Overview

overview

7

Static

static

1

MorphVOX Pro.zip

windows7-x64

1

MorphVOX Pro.zip

windows10-2004-x64

1

MorphVOX P...ll.exe

windows7-x64

7

MorphVOX P...ll.exe

windows10-2004-x64

7

MorphVOX P...ll.exe

windows7-x64

7

MorphVOX P...ll.exe

windows10-2004-x64

7

MorphVOX P...ll.exe

windows7-x64

7

MorphVOX P...ll.exe

windows10-2004-x64

7

MorphVOX P...ll.exe

windows7-x64

7

MorphVOX P...ll.exe

windows10-2004-x64

7

MorphVOX P...ll.exe

windows7-x64

7

MorphVOX P...ll.exe

windows10-2004-x64

7

MorphVOX P...ll.exe

windows7-x64

7

MorphVOX P...ll.exe

windows10-2004-x64

7

MorphVOX P...ll.exe

windows7-x64

7

MorphVOX P...ll.exe

windows10-2004-x64

7

MorphVOX P...ll.exe

windows7-x64

7

MorphVOX P...ll.exe

windows10-2004-x64

7

MorphVOX P...ll.exe

windows7-x64

7

MorphVOX P...ll.exe

windows10-2004-x64

7

MorphVOX P...ll.exe

windows7-x64

7

MorphVOX P...ll.exe

windows10-2004-x64

7

MorphVOX P...ll.exe

windows7-x64

7

MorphVOX P...ll.exe

windows10-2004-x64

7

MorphVOX P...ll.exe

windows7-x64

7

MorphVOX P...ll.exe

windows10-2004-x64

7

MorphVOX P...ll.exe

windows7-x64

7

MorphVOX P...ll.exe

windows10-2004-x64

7

MorphVOX P...ll.exe

windows7-x64

7

MorphVOX P...ll.exe

windows10-2004-x64

7

MorphVOX P...ll.exe

windows7-x64

7

MorphVOX P...ll.exe

windows10-2004-x64

7

Resubmissions

16/10/2023, 04:11

231016-ery27ade98 8

16/10/2023, 03:55

231016-egzwqsbd7t 7

Sharing

Copy URL Twitter E-mail

General

  • Target

    MorphVOX Pro.zip

  • Size

    31.1MB

  • Sample

    231016-egzwqsbd7t

  • MD5

    da8f68cb916d292530311f310a7461bc

  • SHA1

    05b51111144d322ec28f7e52523875285ce050b6

  • SHA256

    7563ae08ceec9911afee7bae2b02dadbd55fbacf26fc6b16905e35a1dc5eb6bc

  • SHA512

    b33aa991d653f9d584834829f71d2d0084c113f987c830959cafbde34ff7c17c527f130a52f4547b314668862f42b1834d019417fcaa9d8e50aa06caaf20f0cf

  • SSDEEP

    786432:wCj5LPFwHOkcOrLYL58IeI2Z0jwO8WQQgm+7g/9IjF/iCB:w8hFwlt4l3f2Z0UbQgm9AtB

Score
7/10

Malware Config

Targets

    • Target

      MorphVOX Pro.zip

    • Size

      31.1MB

    • MD5

      da8f68cb916d292530311f310a7461bc

    • SHA1

      05b51111144d322ec28f7e52523875285ce050b6

    • SHA256

      7563ae08ceec9911afee7bae2b02dadbd55fbacf26fc6b16905e35a1dc5eb6bc

    • SHA512

      b33aa991d653f9d584834829f71d2d0084c113f987c830959cafbde34ff7c17c527f130a52f4547b314668862f42b1834d019417fcaa9d8e50aa06caaf20f0cf

    • SSDEEP

      786432:wCj5LPFwHOkcOrLYL58IeI2Z0jwO8WQQgm+7g/9IjF/iCB:w8hFwlt4l3f2Z0UbQgm9AtB

    Score
    1/10
    behavioral1behavioral2

    • Target

      MorphVOX Pro/Addons/Backgrounds/BPWorkplace_Install.exe

    • Size

      2.0MB

    • MD5

      dce6be53e7fa02ed94d636411bdd9b16

    • SHA1

      be27fa894f8a14bfd3e21ba190d84b8fe8d2f3bb

    • SHA256

      f56aa3ceae5b69a9acb5829980d4e420a70c04b84bd01e7758a637ff04d513f7

    • SHA512

      a79ae783a1b96ba542d0679d6f634a65ad89d382b8d8b4464fe4638452356d86d40f9f70a907acdbc008f6e8b2d62d41d1969a079445e8879003aaf17a51c78b

