Overview

overview

3

Static

static

3

VoiceChang...1).exe

ubuntu-18.04-amd64

VoiceChang...1).exe

debian-9-armhf

VoiceChang...1).exe

debian-9-mips

VoiceChang...1).exe

debian-9-mipsel

$8/APOConfig.exe

ubuntu-18.04-amd64

$8/APOConfig.exe

debian-9-armhf

$8/APOConfig.exe

debian-9-mips

$8/APOConfig.exe

debian-9-mipsel

$8/AudioChanger.exe

ubuntu-18.04-amd64

$8/AudioChanger.exe

debian-9-armhf

$8/AudioChanger.exe

debian-9-mips

$8/AudioChanger.exe

debian-9-mipsel

$8/Clownfi...er.exe

ubuntu-18.04-amd64

$8/Clownfi...er.exe

debian-9-armhf

$8/Clownfi...er.exe

debian-9-mips

$8/Clownfi...er.exe

debian-9-mipsel

$8/ClownfshAPO64.dll

ubuntu-18.04-amd64

$8/ClownfshAPO64.dll

debian-9-armhf

$8/ClownfshAPO64.dll

debian-9-mips

$8/ClownfshAPO64.dll

debian-9-mipsel

$PLUGINSDI...LL.dll

ubuntu-18.04-amd64

$PLUGINSDI...LL.dll

debian-9-armhf

$PLUGINSDI...LL.dll

debian-9-mips

$PLUGINSDI...LL.dll

debian-9-mipsel

$PLUGINSDI...st.dll

ubuntu-18.04-amd64

$PLUGINSDI...st.dll

debian-9-armhf

$PLUGINSDI...st.dll

debian-9-mips

$PLUGINSDI...st.dll

debian-9-mipsel

$PLUGINSDI...em.dll

ubuntu-18.04-amd64

$PLUGINSDI...em.dll

debian-9-armhf

$PLUGINSDI...em.dll

debian-9-mips

$PLUGINSDI...em.dll

debian-9-mipsel

Sharing

Copy URL
Twitter E-mail

General

  • Target

    VoiceChanger64f(1.91).exe

  • Size

    1.3MB

  • Sample

    250328-v1rbpsyygy

  • MD5

    3f6c9787dc7a3e683513cb4669f7d3fc

  • SHA1

    78323301e837e24d9273743a5c0757cba03f77cb

  • SHA256

    7d0a302a12a8737a1f642d09f6e2fd252a71b7c789cc8baeb3ea38b6707d4470

  • SHA512

    a641d8b1908b01eb2e6f8f8261bd43dc31c8099d348e24ca4f48c8b53815966367bb47aee2cd11b66c68136b9aed83d2794f1671897d9f792c6cf0a6cb525fad

  • SSDEEP

    24576:OYDwTeFTCkO7fSEAt6H6lQPvS39VeiDNOF7d/RCOlf2KZkFsDioU:TcTuTC4hYS32kNO9jyFsWoU

Score
3/10
linux

Malware Config

Targets

    • Target

      VoiceChanger64f(1.91).exe

    • Size

      1.3MB

    • MD5

      3f6c9787dc7a3e683513cb4669f7d3fc

    • SHA1

      78323301e837e24d9273743a5c0757cba03f77cb

    • SHA256

      7d0a302a12a8737a1f642d09f6e2fd252a71b7c789cc8baeb3ea38b6707d4470

    • SHA512

      a641d8b1908b01eb2e6f8f8261bd43dc31c8099d348e24ca4f48c8b53815966367bb47aee2cd11b66c68136b9aed83d2794f1671897d9f792c6cf0a6cb525fad

    • SSDEEP

      24576:OYDwTeFTCkO7fSEAt6H6lQPvS39VeiDNOF7d/RCOlf2KZkFsDioU:TcTuTC4hYS32kNO9jyFsWoU

    Score
    1/10
    behavioral1behavioral2behavioral3behavioral4

    • Target

      $8/APOConfig.exe

    • Size

      179KB

    • MD5

      9dc8bf727a637ade83db123c242c6a9d

    • SHA1

      746fac5713b867b82db1fbb56880cf88d228e158

    • SHA256

      13d39def20a32cca4d7d24248589c1e2508d46333e879cfdf9239d6c1d34d506

    • SHA512

      629f6e8b8f3290d08505afbb09f6c2eae691c259fc3eedfe9fd0880545531aee746c9603ccf4d26dccb3e0b78bb4fd582484faf323861050b6bed5c03289a922

    • SSDEEP

      3072:lW/zvSxhEh1HDXDK4g7a4rt7TDdMhHGvRf/ZqtZDeiSTOETBAlrQwy+MPyFr/pf4:lWu2Xsr1TRMQ5fBqbETBAlZ7MPyhxg

