Overview

overview

5

Static

static

3

VoiceChang...6).exe

windows7-x64

5

VoiceChang...6).exe

windows10-2004-x64

4

$8/APOConfig.exe

windows7-x64

5

$8/APOConfig.exe

windows10-2004-x64

5

$8/Clownfi...er.exe

windows7-x64

5

$8/Clownfi...er.exe

windows10-2004-x64

5

$8/ClownfshAPO64.dll

windows7-x64

5

$8/ClownfshAPO64.dll

windows10-2004-x64

5

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...st.dll

windows7-x64

3

$PLUGINSDI...st.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    VoiceChanger64f(1.66).exe

  • Size

    1.2MB

  • MD5

    271da96d964aa1b52e85553dc4da7b3a

  • SHA1

    fbabee2839e973c0dc12be83d7d450a9b3bae67b

  • SHA256

    38130c93482996bc6b4828242f63ec0ffb63209409cf92fc9d851f14ee18366c

  • SHA512

    1b50692dc8554e30e7b37fd9d56e294deecc853fb50b4180170370232cfaca70e53f6b36098ccc11e83cea5a9707401227e54ef8fdb67aad90b73c887de49e97

  • SSDEEP

    24576:JFid2uPbWDioGxBu2w+q4v9xEiGV3manbj16IKzO:HSBPi8nnmV2ann16IK

Score
3/10

Malware Config

Signatures

  • Unsigned PE 4 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs
    installer

Files

  • VoiceChanger64f(1.66).exe
    .exe windows:4 windows x86 arch:x86

    b1a57b635b23ffd553b3fd1e0960b2bd


    Code Sign

    Headers

    Imports

    Sections

  • $8/$8/uninstall.exe.nsis
  • $8/APOConfig.exe
    .exe windows:6 windows x86 arch:x86

    0316d1983390f0b1dc5419972c9b9bd7


    Code Sign

    Headers

    Imports

    Sections

  • $8/ClownfishVoiceChanger.exe
    .exe windows:6 windows x64 arch:x64

    76adccd75f3f363c5a7769d22395343b


    Code Sign

    Headers

    Imports

    Sections

  • $8/ClownfshAPO64.dll
    .dll regsvr32 windows:6 windows x64 arch:x64

    096a2400938901d95c148bc3cedd4098


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $8/res/Alien-Off.ico
  • $8/res/Alien.ico
  • $8/res/Atari-Off.ico
  • $8/res/Atari.ico
  • $8/res/Cave-Off.ico
  • $8/res/Cave.ico
  • $8/res/Chorus-Off.ico
  • $8/res/Chorus.ico
  • $8/res/CityHall-Off.ico
  • $8/res/CityHall.ico
  • $8/res/Clone-Off.ico
  • $8/res/Clone.ico
  • $8/res/Denoise-Off.ico
  • $8/res/Denoise.ico
  • $8/res/Ghost-Off.ico
  • $8/res/Ghost.ico
  • $8/res/Microphone-Off.bmp
  • $8/res/Microphone-Off.ico
  • $8/res/Microphone.bmp
  • $8/res/Microphone.ico
  • $8/res/Mutation-Fast-Off.ico
  • $8/res/Mutation-Fast.ico
  • $8/res/Mutation-Normal-Off.ico
  • $8/res/Mutation-Normal.ico
  • $8/res/Mutation-Slow-Off.ico
  • $8/res/Mutation-Slow.ico
  • $8/res/Pitch-Baby-Off.ico
  • $8/res/Pitch-Baby.ico
  • $8/res/Pitch-Female-Off.ico
  • $8/res/Pitch-Female.ico
  • $8/res/Pitch-Helium-Off.ico
  • $8/res/Pitch-Helium.ico
  • $8/res/Pitch-Male-Off.ico
  • $8/res/Pitch-Male.ico
  • $8/res/Pitch-Manual-Off.ico
  • $8/res/Pitch-Manual.ico
  • $8/res/Radio-Off.ico
  • $8/res/Radio.ico
  • $8/res/Robot-Off.ico
  • $8/res/Robot.ico
  • $8/res/Silence-Off.ico
  • $8/res/Silence.ico
  • $8/res/Vocoder-Off.ico
  • $8/res/Vocoder.ico
  • $8/sounds/Applause.mp3
  • $8/sounds/Bicycle bell.mp3
  • $8/sounds/Boooooo.mp3
  • $8/sounds/Cheering.mp3
  • $8/sounds/Duck.mp3
  • $8/sounds/Fanfare.mp3
  • $8/sounds/Gong.mp3
  • $8/sounds/Gunshot.mp3
  • $8/sounds/Hail to the king.mp3
  • $8/sounds/I feel good.mp3
  • $8/sounds/Laugh.mp3
  • $8/sounds/Ricochet.mp3
  • $8/sounds/Sheep.mp3
  • $8/sounds/Smoke weed everyday.mp3
  • $8/sounds/You guys suck.mp3
  • $8/sounds/You suck.mp3
  • $8/vocoders/Bell.mp3
  • $8/vocoders/Church_Melody.mp3
  • $8/vocoders/Creepy.mp3
  • $8/vocoders/Fire.mp3
  • $8/vocoders/Flute.mp3
  • $8/vocoders/Ghost.mp3
  • $8/vocoders/Melody.mp3
  • $8/vocoders/Melody2.mp3
  • $8/vocoders/Melody3.mp3
  • $8/vocoders/Melody4.mp3
  • $8/vocoders/Metal.mp3
  • $8/vocoders/Metal2.mp3
  • $8/vocoders/River.mp3
  • $8/vocoders/Robot.mp3
  • $8/vocoders/Robot2.mp3
  • $8/vocoders/Rusty.mp3
  • $8/vocoders/Singer.mp3
  • $8/vocoders/Useless.mp3
  • $8/vocoders/Vader.mp3
  • $8/vocoders/Weird.mp3
  • $8/vst/howto.txt
  • $PLUGINSDIR/KillProcDLL.dll
    .dll windows:4 windows x86 arch:x86

    153027ec3b10bcea606b777657dd3402


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/LockedList.dll
    .dll windows:6 windows x86 arch:x86

    1f24eeb49cd5ab55727208afd8ac7b2f


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    f2ac1ab587d5531d5f1bf76c094aef4c


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/modern-wizard.bmp
  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:4 windows x86 arch:x86

    f03b2bab186574d8892d3d73fa9fd3fd


    Headers

    Imports

    Exports

    Sections