General

  • Target

    fliflik voice changer posssible trojan pass 12234.rar

  • Size

    91.6MB

  • Sample

    241103-jn15la1rem

  • MD5

    6cbad22ba5fa8fa3569b4d6520870daa

  • SHA1

    4bf563aec96edb6afb6282c2796458b45443ff25

  • SHA256

    5bbd26d7f0903bce1d559c83ee4f75d080de0b65a5f1e6b522bfce6351faa241

  • SHA512

    ef8a0019db46df46ec13144e16bc3c563e2d7e851ef76b7346dc9775edff179bcb0b9b185fa86beb2146053bcd0354991156b5694c6991297aceeb2c0745a7b5

  • SSDEEP

    1572864:og8cEWziMyUfCrcIrT6H1GBx1I/nkLqnQdw9iuTBOcY2k0zestkAXi:A+GafPOnesqnWw9iu02k0zlS

Score
8/10

Malware Config

Targets

    • Target

      FliFlik Voice Changer 4.2.2/App/DefaultData/settings/LDVoiceKer.dll

    • Size

      50.8MB

    • MD5

      9d5a343e53f493d3a00305e085ee9daa

    • SHA1

      c582c5463317031c9d50da2aa803a2d610bfcf6c

    • SHA256

      2811613f541c7e3ada9683eac80cc151516e4da240275ccf34dfec591571b3ef

    • SHA512

      013cdcd495c089656d9335e6ad37dfa4b9f2a27f611bb14de319528dab6b076c96d1892fdfa8e50c65f9be89b9f719f366ce1ab8bdcb67893d92e5e49ccba6fa

    • SSDEEP

      786432:Cpq4H0Zju7CK/FajCc0FjlrkA9WQYNtek4dpXMRL0aI24M1SLC4gYiMWPBtWWC+y:jj+lywyLf7HSvQ52OTpF/i

    Score
    3/10
    • Target

      FliFlik Voice Changer 4.2.2/App/fliflik voice changer/BsSndRpt.exe

    • Size

      405KB

    • MD5

      eaadea0fa3e7700b4febd0bd0237fc83

    • SHA1

      277c9fec105b7259cbe95bac9bd4c1949f34b128

    • SHA256

      4400795023c7ea004e0defc6aefd6046a427351e7d2a44afa1a16bf88e30a192

    • SHA512

      0c8044f781a27ee36fba89541999e7a1aa8e558b178fc4aceb4d882fb15e2457839482b846e72e581b643bf42838ee37246e9584a74c861df2171af5191c8150

    • SSDEEP

      6144:RMSsex+94L7KK1wq4JtTsXTKXB8mwx+RE5Xkzgrwo9wQuyCAWAOUooCfmE+2Dk:e9OK3JtTsXTKXB8m4UEK2WeQPDk

    Score
    3/10
    • Target

      FliFlik Voice Changer 4.2.2/App/fliflik voice changer/BugSplat.dll

    • Size

      452KB

    • MD5

      f3d28e20caec56620c46a05ba9ff39d3

    • SHA1

      016eefd0f397f02d1cb82dfd77180be4da949602

    • SHA256

      c11c7d33d28e5bfb95b6a895ebe9539ec8c081c6fed608aa994e21b52ae34857

    • SHA512

      503349b944f21a8386d8db50ba078837c6beb1dea2ccb37f1eb061dbffdf909c0b763953d76fd54d5ab78090d6ce61d66d5313498b4b461f6459266c6d669ae6

    • SSDEEP

      12288:hlHxOXexuEBH6vg7K49cR60QbEiHrSkOL1QQYP3eESvENumh5M4mxs2:hF4uxuE96vg7tEiHmki1SuESvOe

    Score
    3/10
    • Target

      FliFlik Voice Changer 4.2.2/App/fliflik voice changer/BugSplatRc.dll

    • Size

      297KB

    • MD5

      b11a7a243bb8aac016ff579c75ffbcb1

    • SHA1

      9d414c5f436efb866def60236b1c49101222ed37

    • SHA256

      e3f15d508364ca30b73ecc427cded26bd77bebdbabf841197517cdb2c80e11ed

    • SHA512

      6941cd3e335a0165d63eb848b195c1b8f18017e9c225fc6d1de6fb15a11cfd34e5970938eee43ee1c0f02d133d3313b3fad9d85c7f5916be833ac3e54059f67e

    • SSDEEP

      1536:dVFTpu2LR7Xp6FMNeq7BHTy7IjRPs/7eL2g86z/7eL2zP:dVVpu2LR7Xp6FMNeq7BHTysjps/M/n

