Overview

overview

7

Static

static

3

Voice.ai-D...b3.exe

windows11-21h2-x64

7

$PLUGINSDIR/INetC.dll

windows11-21h2-x64

3

$PLUGINSDI...em.dll

windows11-21h2-x64

3

$PLUGINSDI...ss.dll

windows11-21h2-x64

3

Analysis

  • max time kernel
    1483s
  • max time network
    1493s
  • platform
    windows11-21h2_x64
  • resource
    win11-20231215-en
  • resource tags

    arch:x64arch:x86image:win11-20231215-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    14/01/2024, 09:42

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    Voice.ai-Downloader-alphaver-9b16de08aa024d9382e7b425636d73b3.exe

  • Size

    476KB

  • MD5

    b8162dccc95c2ed40a3fd946dd127242

  • SHA1

    27899142d055dcce7ad3288028c8e3187421275c

  • SHA256

    23ecba0be777d9b7a5683d0939d9ae17c4427c46e51ff959e91785d83c60efd1

  • SHA512

    51eef114974531407df6e04af725855293db7e5bdd2e311af5b14dcbef70de9759ae00fa1c17bb72351697fb8d8cf163a1072e957430d33ca90dffeadf0eefbb

  • SSDEEP

    3072:AkBGWOsTIJgIDU5A/cto68pMABlZQ2wpFD0ravSGKBUGYDxJ0y5t8:A1ssjn5Mp2w7g+VKvSA

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 4 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Users\Admin\AppData\Local\Temp\Voice.ai-Downloader-alphaver-9b16de08aa024d9382e7b425636d73b3.exe
    "C:\Users\Admin\AppData\Local\Temp\Voice.ai-Downloader-alphaver-9b16de08aa024d9382e7b425636d73b3.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    PID:4248

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\nsm71E5.tmp\INetC.dll
          Filesize

          21KB

          MD5

          2b342079303895c50af8040a91f30f71

          SHA1

          b11335e1cb8356d9c337cb89fe81d669a69de17e

          SHA256

          2d5d89025911e2e273f90f393624be4819641dbee1606de792362e442e54612f

          SHA512

          550452dadc86ecd205f40668894116790a456fe46e9985d68093d36cf32abf00edecb5c56ff0287464a0e819db7b3cc53926037a116de6c651332a7cc8035d47

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\nsm71E5.tmp\System.dll
          Filesize

          12KB

          MD5

          792b6f86e296d3904285b2bf67ccd7e0

          SHA1

          966b16f84697552747e0ddd19a4ba8ab5083af31

          SHA256

          c7a20bcaa0197aedddc8e4797bbb33fdf70d980f5e83c203d148121c2106d917

          SHA512

          97edc3410b88ca31abc0af0324258d2b59127047810947d0fb5e7e12957db34d206ffd70a0456add3a26b0546643ff0234124b08423c2c9ffe9bdec6eb210f2c

          Download Submit