Overview

overview

5

Static

static

3

VoiceChang...5).exe

windows10-2004-x64

5

$8/APOConfig.exe

windows10-2004-x64

5

$8/AudioChanger.exe

windows10-2004-x64

1

$8/Clownfi...er.exe

windows10-2004-x64

5

$8/ClownfshAPO64.dll

windows10-2004-x64

5

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...st.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    VoiceChanger64f(1.85).exe

  • Size

    1.3MB

  • MD5

    5421fe40c4cf36813bbd0694af8d6a03

  • SHA1

    7be56e8fdb9d6b2372735d99c467f14d1186891d

  • SHA256

    ebf969ec3f669a8287810be09bad9d512edd0611f097c3c36d4c99d15ee09463

  • SHA512

    c87a7433083b2a1c384815f10060c8795555d1eda188f4891aae290e1f4709f78970c498fb033bc8d3b2182cb0ef95265efc87dadf6407b21532349b7e1464c1

  • SSDEEP

    24576:hYj07wKw+2rYhDTPe3GxqnWF+aZwqbs3XfjE8wf7hn/H5/6VC60urzdvUd0:e472mC3GxqlaZwqaPYTf7h/HaXRvM0

Score
3/10

Malware Config

Signatures

  • Unsigned PE 4 IoCs

    Checks for missing Authenticode signature.

Files

  • VoiceChanger64f(1.85).exe
    .exe windows:4 windows x86 arch:x86

    61259b55b8912888e90f516ca08dc514


    Code Sign

    Headers

    Imports

    Sections

  • $8/$8/uninstall.exe.nsis
  • $8/APOConfig.exe
    .exe windows:6 windows x86 arch:x86

    6d2d87d45047262928cf3f591464f201


    Code Sign

    Headers

    Imports

    Sections

  • $8/AudioChanger.exe
    .exe windows:6 windows x64 arch:x64

    56183be51ede472f606c0de4379f8af3


    Code Sign

    Headers

    Imports

    Sections

  • $8/ClownfishVoiceChanger.exe
    .exe windows:6 windows x64 arch:x64

    e6f5756f2ab4fe7ebe12e6d99d5a7de9


    Code Sign

    Headers

    Imports

    Sections

  • $8/ClownfshAPO64.dll
    .dll regsvr32 windows:6 windows x64 arch:x64

    0f5925ab233c752777c755bf2d43fca2


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $8/res/Alien-Off.ico
  • $8/res/Alien.ico
  • $8/res/Atari-Off.ico
  • $8/res/Atari.ico
  • $8/res/Cave-Off.ico
  • $8/res/Cave.ico
  • $8/res/Chorus-Off.ico
  • $8/res/Chorus.ico
  • $8/res/CityHall-Off.ico
  • $8/res/CityHall.ico
  • $8/res/Clone-Off.ico
  • $8/res/Clone.ico
  • $8/res/Denoise-Off.ico
  • $8/res/Denoise.ico
  • $8/res/Ghost-Off.ico
  • $8/res/Ghost.ico
  • $8/res/Microphone-Off.bmp
  • $8/res/Microphone-Off.ico
  • $8/res/Microphone.bmp
  • $8/res/Microphone.ico
  • $8/res/Mutation-Fast-Off.ico
  • $8/res/Mutation-Fast.ico
  • $8/res/Mutation-Normal-Off.ico
  • $8/res/Mutation-Normal.ico
  • $8/res/Mutation-Slow-Off.ico
  • $8/res/Mutation-Slow.ico
  • $8/res/Pitch-Baby-Off.ico
  • $8/res/Pitch-Baby.ico
  • $8/res/Pitch-Female-Off.ico
  • $8/res/Pitch-Female.ico
  • $8/res/Pitch-Helium-Off.ico
  • $8/res/Pitch-Helium.ico
  • $8/res/Pitch-Male-Off.ico
  • $8/res/Pitch-Male.ico
  • $8/res/Pitch-Manual-Off.ico
  • $8/res/Pitch-Manual.ico
  • $8/res/Radio-Off.ico
  • $8/res/Radio.ico
  • $8/res/Robot-Off.ico
  • $8/res/Robot.ico
  • $8/res/Silence-Off.ico
  • $8/res/Silence.ico
  • $8/res/Vocoder-Off.ico
  • $8/res/Vocoder.ico
  • $8/sounds/Applause.mp3
  • $8/sounds/Bicycle bell.mp3
  • $8/sounds/Boooooo.mp3
  • $8/sounds/Cheering.mp3
  • $8/sounds/Duck.mp3
  • $8/sounds/Fanfare.mp3
  • $8/sounds/Gong.mp3
  • $8/sounds/Gunshot.mp3
  • $8/sounds/Hail to the king.mp3
  • $8/sounds/I feel good.mp3
  • $8/sounds/Laugh.mp3
  • $8/sounds/Ricochet.mp3
  • $8/sounds/Sheep.mp3
  • $8/sounds/Smoke weed everyday.mp3
  • $8/sounds/You guys suck.mp3
  • $8/sounds/You suck.mp3
  • $8/vocoders/Bell.mp3
  • $8/vocoders/Church_Melody.mp3
  • $8/vocoders/Creepy.mp3
  • $8/vocoders/Fire.mp3
  • $8/vocoders/Flute.mp3
  • $8/vocoders/Ghost.mp3
  • $8/vocoders/Melody.mp3
  • $8/vocoders/Melody2.mp3
  • $8/vocoders/Melody3.mp3
  • $8/vocoders/Melody4.mp3
  • $8/vocoders/Metal.mp3
  • $8/vocoders/Metal2.mp3
  • $8/vocoders/River.mp3
  • $8/vocoders/Robot.mp3
  • $8/vocoders/Robot2.mp3
  • $8/vocoders/Rusty.mp3
  • $8/vocoders/Singer.mp3
  • $8/vocoders/Useless.mp3
  • $8/vocoders/Vader.mp3
  • $8/vocoders/Weird.mp3
  • $8/vst/howto.txt
  • $PLUGINSDIR/KillProcDLL.dll
    .dll windows:4 windows x86 arch:x86

    62734a8f9e9c1184cf5a30c332ae53cb


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/LockedList.dll
    .dll windows:6 windows x86 arch:x86

    c26621761683a926589c7f7a96aa5d75


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    fc0224e99e736751432961db63a41b76


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/modern-wizard.bmp
  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:4 windows x86 arch:x86

    6b5c4f7d679059f68f1269aad3a5cecd


    Headers

    Imports

    Exports

    Sections