General
-
Target
VoicemodSetup_2.6.0.7.exe
-
Size
64.4MB
-
Sample
240603-er56hacb79
-
MD5
ac5c87490c1d1949dfe6f50ee007e6ea
-
SHA1
ecca4b6ea32fa0af34b739a1c9e93cc400651091
-
SHA256
7ff3b571ce5e9853333c9a1bda22070755c4ac579b9aa785e56db315e851e32d
-
SHA512
6ad0c745b3e49eab9587b13135261be98a858d24f797a200217a3eadb65d8219ea51535cc64426187e8cbc9a030e3998011842c18d348037e6b2dc57f1efa24d
-
SSDEEP
1572864:jSJjRAbmycmDxlBFllh8LRdKKPGleP6YDmq5glXg4Y:giyyXPrlhSdCQCYDVglw4Y
Static task
static1
Behavioral task
behavioral1
Sample
VoicemodSetup_2.6.0.7.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
VoicemodSetup_2.6.0.7.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
VoicemodSetup_2.6.0.7.exe
-
Size
64.4MB
-
MD5
ac5c87490c1d1949dfe6f50ee007e6ea
-
SHA1
ecca4b6ea32fa0af34b739a1c9e93cc400651091
-
SHA256
7ff3b571ce5e9853333c9a1bda22070755c4ac579b9aa785e56db315e851e32d
-
SHA512
6ad0c745b3e49eab9587b13135261be98a858d24f797a200217a3eadb65d8219ea51535cc64426187e8cbc9a030e3998011842c18d348037e6b2dc57f1efa24d
-
SSDEEP
1572864:jSJjRAbmycmDxlBFllh8LRdKKPGleP6YDmq5glXg4Y:giyyXPrlhSdCQCYDVglw4Y
Score8/10-
Drops file in Drivers directory
-
Adds Run key to start application
-
Downloads MZ/PE file
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Defense Evasion
Impair Defenses
1Disable or Modify System Firewall
1Modify Registry
2Subvert Trust Controls
1Install Root Certificate
1