    Score
    1/10
    behavioral5behavioral6behavioral7behavioral8

    • Target

      $8/AudioChanger.exe

    • Size

      161KB

    • MD5

      7ca4e4f58909a60fbeef0fe6c9e3e1d8

    • SHA1

      820f716946b8bf30f30e236680c1ffe7e3120bec

    • SHA256

      a13e1eedbaea78767d1e580241658482436bbe5546f3f63bde065e2d6a87987c

    • SHA512

      3c33124f517c51b058e6c46ed80dd100cd47a9ba1ecc4297cb4f0a634d69218f4f949610c2e9364666c5b42b2054abe08cb3f64388b104b9e34b7441c1da35bd

    • SSDEEP

      3072:B65PxKAHTGwJyEDsUIzw69Ms9R7aXVR6+KPEqUXpfSj:B6SAHTGIxw7DasraKMq8K

    Score
    1/10
    behavioral10behavioral11behavioral12behavioral9

    • Target

      $8/ClownfishVoiceChanger.exe

    • Size

      887KB

    • MD5

      b51ebe489a541f786d3aaa3c9c3e6405

    • SHA1

      2689bde73ef6bc04b9b95f3d3df735e47c0740ee

    • SHA256

      ef78da2ae48313ae60685e3c04eae36379c1e9ebcc70a416e0409d21187417ab

    • SHA512

      c4c874beaeefa4869015b8d49a562d89a4ee3f546a4bc09422c537cd11b35f4f7d4c7998cad6a537875ff312db8c7cded3d6288d3b4ae777b813f998e520fce1

    • SSDEEP

      12288:Fg9jlQHhT3VlISHd5t2ZxKcQszH9zupNdfxzjzL1tOnXS8cU6wOdv5DyJ:6lQBTFlRtuKcNzH9zupNdfxfinXpiRyJ

    Score
    1/10
    behavioral13behavioral14behavioral15behavioral16

    • Target

      $8/ClownfshAPO64.dll

    • Size

      353KB

    • MD5

      f3a279cd808e73a898b1da3fa0a5db47

    • SHA1

      d59a2910bcfbbbe6b37a501381251bbab184b15f

    • SHA256

      1d5398e6eb252d2605c2d97858799ac91376fda615e5278754bbf6560471da16

    • SHA512

      e93f31996aa912b95cb4236a3236eab85fb833defa18ac77c4c36f8529d731503099e7711354232007371c8350b72c6692cef18034f4674927829b243d634b3f

    • SSDEEP

      6144:k4Iu4iGafeUNTLuNSdVVlCWxbjeoyBsX4m9V5CIGRpKsVZIpaYXJcCy:bxRfeuhnxbCoosX74UCYaYw

    Score
    1/10
    behavioral17behavioral18behavioral19behavioral20

    • Target

      $PLUGINSDIR/KillProcDLL.dll

    • Size

      14KB

    • MD5

      586270250a1acce8126a0877fd5bb981

    • SHA1

      9f5645b37b3af04004697639855da5c99a41aca1

    • SHA256

      0fe15b023e21b7054fabb3d47b6084d60f8e474d8f9ca3a0a25dcb2097d6f0b8

    • SHA512

      a1994b91337385ab153860a013912f9cacdf9c233395868bf8eedfbe6dd13841619a8048c1d8407ee4b77c466fd8f31fc5cac2c779a2ef58c3a2a02caeded055

    • SSDEEP

      192:/BZa4DYIcJ4nS1ejJThugw4LBs4TJjdjqJVQXS3p16ZGntrefncWCV:JZ8IcJ4nSkJlums4TJJjsVh3pwZs/

    Score
    1/10
    behavioral21behavioral22behavioral23behavioral24

    • Target

      $PLUGINSDIR/LockedList.dll

    • Size

      28KB

    • MD5

      2ee096682cc84f5fd44fb5291c00596c

    • SHA1

      8dccebf054abe13e5b324dfdfbe6605553971396

    • SHA256

      671570118024c9132f12999e198cebc87b3bf1846695553bf478c5a42efec226

    • SHA512

      1ffdc3a5256b8eb62aff82c6429dcdf582009a908d43ab30d3fad84770b012be59c972323b6ae2b8d7ea2ae29d8ab3a99913205a0b33582e95dc813c31507d3d

    • SSDEEP

      768:Mne3kAZoxbRX66y11T9vBD3fNUHeBuf6qW:MnnTZyX9vBDvNU+UZ

    Score
    1/10
    behavioral25behavioral26behavioral27behavioral28

    • Target

      $PLUGINSDIR/System.dll

    • Size

      12KB

    • MD5

      cff85c549d536f651d4fb8387f1976f2

    • SHA1

      d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e

    • SHA256

      8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8

    • SHA512

      531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88

    • SSDEEP

      192:Zjvco0qWTlt70m5Aj/lQ0sEWD/wtYbBHFNaDybC7y+XBz0QPi:FHQlt70mij/lQRv/9VMjzr

    Score
    1/10
    behavioral29behavioral30behavioral31behavioral32

MITRE ATT&CK Matrix

Tasks