Static

static

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    VoiceChanger64(1.66).exe

  • Size

    1.2MB

  • MD5

    aa701d9f1acd327f29357db4b50cd410

  • SHA1

    48d45a3586bd0e1027e1dcb9b3fe5cf99bfe4187

  • SHA256

    7a0eb9985e8c6fe051454cc216d46af0f63225e2d74ec7317c74b39ef627f674

  • SHA512

    19ab19306717dfd24d82588273efe0372157091c6e83c9f8d1dbfcb29d4d6fa82986576f763e3dd8406fad4cbca71ead5aa6f205b13e03ec12f083954f5757a3

  • SSDEEP

    24576:4MJd28iZPHdbdwEk4K9Y+XBukPNyUhh+d75vR3Q/rFscSS6kx:bJA8iN9uc+YBuHhh+ddGxscp6

Score
3/10

Malware Config

Signatures

  • Unsigned PE 4 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs
    installer

Files

  • VoiceChanger64(1.66).exe
    .exe windows:4 windows x86 arch:x86

    b1a57b635b23ffd553b3fd1e0960b2bd


    Code Sign

    Headers

    Imports

    Sections

  • $8/$8/uninstall.exe.nsis
  • $8/APOConfig.exe
    .exe windows:6 windows x86 arch:x86

    0316d1983390f0b1dc5419972c9b9bd7


    Code Sign

    Headers

    Imports

    Sections

  • $8/ClownfishVoiceChanger.exe
    .exe windows:6 windows x86 arch:x86

    f44a152cc57f94e069bf28db1248e229


    Code Sign

    Headers

    Imports

    Sections

  • $8/ClownfshAPO64.dll
    .dll regsvr32 windows:6 windows x64 arch:x64

    096a2400938901d95c148bc3cedd4098


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $8/res/Alien-Off.ico
  • $8/res/Alien.ico
  • $8/res/Atari-Off.ico
  • $8/res/Atari.ico
  • $8/res/Cave-Off.ico
  • $8/res/Cave.ico
  • $8/res/Chorus-Off.ico
  • $8/res/Chorus.ico
  • $8/res/CityHall-Off.ico
  • $8/res/CityHall.ico
  • $8/res/Clone-Off.ico
  • $8/res/Clone.ico
  • $8/res/Denoise-Off.ico
  • $8/res/Denoise.ico
  • $8/res/Ghost-Off.ico
  • $8/res/Ghost.ico
  • $8/res/Microphone-Off.bmp
  • $8/res/Microphone-Off.ico
  • $8/res/Microphone.bmp
  • $8/res/Microphone.ico
  • $8/res/Mutation-Fast-Off.ico
  • $8/res/Mutation-Fast.ico
  • $8/res/Mutation-Normal-Off.ico
  • $8/res/Mutation-Normal.ico
  • $8/res/Mutation-Slow-Off.ico
  • $8/res/Mutation-Slow.ico
  • $8/res/Pitch-Baby-Off.ico
  • $8/res/Pitch-Baby.ico
  • $8/res/Pitch-Female-Off.ico
  • $8/res/Pitch-Female.ico
  • $8/res/Pitch-Helium-Off.ico
  • $8/res/Pitch-Helium.ico
  • $8/res/Pitch-Male-Off.ico
  • $8/res/Pitch-Male.ico
  • $8/res/Pitch-Manual-Off.ico
  • $8/res/Pitch-Manual.ico
  • $8/res/Radio-Off.ico
  • $8/res/Radio.ico
  • $8/res/Robot-Off.ico
  • $8/res/Robot.ico
  • $8/res/Silence-Off.ico
  • $8/res/Silence.ico
  • $8/res/Vocoder-Off.ico
  • $8/res/Vocoder.ico
  • $8/sounds/Applause.mp3
  • $8/sounds/Bicycle bell.mp3
  • $8/sounds/Boooooo.mp3
  • $8/sounds/Cheering.mp3
  • $8/sounds/Duck.mp3
  • $8/sounds/Fanfare.mp3
  • $8/sounds/Gong.mp3
  • $8/sounds/Gunshot.mp3
  • $8/sounds/Hail to the king.mp3
  • $8/sounds/I feel good.mp3
  • $8/sounds/Laugh.mp3
  • $8/sounds/Ricochet.mp3
  • $8/sounds/Sheep.mp3
  • $8/sounds/Smoke weed everyday.mp3
  • $8/sounds/You guys suck.mp3
  • $8/sounds/You suck.mp3
  • $8/vocoders/Bell.mp3
  • $8/vocoders/Church_Melody.mp3
  • $8/vocoders/Creepy.mp3
  • $8/vocoders/Fire.mp3
  • $8/vocoders/Flute.mp3
  • $8/vocoders/Ghost.mp3
  • $8/vocoders/Melody.mp3
  • $8/vocoders/Melody2.mp3
  • $8/vocoders/Melody3.mp3
  • $8/vocoders/Melody4.mp3
  • $8/vocoders/Metal.mp3
  • $8/vocoders/Metal2.mp3
  • $8/vocoders/River.mp3
  • $8/vocoders/Robot.mp3
  • $8/vocoders/Robot2.mp3
  • $8/vocoders/Rusty.mp3
  • $8/vocoders/Singer.mp3
  • $8/vocoders/Useless.mp3
  • $8/vocoders/Vader.mp3
  • $8/vocoders/Weird.mp3
  • $8/vst/howto.txt
  • $PLUGINSDIR/KillProcDLL.dll
    .dll windows:4 windows x86 arch:x86

    153027ec3b10bcea606b777657dd3402


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/LockedList.dll
    .dll windows:6 windows x86 arch:x86

    1f24eeb49cd5ab55727208afd8ac7b2f


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    f2ac1ab587d5531d5f1bf76c094aef4c


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/modern-wizard.bmp
  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:4 windows x86 arch:x86

    f03b2bab186574d8892d3d73fa9fd3fd


    Headers

    Imports

    Exports

    Sections