    • SSDEEP

      49152:XJGSAV00Pr55cVqZIUM8ksG1EMfNjaQDVEH3geRhVszs/ARII7:XJP600P21fVaBHzhVsgiII7

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral3behavioral4

    • Target

      MorphVOX Pro/Addons/Plug-ins/PluginBatchConverter_Install.exe

    • Size

      637KB

    • MD5

      59f5f034d2ffd824d6a89312d670b992

    • SHA1

      9d831ee36b2d15b684a39410754a2367b7084c27

    • SHA256

      7274b0c57d3603972f8474ad8cf23a1e0ccdd601becf7a234d3b4a39eb3092f8

    • SHA512

      6c07d1855d4503c681ff774a514e9b9da3802e0d38e488675be801d9aea99edd2654cead716b4c8e00ef626c38f762dda81dea42d3dc0babf52243855f59ab3e

    • SSDEEP

      12288:b39scXbUaibCCXKzdFH6Qqn5GzrMzND6GeFNX8Qzu1elU7I:BsQCCKKzdFHO5AMZD6GeFJ8Z7I

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral5behavioral6

    • Target

      MorphVOX Pro/Addons/Plug-ins/PluginFileStreamer_Install.exe

    • Size

      634KB

    • MD5

      c99852e8937cbf881c5fd74bfb75f71a

    • SHA1

      7669c07e9c3f1fbe8681426eeaffabf0addcf857

    • SHA256

      2b7b91a1d196fe38048f4e7e81abfeced721e5b5033c5185b16962cfd05ce455

    • SHA512

      7f26878131e259e83658f9c372a79458bbeda2d6f22266daf79543e905143f5f54de753d4bae43dc30fa804cd33a22a00a40d3ed58d4dab2858e9cdf19f6ad98

    • SSDEEP

      12288:D39UagsHCVn+ovcNxQBEn+TTL8YUf3YmxvuqI8dt1hlc7GE4Symp7XaWK:JZHCZnvcZn+Y7//FI8dtzyKEp7S

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral7behavioral8

    • Target

      MorphVOX Pro/Addons/Plug-ins/PluginMorphVOXEffectsRack_Install.exe

    • Size

      1.1MB

    • MD5

      29f412cbb9dc141862f3755d67caea25

    • SHA1

      35f82023e67a39a8f4a243828a8166b736960c9d

    • SHA256

      e6cc559a08edba57d6f87a5389d4a02df621b7fee588421394aeea278e37f322

    • SHA512

      7ea0fb99ffec2e0629b0c60d0653aab4421d21d061b29375679ae18b194d124e08d6205ea205da95432b4ec7371003daa078434b2068c0813f2818859240241c

    • SSDEEP

      24576:eyZL8ueiT4Yz5RB6imbmaeBtt3Z/JC5C+KfCWOc6LuG8onhR:eyZQuiYNRBcbmxBzZ/JAC+KMc6LvR

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral10behavioral9

    • Target

      MorphVOX Pro/Addons/Plug-ins/PluginTextToVoIP_Install.exe

    • Size

      1.0MB

    • MD5

      502e3b17fd71c4f1bbbba694762e187b

    • SHA1

      f54a9fdc28c79c0a99703b944ad3f7b1e7c2fa81

    • SHA256

      46fe33f7df4acb4929585ae431164dbbe3d58d699e51845dd5152c0907a0b8b9

    • SHA512

      2639ccdc00f0210440ddefde1f3b550c8f74155ee58fcbd37ed8988e5b3d9c0fa5d3657f1452f56c75c66d2be8c2d32c1119696e3a5364f16d0b020d468f323c

    • SSDEEP

      24576:10qQjGzWXSocg3yJNv4Pg4VMpyM/3qsS4dqhpu2vFVG6W+:yyzccBWg4Gf3BN2uz+

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral11behavioral12

    • Target

      MorphVOX Pro/Addons/Plug-ins/PluginVoiceSplicer_Install.exe

    • Size

      827KB

    • MD5

      0149870f09883e86a77ac34c715df5b1

    • SHA1

      09cce6215ae20762915d2b007121db415eaa4a57

    • SHA256

      c25dd6dbd09180c78dd52a596875b13c88119818f03fff8cf5bb81cc20055dda

    • SHA512

      23a9099286969f6edffc1849520a39c497b5d20b7cdfc4a816e168dbdd3574d51b8b5e9e5b1a8bbc9775584b8304f82898da3df2dcf2f9864c8de4d0ebd2a436