    Score
    1/10
    • Target

      FliFlik Voice Changer 4.2.2/App/fliflik voice changer/LDVoiceKer.dll

    • Size

      50.8MB

    • MD5

      d3abd4458ad355e5949749b125fa6cf3

    • SHA1

      000ee0b2e642a16d75dfa202fc2cde7cd3dea5b1

    • SHA256

      94c8c8fd5832bb33a1bd9ee5d816eebdf7e1edc70e9ab5ee6333ec42a18117d7

    • SHA512

      537a345eb1452715918a009402d50a8680e118e8d724d0c22a4919d5a6208359b76c03072197d4c023e5b66e7e021a8533ae0c56359c87167ca74ed87fbd9578

    • SSDEEP

      786432:9pq4H0Zju7CK/FajCc0FjlrkA9WQYNtek4dpXMRL0aI24M1SLC4gYiMWPBtWWC+a:kj+lywyLf7HSvQ52OTpF/

    Score
    3/10
    • Target

      FliFlik Voice Changer 4.2.2/App/fliflik voice changer/Qt5Core.dll

    • Size

      4.9MB

    • MD5

      30be431ca21529663bc2bb2691d00760

    • SHA1

      67a3c5b754c44db0f6d8a3b2914ee1d954e29bc1

    • SHA256

      799d06c5454ce006407a63cb738a372ece05756547baba7dd8160404a569b118

    • SHA512

      8c54f3d78a4d440da3ea75f0cc120e92386628422bf1c0fa92d8fa2f7c233e113de7601988499272541d1cb806543e2110691145a4454447c7b67e3807d2e874

    • SSDEEP

      98304:IAJksepVYh4PwhHlJsv6tWKFdu9CSv774dj:IUFwWlJsv6tWKFdu9CSj7U

    Score
    3/10
    • Target

      FliFlik Voice Changer 4.2.2/App/fliflik voice changer/Qt5Gui.dll

    • Size

      5.2MB

    • MD5

      b30676a0df479d00d4618907bb042384

    • SHA1

      05d7b8092dd54fd2963b0a9fa728c5f5a3131ee1

    • SHA256

      a1d488876c4b01fa6508a07734199fe89f2d274fbed08de259681d10881f0324

    • SHA512

      04aee2c1ee72751980baf593690e83de7577969ff24bf735ee281ca0c1941e4f6200cbf7f784e0ca4f7695e1fae4529aab17a00d7d45de23dadd96311ee2a249

    • SSDEEP

      49152:b0FscabvkjcFqFptcm6Bn0Kbok1EPr+S09cL7Z9zGSUkngyOLIwzNBCDSUGj+:uHFpKLnePq+YvkGK

    Score
    3/10
    • Target

      FliFlik Voice Changer 4.2.2/App/fliflik voice changer/Qt5Network.dll

    • Size

      1.0MB

    • MD5

      094a879d51eed91e7c66a2ab8bc8ce11

    • SHA1

      0b7c2ecc3603424574a9f895784fac1b793265bd

    • SHA256

      7ec13b5b1942118d6229abc8d6a224e91924f4c293df94587aeaa8f6c10d40b1

    • SHA512

      69912a19d3f56a7d15c066fb78452f8a5b9f51abda6b6a17b393f4a38f6cf323ad0155ff61093e3f005a1b102856002929e423280dd36c5cfdba28af7ac054e6

    • SSDEEP

      24576:MqrHw0EEvjNVeSW7HLQcxikm9YsCuxG1CWXnCT61:7Hw0EE6tzRKYsCuG0W64

    Score
    3/10
    • Target

      FliFlik Voice Changer 4.2.2/App/fliflik voice changer/Qt5Widgets.dll

    • Size

      4.4MB

    • MD5

      799136dd7bcc104316ea5b025d57e78f

    • SHA1

      c8dca175a8deb1f6bcae370630702d23c0c863a2

    • SHA256

      405f65f738331a8b397fee30883a50a23f49e0834e0c60551ce04f38ed81507f

    • SHA512

      5ef78762123540f7b49b83594c2806cd1f54ac7a3a04a782008b59b3a870476852b1f80e0cc804151d9976b797d1062f4493c6e1b62196c14d98b80d1327c388

