodCrack/VoicemodDesktop.exe
Size

2.7MB
MD5

237551f6b806666f9c0c3f5669380195
SHA1

5a7aa3c8460e1be4e4cd3d244a59b285a8dcdda6
SHA256

2a4176466f2a9cb6edfb74f04ecc737672363876b7df6b06fe5132533eaf0d05
SHA512

87eaa33d93513f217d754acde0191ae0c7b73a9443602e8cbb44da09e66a33a19bcbb8a503fce7a08ed15174afe5f1dc708896fb415fca174a721b22bf969f69
SSDEEP

49152:/3bKUlADq0GArjFFLqIHaLafIXYXpdwbSC:eUToFFL5HHfWwpdweC

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

Processes:

VoicemodDesktop.exe

description	pid	process	target process
PID 2356 wrote to memory of 2388	2356	VoicemodDesktop.exe	WerFault.exe
PID 2356 wrote to memory of 2388	2356	VoicemodDesktop.exe	WerFault.exe
PID 2356 wrote to memory of 2388	2356	VoicemodDesktop.exe	WerFault.exe

C:\Users\Admin\AppData\Local\Temp\Voicemod Pro by mr.motchy\VoicemodCrack\VoicemodDesktop.exe
"C:\Users\Admin\AppData\Local\Temp\Voicemod Pro by mr.motchy\VoicemodCrack\VoicemodDesktop.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2356
- C:\Windows\system32\WerFault.exe
  C:\Windows\system32\WerFault.exe -u -p 2356 -s 628
  2⤵
  PID:2388

memory/2356-0-0x000007FEF6443000-0x000007FEF6444000-memory.dmp

Filesize
4KB

Download
memory/2356-1-0x000000013F1D0000-0x000000013F482000-memory.dmp

Filesize
2.7MB

Download
memory/2356-2-0x000007FEF6440000-0x000007FEF6E2C000-memory.dmp

Filesize
9.9MB

Download
memory/2356-3-0x000007FEF6440000-0x000007FEF6E2C000-memory.dmp

Filesize
9.9MB

Download