    • SSDEEP

      12288:739ECszi6VwOwMvuRQTwSMgRZC+FUgidrtnYXndP9AnmLSJ1OjF:hECsziswOfKCMqVF+drtYXnrA1OJ

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral13behavioral14

    • Target

      MorphVOX Pro/Addons/Skins/Skin-BlueSatin_Install.exe

    • Size

      628KB

    • MD5

      fd76ef5e7bede008734c997dfe42c059

    • SHA1

      49e85be0de9ff63cd3342d26c9f3971eff70735b

    • SHA256

      00d28180539f39d373693e016b3249e190a8b6ab4044ab65d2c9ed3da0647dcd

    • SHA512

      d3bcb1ca924c01097c6c538f226c2599b3eb03d435a46bfb82cbe6e42dba319b089435607ea97bd5f73de3c4b0029278768e3f32c4c1792f414baa5353f06f76

    • SSDEEP

      12288:839tJKszO4pwAnmLSJ3oU4hms77nlsr0Y4Pz3DmfFDdoS4q:oyszOswA3jxsXnlsKzDmfFDKRq

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral15behavioral16

    • Target

      MorphVOX Pro/Addons/Sound Effects/SP-AncientWeapon_Install.exe

    • Size

      624KB

    • MD5

      f52f2cc3413a631ddfacf735163835d7

    • SHA1

      4aec15d354b29c90c6874365e8ed6ce1e7599858

    • SHA256

      920879552584be1ccaa705e5f3fb1c97f26360d8776f79df919bd832c29d0bff

    • SHA512

      91410bda4155510dfd9c0a8c8ea36c793ea205a40b939e68fea5baac5165e13779df0b0148f9a15b6282156dc96ed21e6bd06ba9bcc2c9df10fa55a293b00db8

    • SSDEEP

      12288:639lPKszO4Y/AnmLSJ67GIyUfxKgwWqwLrsXf50BZj/XBI6G:ScszOZ/A2ZZEg0hkDRFG

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral17behavioral18

    • Target

      MorphVOX Pro/Addons/Sound Effects/SP-Comic_Install.exe

    • Size

      633KB

    • MD5

      46819538e8708ef14fe6f6846fe898be

    • SHA1

      5314b24a7f10098856b0bb1f3d415f4674d7a11e

    • SHA256

      71ca9732c816649f460444ff55353fef69715151668e29125fa4c2761595887e

    • SHA512

      ee7a857c23bd512048d7c3d1096246c47603fc781c993fe55cada5150e56e4a9645ae7b6799f31af11f9ee60eb864fbf93062da70360a6cbbe23eb1fce2dee5f

    • SSDEEP

      12288:y391MjYC+RHSPuqDWBB1l9ploGIcsmf3u0pbelv3x5KIt0oEEH88:qaIHS2xPuNdQeZh5DDEEc8

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral19behavioral20

    • Target

      MorphVOX Pro/Addons/Sound Effects/SP-Fantasy_Install.exe

    • Size

      592KB

    • MD5

      3298273e973ad402ecd9ce1833f681bf

    • SHA1

      0f25453c13c39661d96bd54ac7a84014a1f2274a

    • SHA256

      cb01da2ee9d7d5708289c6880f97ab28b947138bc88d68a85d3548ba4e516b79

    • SHA512

      a8a260716638775c7a8d8ecd417f0b6c872c07853c92cdca5d597b1674ff9fab01d9353f991c4d2b07eedd7a291c987d4a2c4ca51a5a02be5a345216ff8ae672

    • SSDEEP

      12288:739+2dFVLrnA+trXTRUQ4mKbIWevbPJoyNRdDrVTG2Vgb3jVnlfP:hvdbrnAor9MmKbIDzhoyNDDrVTGXb3j7