    • SSDEEP

      49152:172ExdVDeCkDXpPTAyY0SMIID+LQIOMJXk7k3ByWIA00XXGhV:12od8L+OI00XIV

    Score
    3/10
    • Target

      FliFlik Voice Changer 4.2.2/App/fliflik voice changer/VoiceModify.exe

    • Size

      6.2MB

    • MD5

      0ed9d3cdd1bb3455b995f3482010e310

    • SHA1

      938459245f4b52f0d884280d79b082b0bac29b4f

    • SHA256

      f042f7d2b8541dc09adaf148e0dc53b32835348ddbad768b62e5230ab00c8a87

    • SHA512

      06e5f34d7aeed0e82e143a396a05af729afc64b28861774e3b750c794017405596f17a929efe1bd3a6eb565aafae472c2dac56f0e95d8fcdc5d44e05e64f526c

    • SSDEEP

      196608:+Pyi/SVX0RcGiIAhQk4RwwSKO49zH4AxlNx0:+K55mA74RXOSz440

    Score
    8/10
    • Command and Scripting Interpreter: PowerShell

      Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

    • Drops file in Drivers directory

    • Manipulates Digital Signatures

      Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.

    • Drops file in System32 directory

    • Target

      FliFlik Voice Changer 4.2.2/App/fliflik voice changer/api-ms-win-core-console-l1-1-0.dll

    • Size

      18KB

    • MD5

      37da7f6961082dd96a537235dd89b114

    • SHA1

      daa1e2e683fa0512ff68eb686d80b4aa3b42e5b6

    • SHA256

      6ee46c6b6727eb77bcbcdd54dc506680ca34af7bc7ca433b77775de90358844e

    • SHA512

      af4f28e3319344d2e215f56026e9cee5c951b5c44374c7eeea6790d18f174d7e785ceacbbf1450d5ca1d76f207b5f7b4f24674468f30be84c6c3e90c48ce2a2c

    • SSDEEP

      192:bvmMWVghW/ivSx9YOCAs/nGfe4pBjSf+GEOWNArXVWQ4mWPQ4mqnajxcRGlPMRdk:XW2hWKSUA0GftpBjxDib4mll7PedGSk

    Score
    3/10
    • Target

      FliFlik Voice Changer 4.2.2/App/fliflik voice changer/api-ms-win-core-datetime-l1-1-0.dll

    • Size

      18KB

    • MD5

      3b3bd0ad4fea16ab58fcaeae4629879c

    • SHA1

      eb175f53640fb8ac4028a7657bbf48823a535677

    • SHA256

      dcb9cf7e31d6772434c683353a1514f10d87d39feaa9b3edf3fa983b2988294c

    • SHA512

      f206e7f56a218a1725f212b20416210c228e60d0d3c44f9a598c93acb10bf8a3c961b4c4d104ae0f166598be5c5102a1ff77a39d2b70743e784f69c82fd4c730

    • SSDEEP

      192:sZWVghW/Y7l9YOCAs/nGfe4pBjSfXVJ4WNArXVWQ4mWGqnajxcRGlPMRd54kft:4W2hWQ7QA0GftpBjcqRll7PedGkft

    Score
    3/10
    • Target

      FliFlik Voice Changer 4.2.2/App/fliflik voice changer/api-ms-win-core-debug-l1-1-0.dll

    • Size

      18KB

    • MD5

      584766df684b2ad2a3a5b05a5b457fac

    • SHA1

      c207b7aedb8d978c8320a1454331519a8365f20d

    • SHA256

      b15964d49a2c5219e0923137aa9028611be81fdbdcbb0d43bb3aaa23114e401f

    • SHA512

      3bc7d49f997e489466858a21daa22b397adb8e736d7e064542ed5f73cd87b52cbd412cdec2b4b892f9231c2562e24c8debab73054e878405f2b2a022e86d26b8

    • SSDEEP

      384:NvW2hW+77QA0GftpBjuYvd0WrlI663Upe:NR9yi866kQ

    Score
    3/10
    • Target

      FliFlik Voice Changer 4.2.2/App/fliflik voice changer/api-ms-win-core-errorhandling-l1-1-0.dll

    • Size

      18KB

    • MD5

      906cb0c8aba8342d552b0f37ddfd475f

    • SHA1

      a3cd528b9c212fea97495a557a91d638b1608418

    • SHA256

      582e87ade6dac258844154b068c291ff8d8f6d7ab6ee029fcd3cf1391874c74b

    • SHA512

      27b33658a30010e0c6a09f5b1359a9e39871b7851d0cfb43f5e2063fb77dafb34df9724fce82fc7826463104fee0820ae4e996a76dd3912490689686ea05844b

    • SSDEEP

      192:+F87mxD3XWVghW/IvSx9YOCAs/nGfe4pBjSf/qoWNArXVWQ4mWBqnaj9RlS6Vab:h70W2hWQSUA0GftpBjoqUOlBRAkO

    Score
    3/10
    • Target

      FliFlik Voice Changer 4.2.2/App/fliflik voice changer/api-ms-win-core-file-l1-1-0.dll

    • Size

      21KB

    • MD5

      779a8b14c22e463ea535cbca9ea84d49

    • SHA1

      4620531d5291878c10d6e3974f240b98bc7fb4b9

    • SHA256

      fc0551de11b310dfd8f3fc924f309d5e754b547ffc475cf6c3d007bb5366f148

    • SHA512

      08882528df66fc582a890ad64c7f96e8f9de56d4871a4d9b6b32e1c3ffb0c29b425f4cc893b2575f6697ffafbb56ba84d43d602483b0470488df823d445b84e4

    • SSDEEP

      192:3CYPvVX8rFTsdWVghW/VvSx9YOCAs/nGfe4pBjSfZCLWNArXVWQ4mWbmqnaj9Rlg:1PvVXfW2hW9SUA0GftpBj8yBlBRAkad

    Score
    3/10
    • Target

      FliFlik Voice Changer 4.2.2/App/fliflik voice changer/api-ms-win-core-file-l1-2-0.dll

    • Size

      18KB

    • MD5

      f6d1216e974fb76585fd350ebdc30648

    • SHA1

      f8f73aa038e49d9fcf3bd05a30dc2e8cbbe54a7c

    • SHA256

      348b70e57ae0329ac40ac3d866b8e896b0b8fef7e8809a09566f33af55d33271

    • SHA512

      756ee21ba895179a5b6836b75aeefb75389b0fe4ae2aaff9ed84f33075094663117133c810ab2e697ec04eaffd54ff03efa3b9344e467a847acea9f732935843

    • SSDEEP

      192:7WVghWu7vSx9YOCAs/nGfe4pBjSby+ggmGWNArXVWQ42WHmMqnaj9RlS6VSyS:7W2hWmSUA0GftpBj+1bMlBRAkS3

    Score
    3/10
    • Target

      FliFlik Voice Changer 4.2.2/App/fliflik voice changer/api-ms-win-core-file-l2-1-0.dll

    • Size

      18KB

    • MD5

      bfb08fb09e8d68673f2f0213c59e2b97

    • SHA1

      e1e5ff4e7dd1c902afbe195d3e9fd2a7d4a539f2

    • SHA256

      6d5881719e9599bf10a4193c8e2ded2a38c10de0ba8904f48c67f2da6e84ed3e

    • SHA512

      e4f33306f3d06ea5c8e539ebdb6926d5f818234f481ff4605a9d5698ae8f2afdf79f194acd0e55ac963383b78bb4c9311ee97f3a188e12fbf2ee13b35d409900

    • SSDEEP

      192:WUWVghW/zvSx9YOCAs/nGfe4pBjSfEtcsWNArXVWQ4mWV9QqnajxcRGlPMRd54xS:WUW2hW7SUA0GftpBjBj3ll7PedGxC/

    Score
    3/10
    • Target

      FliFlik Voice Changer 4.2.2/App/fliflik voice changer/api-ms-win-core-handle-l1-1-0.dll

    • Size

      18KB

    • MD5

      fc68978abb44e572dfe637b7dd3d615f

    • SHA1

      47d0f1bd5195ce10c5ec06bdb92e85dda21cdab3

    • SHA256

      df6bed7bcccaf7298133df99e497fa70da761be99c2a5b2742cfc835bf62d356

    • SHA512

      7eb601d7482dddc251898d7efbdfe003bab460af13b3cb12f1d79fdf9d9d26fc9048fd8ca9969b68bbe5547fdcd16f59d980527a5b73b02da145419834234873

    • SSDEEP

      192:6YOWVghW/KgbXH9YOCAs/nGfe4pBjSfSAWNArXVWQ4mW/M2qnaj9RlS6VRob:EW2hWSgbCA0GftpBj8qRlBRAka

    Score
    3/10
    • Target

      FliFlik Voice Changer 4.2.2/App/fliflik voice changer/api-ms-win-core-heap-l1-1-0.dll

