Overview

overview

8

Static

static

1

voicemeete...up.exe

windows7-x64

voicemeete...up.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    VoicemeeterSetup_v2111.zip

  • Size

    44.8MB

  • Sample

    240620-spq6fstgqf

  • MD5

    6682b2df4da2b73f4735665b3a7e7242

  • SHA1

    043498949ddb8a9aa59649f155f60f74c4925883

  • SHA256

    079f535deb5867ec726e8a44a03f08282c930c95488dfedc660c1ad58dca9f7c

  • SHA512

    19523f29764da04614339338aa972f4de44871a7b07e66bb5a8d1b3ce80b91fb4318f0c5204bd030446e541f5d7597b45872fed966b073d1702232f8b104aa47

  • SSDEEP

    786432:pqtyeqhzbySAVM2wTvTYt7CJjMQtqGbugnSXbPt2bKZud7hS8MAxtIMIFgytj5kM:zefMDLYt7bQtNx6bPi1hSLqtIM+tFkTo

Score
8/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      voicemeeterprosetup.exe

    • Size

      45.3MB

    • MD5

      6d65effc5cf7a5349ec3686c99b9bfb1

    • SHA1

      3d26fcfdb4819c83022d96b82909c585cf516f31

    • SHA256

      3ee2ce1839dcdbc13dfe55eb8b32f0c22ac821013c35ba0f97cafd663a099fac

    • SHA512

      fe8d4144921261686e760ca5918ce5e3ee10c1f380d8b808d8c51ac23209537ea0d0c845ad12d42f2c71472845f41ebc871d233ff8dc3211c179a89ab3c0f51c

    • SSDEEP

      786432:rmfZpMYU/zvwSaRwWA35z6tBwvXiSnu+zWCxwhTjLezKHS1/tseKaRTIKSt2IrzT:rmfsYpwJJ6tBtSnrnATjQNtsVKTIK0rX

    Score
    8/10
    discoverypersistenceprivilege_escalation

    • Drops file in Drivers directory

    • Manipulates Digital Signatures

      Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.

    • Drops file in System32 directory

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

      persistenceprivilege_escalation
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks