Overview

overview

7

Static

static

1

VoiceChang...5).exe

windows7-x64

7

VoiceChang...5).exe

windows10-2004-x64

7

Analysis

  • max time kernel
    137s
  • max time network
    140s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    31-03-2023 18:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    VoiceChanger64(1.75).exe

  • Size

    1.2MB

  • MD5

    1b878de11d52b864088a69825024027a

  • SHA1

    8ebf732644d06846d74246a566dc4abf6eb87d96

  • SHA256

    bc441d1f765caff9920cf4abed934d4d6a47ea2cd04fcff10feb1e31e72bf1fb

  • SHA512

    bc3d8068fa9f915fce3e95eabca31be019cf4c47e041c6ba32ad2bb8145700faca909f820d5bf2a8515c1cfeeafecb5ea2815986630aa03b034704041a5c09ef

  • SSDEEP

    24576:BQyASweb4q3yldOeHjRAW10/eeXkwj2i0BzvBGpMuTCj:CyAIsqCeeHSWc0wj2i0JBGquTCj

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 4 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

Processes

  • C:\Users\Admin\AppData\Local\Temp\VoiceChanger64(1.75).exe
    "C:\Users\Admin\AppData\Local\Temp\VoiceChanger64(1.75).exe"
    1⤵
    • Loads dropped DLL
    PID:1824

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nsa6FC8.tmp\System.dll
    Filesize

    10KB

    MD5

    56a321bd011112ec5d8a32b2f6fd3231

    SHA1

    df20e3a35a1636de64df5290ae5e4e7572447f78

    SHA256

    bb6df93369b498eaa638b0bcdc4bb89f45e9b02ca12d28bcedf4629ea7f5e0f1

    SHA512

    5354890cbc53ce51081a78c64ba9c4c8c4dc9e01141798c1e916e19c5776dac7c82989fad0f08c73e81aaba332dad81205f90d0663119af45550b97b338b9cc3

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\nsa6FC8.tmp\System.dll
    Filesize

    10KB

    MD5

    56a321bd011112ec5d8a32b2f6fd3231

    SHA1

    df20e3a35a1636de64df5290ae5e4e7572447f78

    SHA256

    bb6df93369b498eaa638b0bcdc4bb89f45e9b02ca12d28bcedf4629ea7f5e0f1

    SHA512

    5354890cbc53ce51081a78c64ba9c4c8c4dc9e01141798c1e916e19c5776dac7c82989fad0f08c73e81aaba332dad81205f90d0663119af45550b97b338b9cc3

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\nsa6FC8.tmp\System.dll
    Filesize

    10KB

    MD5

    56a321bd011112ec5d8a32b2f6fd3231

    SHA1

    df20e3a35a1636de64df5290ae5e4e7572447f78

    SHA256

    bb6df93369b498eaa638b0bcdc4bb89f45e9b02ca12d28bcedf4629ea7f5e0f1

    SHA512

    5354890cbc53ce51081a78c64ba9c4c8c4dc9e01141798c1e916e19c5776dac7c82989fad0f08c73e81aaba332dad81205f90d0663119af45550b97b338b9cc3

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\nsa6FC8.tmp\nsDialogs.dll
    Filesize

    9KB

    MD5

    f832e4279c8ff9029b94027803e10e1b

    SHA1

    134ff09f9c70999da35e73f57b70522dc817e681

    SHA256

    4cd17f660560934a001fc8e6fdcea50383b78ca129fb236623a9666fcbd13061

    SHA512

    bf92b61aa267e3935f0ea7f47d8d96f09f016e648c2a7e7dcd5ecc47da864e824c592098c1e39526b643bd126c5c99d68a7040411a4cf68857df629f24d4107d

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\nsa6FC8.tmp\nsDialogs.dll
    Filesize

    9KB

    MD5

    f832e4279c8ff9029b94027803e10e1b

    SHA1

    134ff09f9c70999da35e73f57b70522dc817e681

    SHA256

    4cd17f660560934a001fc8e6fdcea50383b78ca129fb236623a9666fcbd13061

    SHA512

    bf92b61aa267e3935f0ea7f47d8d96f09f016e648c2a7e7dcd5ecc47da864e824c592098c1e39526b643bd126c5c99d68a7040411a4cf68857df629f24d4107d

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\nsa6FC8.tmp\nsDialogs.dll
    Filesize

    9KB

    MD5

    f832e4279c8ff9029b94027803e10e1b

    SHA1

    134ff09f9c70999da35e73f57b70522dc817e681

    SHA256

    4cd17f660560934a001fc8e6fdcea50383b78ca129fb236623a9666fcbd13061

    SHA512

    bf92b61aa267e3935f0ea7f47d8d96f09f016e648c2a7e7dcd5ecc47da864e824c592098c1e39526b643bd126c5c99d68a7040411a4cf68857df629f24d4107d

    Download Submit