    • Size

      18KB

    • MD5

      1cd8672d8c08b39560a9d5518836493e

    • SHA1

      c7ce2330265d07d88ad15f80dd88473f3daafcd0

    • SHA256

      4a5f33a0837a9d9f22d49ee6d062bae671a4c5c5522db6ffe03c1aa2c0bd008e

    • SHA512

      6bce6ef09746c10e3b3f136bb2ce67002f27ff70c3fcba48e7f1c3769000a62649a41fd82acbe2a819b8ece96d8e9399b15104ca2b40f65b51a0c84fc2a7901c

    • SSDEEP

      384:8l6W2hWJ7QA0GftpBj8VbJOAlXBtFwA+S:p+yi2VbJy4

    Score
    3/10
    • Target

      FliFlik Voice Changer 4.2.2/App/fliflik voice changer/api-ms-win-core-interlocked-l1-1-0.dll

    • Size

      18KB

    • MD5

      b8bb783dee4ea95576882625c365e616

    • SHA1

      e9af4b17fc082b5d717bfa013d46da4bdffb2cd3

    • SHA256

      21bd55b9d42a5faa5fa3c5dd9fad1665df3c33557cc4f7a58248a88b69d372b8

    • SHA512

      b756468dcf7254fd31d3650f794b837724a82207001b521105be05df4cf187785897be8377083c53a92c0dc5aee2cdaf8b9538fd6944e0ac4be5d286836037a1

    • SSDEEP

      384:8vlYsFeW2hWu7QA0GftpBjECp4DlXBtFwCf:8izyiChyG

    Score
    3/10
    • Target

      FliFlik Voice Changer 4.2.2/App/fliflik voice changer/api-ms-win-core-libraryloader-l1-1-0.dll

    • Size

      18KB

    • MD5

      44ca070dc5c09ff8588cf6cdcb64e7a2

    • SHA1

      63d1da68cd984532217beacc21b868b46ec5d910

    • SHA256

      edeb5b3003db4ee3767fa012e812323fadef67663c1b45fed3fca96cad5aecc8

    • SHA512

      c3a214550993a56907aa35091112f9f89e0a74375a7c268133a7c06d88e5de4f9c87f7e0be5007f00081a772df724590d38966ed465f92217d3ef2f45a29c237

    • SSDEEP

      384:CbvuBL3BuW2hWO7QA0GftpBjvEcDflBRAkgD:7BL3BGfyidRA1

    Score
    3/10
    • Target

      FliFlik Voice Changer 4.2.2/App/fliflik voice changer/api-ms-win-core-localization-l1-2-0.dll

    • Size

      20KB

    • MD5

      3b9d034ca8a0345bc8f248927a86bf22

    • SHA1

      95faf5007daf8ba712a5d17f865f0e7938da662b

    • SHA256

      a7ac7ece5e626c0b4e32c13299e9a44c8c380c8981ce4965cbe4c83759d2f52d

    • SHA512

      04f0830878e0166ffd1220536592d0d7ec8aacd3f04340a8d91df24d728f34fbbd559432e5c35f256d231afe0ae926139d7503107cea09bfd720ad65e19d1cdc

    • SSDEEP

      384:9OMw3zdp3bwjGjue9/0jCRrndbVW2hWKgbCA0GftpBjbQywPAOll7PedGGZ:9OMwBprwjGjue9/0jCRrndbzM8iFFGkt

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
3/10

behavioral1

discovery
Score
3/10

behavioral2

discovery
Score
3/10

behavioral3

discovery
Score
3/10

behavioral4

discovery
Score
3/10

behavioral5

discovery
Score
3/10

behavioral6

discovery
Score
3/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

discovery
Score
3/10

behavioral10

discovery
Score
3/10

behavioral11

discovery
Score
3/10

behavioral12

discovery
Score
3/10

behavioral13

discovery
Score
3/10

behavioral14

discovery
Score
3/10

behavioral15

discovery
Score
3/10

behavioral16

discovery
Score
3/10

behavioral17

discovery
Score
3/10

behavioral18

discovery
Score
3/10

behavioral19

discoveryexecution
Score
8/10

behavioral20

discoveryexecution
Score
8/10

behavioral21

discovery
Score
3/10

behavioral22

discovery
Score
3/10

behavioral23

discovery
Score
3/10

behavioral24

discovery
Score
3/10

behavioral25

discovery
Score
3/10

behavioral26

discovery
Score
3/10

behavioral27

discovery
Score
3/10

behavioral28

discovery
Score
3/10

behavioral29

discovery
Score
3/10

behavioral30

discovery
Score
3/10

behavioral31

discovery
Score
3/10

behavioral32

discovery
Score
3/10