d50ad141854cca0a356de2c38f533ae4e87bb9379d96f656f12fb75c94024cc8

Sharing

Copy URL

Twitter E-mail

General

Target

Voicemod Pro 2.6.0.7 (x64) Multilingual [PeskTop.com].rar
Size

67.3MB
Sample

240702-b1fqes1gra
MD5

2248fe5369f657ca0b0f0ce3b4ab5a38
SHA1

9b4bb1effbba647c2de42c8f9b111ebffccdb7ca
SHA256

d50ad141854cca0a356de2c38f533ae4e87bb9379d96f656f12fb75c94024cc8
SHA512

7a1f865bfb82c5f8b9404ba83d75e161a9853ebc4087004c733ecdb35306ef27af11e0811f84b00b2208ed305f3753203baa18f5212c5c9a6b8a4e85f0725b2b
SSDEEP

1572864:hSN6XCY6x7zzkWr1g5DxqgesWOWf/tOyL4trXEOwL:Ewp6dzzkr9QZsWMrXu

Score

8^/10

Malware Config

Targets

- Target
  
  Voicemod Pro 2.6.0.7 (x64) Multilingual [PeskTop.com].rar
- Size
  
  67.3MB
- MD5
  
  2248fe5369f657ca0b0f0ce3b4ab5a38
- SHA1
  
  9b4bb1effbba647c2de42c8f9b111ebffccdb7ca
- SHA256
  
  d50ad141854cca0a356de2c38f533ae4e87bb9379d96f656f12fb75c94024cc8
- SHA512
  
  7a1f865bfb82c5f8b9404ba83d75e161a9853ebc4087004c733ecdb35306ef27af11e0811f84b00b2208ed305f3753203baa18f5212c5c9a6b8a4e85f0725b2b
- SSDEEP
  
  1572864:hSN6XCY6x7zzkWr1g5DxqgesWOWf/tOyL4trXEOwL:Ewp6dzzkr9QZsWMrXu
Score

3^/10
behavioral1 behavioral2
- Target
  
  Visit www.pesktop.com.url
- Size
  
  122B
- MD5
  
  ec78904d048134a63c41a2dd63a5b201
- SHA1
  
  31423c68a5d5a9401a973d2cbd6c8d84607821d6
- SHA256
  
  42e647086d0d6d89c283279ab7974260ed242b0b925d683c8856af8c004ea430
- SHA512
  
  e0edfec56103424fe78d6e6d32ae80c91369bd2327753c970ef778ac585467e31a2413b00a46d569b256b3b81fd005cd69167890714fb50384722c1a0cc5e861
Score

1^/10
behavioral3 behavioral4
- Target
  
  Voicemod Pro 2.6.0.7 (x64) Multilingual [PeskTop.com]/Crack/VoicemodDesktop.exe
- Size
  
  5.3MB
- MD5
  
  2a3c1a98a7e076e69e72173754be7828
- SHA1
  
  cafd5d51d287fef1f7b8d3f75c6a91d573e0744f
- SHA256
  
  176065ce145a080d2c13128c05d3f6ee83de37ca4b61aa3b4188c2d53b4f2725
- SHA512
  
  fecc484293b5b13021f1d2b84e969c42c684a8e74b8f16d7017f8e9efd04935887f4b47f4acf153e62761a360fa6277db9433b25b4322173c258bfd841680e23
- SSDEEP
  
  49152:wQgAw1Zh83bXY7rDNIgQUue5zg2+GS7vCco09j5B3fBolyKmyiIgQUue5zg2:wRAPbUDWdUuesCevZjQylWdUues
Score

1^/10
behavioral5 behavioral6
- Target
  
  Voicemod Pro 2.6.0.7 (x64) Multilingual [PeskTop.com]/Readme _ password 123.txt
- Size
  
  129B
- MD5
  
  6344d8d21170af6cee0abaaaa2dc3b6f
- SHA1
  
  f17d48b4f19b05d0b1d15666b5deec52bd7b20dd
- SHA256
  
  ac22f47eff19b832c46f460acbcb074fc15b0269e9bec4ff47c3b7deffd381ed
- SHA512
  
  18f1905520c2f918c339de1bfff00ff73b3120d372b04a75f1a9f38e79cba62f975ef73613885e6d11656c31672014edf981f8f6260cb48642118b47d4449c32
Score

3^/10
behavioral7 behavioral8
- Target
  
  Voicemod Pro 2.6.0.7 (x64) Multilingual [PeskTop.com]/VoicemodSetup_2.6.0.7.exe
- Size
  
  64.4MB
- MD5
  
  ac5c87490c1d1949dfe6f50ee007e6ea
- SHA1
  
  ecca4b6ea32fa0af34b739a1c9e93cc400651091
- SHA256
  
  7ff3b571ce5e9853333c9a1bda22070755c4ac579b9aa785e56db315e851e32d
- SHA512
  
  6ad0c745b3e49eab9587b13135261be98a858d24f797a200217a3eadb65d8219ea51535cc64426187e8cbc9a030e3998011842c18d348037e6b2dc57f1efa24d
- SSDEEP
  
  1572864:jSJjRAbmycmDxlBFllh8LRdKKPGleP6YDmq5glXg4Y:giyyXPrlhSdCQCYDVglw4Y
Score

8^/10

microsoft discovery evasion execution persistence phishing privilege_escalation
- Command and Scripting Interpreter: PowerShell
  Run Powershell and hide display window.
  execution
- Drops file in Drivers directory
- Adds Run key to start application
  persistence
- Downloads MZ/PE file
- Modifies Windows Firewall
  evasion
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
- Drops file in System32 directory
behavioral10 behavioral9