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral21behavioral22

    • Target

      MorphVOX Pro/Addons/Sound Effects/SP-FarmAnimal_Install.exe

    • Size

      677KB

    • MD5

      0a60f4cb168bec38b71e9955f61274dd

    • SHA1

      e380327028904776060a066451c4ec3cbd984799

    • SHA256

      3e7838537b7f601026b5d35bf22bcb7a2d00bf91f606fc3dc5745aa043c1e177

    • SHA512

      7e10c5e14159aa969bee40edacf31797a127d9e2bfebfa99b854b315f840b5b8ea5520114adf35f136221e733d4d0c4cbb4a3b224915d327c96668ec4f8c0add

    • SSDEEP

      12288:N39Vq7jYC+RBPWDkyi7l7vcgHIf3ubnmYXVUOadpOuLhIyx1jMMBkPS:3eIBPWIyi7l7PTbn9VApdfS0T

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral23behavioral24

    • Target

      MorphVOX Pro/Addons/Sound Effects/SP-ModernWar_Install.exe

    • Size

      1.0MB

    • MD5

      4108536c60b85d3b11bd7a5b9f8f4b28

    • SHA1

      b1513869c7501385f2c742df04394833a4688564

    • SHA256

      ff35c51b6cae7dff46f3e369732da17677d362fa4d0b4295c4f2a7cff5436508

    • SHA512

      8ced5447f2f43c3f802921a0c8ef7ed4eef37d4279046cd25d38e41733de746da7e55c07572bf168227418011674ea304d7255eb83c651a308e8d157a32df670

    • SSDEEP

      24576:U3S2ah79rjKeSvMnuWx+z4VDsbFemYj4/OZp7wVqwZOxss9:U3taduvaNhWFouOX7KVZOCs9

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral25behavioral26

    • Target

      MorphVOX Pro/Addons/Sound Effects/SP-SciFi2_Install.exe

    • Size

      741KB

    • MD5

      35cd442d6b9f199eb1f26fb2ff13298f

    • SHA1

      1e11eea2024c4e840592796463a7dd20b8e1221a

    • SHA256

      07f05836329a55e7b54dd13a4fedbcecdb0145d905c1e5615d5be6a42688c672

    • SHA512

      df195829639a989e68cf187f2bdcf012e263d01b55c0f5eccaa0d0b6dfdc2bfeaae45c14726df4e5081ea59ac1b4254f27203ff5e1a066f63083e0c122d7bc25

    • SSDEEP

      12288:L39fjYC+RBPWDkyilkNi0oCSgt1yaEuJo8BZrmNgJSvbt5IQ+:RbIBPWIyiOidCSgtXK8Pr3Mbl+

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral27behavioral28

    • Target

      MorphVOX Pro/Addons/Sound Effects/SP-SciFi_Install.exe

    • Size

      601KB

    • MD5

      aac379d4ef6072b6f466e70f44c21d05

    • SHA1

      75927ebf3ed201002709f7079e822d81cb745471

    • SHA256

      10ece001ae9c1edf197faf47926d57f4a8d5fbfa0829c7d83cb19fc2ab87d0df

    • SHA512

      5d08d1ad99da72e261eccd0e1ea1e0198afc7ba524f1787c187af82c2d88e1419c0f55d6e34778874a3e701c51a70cd1d68d7a6bf8d97856d3445a13cdb44d98

    • SSDEEP

      12288:4392mdxVLrVA+trnbEarck35g8dzSkEKYjbx90+WDv5LzET:UhdnrVAornQarckpgMefgrtLzET

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral29behavioral30

    • Target

      MorphVOX Pro/Addons/Sound Effects/SP-SpookySounds_Install.exe

    • Size

      1.2MB

    • MD5

      17f2109a3714a1a0fbfb3b7049f82334

    • SHA1

      cf44742854c2382aef43d32a40f81622cda5d378

    • SHA256

      40751cbd7d8425fed9d98f48bfddb9e6b61567a8cee09253231441e75df03314

    • SHA512

      18b4c9244b8da34edc827f4518aa60e31729d431dfed1bbfb434ec0641337dee9e99c76a484286845cde4dc441097534bea6efcb2c9d74a02869fa9ddf813cad

    • SSDEEP

      24576:M4OputktJxve3OlqermubDWZbT9MAtRn0ltoqySWiWaP59RDjF:MDbve+ThbDWT38oqySVx99jF

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral31behavioral32

MITRE ATT&CK Enterprise v15

Tasks