Overview

overview

8

Static

static

7

hitpaw-voi...er.exe

windows10-2004-x64

8

hitpaw-voi...er.exe

macos-10.15-amd64

1

hitpaw-voi...er.exe

debian-9-mipsel

hitpaw-voi...er.exe

ubuntu-18.04-amd64

Sharing

Copy URL Twitter E-mail

General

  • Target

    Skachat-fayl-AAct-v--ctfKGC2AWpl8.zip

  • Size

    5.6MB

  • Sample

    231021-n6nz7see9z

  • MD5

    014926fc65604d6f15167620949322b8

  • SHA1

    a88fe2b3c8b9257d4ec0f09b737810fe6e8897f7

  • SHA256

    986469f0622bf5d9e4983cfcf858c255e4b7a2f46029e62732feef6ad271edac

  • SHA512

    ec50ebd6871b1b8a98d5f7a14bc4f90f9d02cd4479087aa3f69d4f08c7770b8093ffddd1388febb47fbbfb79944bed75be1d9f2676ad67e2db4aac9bcf9acc6b

  • SSDEEP

    98304:oFNfSzfXHW+HqJtewimYikTrrng9VM41miZ+UVbDZRxWK/kEdY59CDXZ8GJxQmBB:oLN+KfeEjkTrrnOVNmiZ/XB+eDXm8xQg

Score
8/10
discoverylinuxmacosupxvmprotect

Malware Config

Targets

    • Target

      hitpaw-voice-changer.exe

    • Size

      2.8MB

    • MD5

      05f2edb8621e49275e0029c6754b942d

    • SHA1

      f0ae6cafded1bf60c70e5050f6d2a6ad1b13d8a8

    • SHA256

      90279b02d3afb48d50d70201ae740daa2761d0d3f06fd60c4db8690d9ba586fe

    • SHA512

      d671c29d44edf247b6bead6f5a9c61fa76adb4839d8506a5b6a1faf72b97a085af13811c21555e3a08a8d9bcc3a8acc4b228cba3eedf9a2ff93fc28763e46ec9

    • SSDEEP

      49152:RBfoNtu1abLX7EzIZdMOo305WebRyyfdEGUYcz57GO00Bx0KY8D2kwU3st0sUZ:RBfBSH9Ro305WeFyyfdEHYoyGBhpD2kN

    Score
    8/10
    discoveryupxvmprotect

    • Drops file in Drivers directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops file in System32 directory

    behavioral1behavioral2behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks