Overview

overview

8

Static

static

1

Voice.ai-D...69.exe

windows7-x64

7

Voice.ai-D...69.exe

windows10-2004-x64

8

Resubmissions

01/10/2023, 21:44

231001-1lzmesfe79 8

01/10/2023, 20:35

231001-zc4z4sdd5s 8

Analysis

  • max time kernel
    118s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    01/10/2023, 20:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Voice.ai-Downloader-alphaver-9a448982b9044dab9db0e6abee59a769.exe

  • Size

    476KB

  • MD5

    b8162dccc95c2ed40a3fd946dd127242

  • SHA1

    27899142d055dcce7ad3288028c8e3187421275c

  • SHA256

    23ecba0be777d9b7a5683d0939d9ae17c4427c46e51ff959e91785d83c60efd1

  • SHA512

    51eef114974531407df6e04af725855293db7e5bdd2e311af5b14dcbef70de9759ae00fa1c17bb72351697fb8d8cf163a1072e957430d33ca90dffeadf0eefbb

  • SSDEEP

    3072:AkBGWOsTIJgIDU5A/cto68pMABlZQ2wpFD0ravSGKBUGYDxJ0y5t8:A1ssjn5Mp2w7g+VKvSA

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 4 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Voice.ai-Downloader-alphaver-9a448982b9044dab9db0e6abee59a769.exe
    "C:\Users\Admin\AppData\Local\Temp\Voice.ai-Downloader-alphaver-9a448982b9044dab9db0e6abee59a769.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious behavior: GetForegroundWindowSpam
    PID:2484

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nsy3489.tmp\INetC.dll
    Filesize

    21KB

    MD5

    2b342079303895c50af8040a91f30f71

    SHA1

    b11335e1cb8356d9c337cb89fe81d669a69de17e

    SHA256

    2d5d89025911e2e273f90f393624be4819641dbee1606de792362e442e54612f

    SHA512

    550452dadc86ecd205f40668894116790a456fe46e9985d68093d36cf32abf00edecb5c56ff0287464a0e819db7b3cc53926037a116de6c651332a7cc8035d47

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsy3489.tmp\INetC.dll
    Filesize

    21KB

    MD5

    2b342079303895c50af8040a91f30f71

    SHA1

    b11335e1cb8356d9c337cb89fe81d669a69de17e

    SHA256

    2d5d89025911e2e273f90f393624be4819641dbee1606de792362e442e54612f

    SHA512

    550452dadc86ecd205f40668894116790a456fe46e9985d68093d36cf32abf00edecb5c56ff0287464a0e819db7b3cc53926037a116de6c651332a7cc8035d47

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsy3489.tmp\INetC.dll
    Filesize

    21KB

    MD5

    2b342079303895c50af8040a91f30f71

    SHA1

    b11335e1cb8356d9c337cb89fe81d669a69de17e

    SHA256

    2d5d89025911e2e273f90f393624be4819641dbee1606de792362e442e54612f

    SHA512

    550452dadc86ecd205f40668894116790a456fe46e9985d68093d36cf32abf00edecb5c56ff0287464a0e819db7b3cc53926037a116de6c651332a7cc8035d47

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsy3489.tmp\INetC.dll
    Filesize

    21KB

    MD5

    2b342079303895c50af8040a91f30f71

    SHA1

    b11335e1cb8356d9c337cb89fe81d669a69de17e

    SHA256

    2d5d89025911e2e273f90f393624be4819641dbee1606de792362e442e54612f

    SHA512

    550452dadc86ecd205f40668894116790a456fe46e9985d68093d36cf32abf00edecb5c56ff0287464a0e819db7b3cc53926037a116de6c651332a7cc8035d47

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsy3489.tmp\System.dll
    Filesize

    12KB

    MD5

    792b6f86e296d3904285b2bf67ccd7e0

    SHA1

    966b16f84697552747e0ddd19a4ba8ab5083af31

    SHA256

    c7a20bcaa0197aedddc8e4797bbb33fdf70d980f5e83c203d148121c2106d917

    SHA512

    97edc3410b88ca31abc0af0324258d2b59127047810947d0fb5e7e12957db34d206ffd70a0456add3a26b0546643ff0234124b08423c2c9ffe9bdec6eb210f2c

    Download Submit