Overview

overview

8

Static

static

7

hitpaw-voi...er.exe

windows7-x64

8

hitpaw-voi...er.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    hitpaw-voice-changer.exe

  • Size

    2.3MB

  • Sample

    230921-txwlksbc75

  • MD5

    6cb59f3cd72baed6db3ae114087719af

  • SHA1

    427508988de6ce60fd12bfe74cd107a38526bca7

  • SHA256

    b71863e4459ce0a3fa101654a8656292acec9b5efb793c313802f3d1eaaae065

  • SHA512

    31cc0e14f58b6d27fa7205726894af5c259d7e21a6b74096b39ac3cb7616fe0edeb9dfbf1e081d55723c916209729244ff045e36d0b41bb1df0e6c74599c435e

  • SSDEEP

    49152:QGoZcd8pmpht5asIFZkX1TjXf+phuN7UkQimu0Bx0KY8D2kwU3Ut4E3K:QZcGI35aZFCX9Lf+poN7qTZBhpD2kp3b

Score
8/10
discoveryupxvmprotect

Malware Config

Targets

    • Target

      hitpaw-voice-changer.exe

    • Size

      2.3MB

    • MD5

      6cb59f3cd72baed6db3ae114087719af

    • SHA1

      427508988de6ce60fd12bfe74cd107a38526bca7

    • SHA256

      b71863e4459ce0a3fa101654a8656292acec9b5efb793c313802f3d1eaaae065

    • SHA512

      31cc0e14f58b6d27fa7205726894af5c259d7e21a6b74096b39ac3cb7616fe0edeb9dfbf1e081d55723c916209729244ff045e36d0b41bb1df0e6c74599c435e

    • SSDEEP

      49152:QGoZcd8pmpht5asIFZkX1TjXf+phuN7UkQimu0Bx0KY8D2kwU3Ut4E3K:QZcGI35aZFCX9Lf+poN7qTZBhpD2kp3b

    Score
    8/10
    discoveryupxvmprotect

    • Downloads MZ/PE file

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks