6b080d05a317a236e5e9159fdab83113fd7d8c13428329e44a3aa2d0d3ecdadd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

VoicemodXS.zip
Size

69.4MB
Sample

240313-dkx1wabd3z
MD5

4175d05b39281dda58f760c60884d612
SHA1

409668875a00e039c90621411f0521315bfd8d11
SHA256

6b080d05a317a236e5e9159fdab83113fd7d8c13428329e44a3aa2d0d3ecdadd
SHA512

422d211d3ab91ada02178295c8dd43ad13eee027e1985bd1afe2cca71292b7b3b4104612ab84efcb017cc6ef8b9ac7aac587dfbf8beb75d52a39eb8271baab42
SSDEEP

1572864:VhgksX1SWNOPzS/Tlakv3ZOJoxniHsH9l++gREv78ClRe0IthtG:GXgPzSNvJvxnii9fgRc8ClChtG

Score

8^/10

Malware Config

Targets

- Target
  
  VoicemodXS.exe
- Size
  
  69.6MB
- MD5
  
  5dfe418bdbea4e5d0b4ba389f38bf02e
- SHA1
  
  4a7d06a524d893c3f6fd3506d5f934e3d96f3c91
- SHA256
  
  c04fea034c1fdb1ee00de437c6a5facee33131a3950574e42cc0905e85827d83
- SHA512
  
  dec088d2a185732a8126c089cd0aa68cdc5ed9e2fd78910b760436643c6b8d10fec0362aa81ca63358a5d984d1682cac96f498b089afe956a0f24fd17c62702c
- SSDEEP
  
  1572864:D7qaCAaZaqbleLlSDk8XD54NBtGPexw3JIHECpA+Wh9gwfkVi18ONi:Z2tReLlo1SfGPeK7CpA/9gwZ8wi
Score

8^/10
- Downloads MZ/PE file
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  lb553.dll
- Size
  
  545B
- MD5
  
  afa3dbd8a8d3f72023488a2a015b8efd
- SHA1
  
  a796d2f41fb121c4cb6fdc27e94f09df8fece732
- SHA256
  
  23c7ce8a3d6b39d1c7cf5d16ba6447c1690a6fdaa8c5f41e6b76526b7afe96f3
- SHA512
  
  bb546ce2f9648f79649743b82d037bc35fb74ba492866d09a5b1173443f703a004128d24a3a44f7920e8f8de579eb612235ef98bb466f5b5ed164e8f34512aa8
Score

1^/10
behavioral3 behavioral4
- Target
  
  utils.dll
- Size
  
  1KB
- MD5
  
  66b255ed6a221e98aad514377646ff42
- SHA1
  
  b46cfd4d2cf4b47d1bffa32bd70de757390f2dfc
- SHA256
  
  5372a36f4b2c5023788c23dbc6639155cb016a1b111e8fc1d6bf97cbaf11b1f8
- SHA512
  
  981438ac4323cc29ba8dd8a6ca5663a2c99c35e06c6aa27c6f7c173ebb3ebedc0bbcc4c1b47ab4e3ec2df06aaf3502629afab4193c0ae16515c58683684923e2
Score

1^/10
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6