Windows Analysis Report
Voice.ai-Downloader-alphaver-9aab5f151e93466090a2c1fe0b2e9d6e(1).exe

Overview

General Information

Sample Name:	Voice.ai-Downloader-alphaver-9aab5f151e93466090a2c1fe0b2e9d6e(1).exe
Analysis ID:	1346300
MD5:	b8162dccc95c2ed40a3fd946dd127242
SHA1:	27899142d055dcce7ad3288028c8e3187421275c
SHA256:	23ecba0be777d9b7a5683d0939d9ae17c4427c46e51ff959e91785d83c60efd1
Tags:	AIexe
Infos:

Detection

zgRAT

Score:	30
Range:	0 - 100
Whitelisted:	false
Confidence:	20%

Compliance

Score:	52
Range:	0 - 100

Signatures

Yara detected zgRAT

Drops large PE files

.NET source code contains potential unpacker

Tries to open files direct via NTFS file id

Creates files inside the driver directory

Drops certificate files (DER)

Contains functionality to query locales information (e.g. system language)

Very long cmdline option found, this is very uncommon (may be encrypted or packed)

May sleep (evasive loops) to hinder dynamic analysis

Uses code obfuscation techniques (call, push, ret)

Detected potential crypto function

Sample execution stops while process was sleeping (likely an evasion)

Contains functionality to dynamically determine API calls

Uses the system / local time for branch decision (may execute only at specific dates)

Contains long sleeps (>= 3 min)

Drops PE files

Tries to load missing DLLs

Contains functionality to read the PEB

Drops PE files to the windows directory (C:\Windows)

Found evasive API chain checking for process token information

Creates driver files

Checks if the current process is being debugged

Binary contains a suspicious time stamp

Creates a start menu entry (Start Menu\Programs\Startup)

Found large amount of non-executed APIs

Creates a process in suspended mode (likely to inject code)

Contains functionality for read data from the clipboard

Uses 32bit PE files

Queries the volume information (name, serial number etc) of a device

Contains functionality to check if a debugger is running (IsDebuggerPresent)

Deletes files inside the Windows folder

Contains functionality to shutdown / reboot the system

Creates files inside the system directory

PE file contains sections with non-standard names

Queries device information via Setup API

Contains functionality to query CPU information (cpuid)

Found potential string decryption / allocating functions

Contains functionality to call native functions

Found dropped PE file which has not been started or loaded

Contains functionality which may be used to detect a debugger (GetProcessHeap)

IP address seen in connection with other malware

Contains functionality for execution timing, often used to detect debuggers

Enables debug privileges

PE file does not import any functions

Sample file is different than original file name gathered from version info

Extensive use of GetProcAddress (often used to hide API calls)

Enables driver privileges

Installs a global mouse hook

Enables security privileges

Contains functionality to read device registry values (via SetupAPI)

Creates or modifies windows services

Queries disk information (often used to detect virtual machines)

Uses Microsoft's Enhanced Cryptographic Provider

Classification

Malware Threat Intel
Provided by

Name	Description	Attribution	Blogpost URLs	Link
zgRAT	zgRAT is a Remote Access Trojan malware which sometimes drops other malware such as AgentTesla malware. zgRAT has an inforstealer use which targets browser information and cryptowallets.Usually spreads by USB or phishing emails with -zip/-lnk/.bat/.xlsx attachments and so on.	No Attribution	https://bazaar.abuse.ch/browse/signature/zgRAT/ https://kcm.trellix.com/corporate/index?page=content&id=KB96190&locale=en_US https://www.difesaesicurezza.com/cyber/cybercrime-rfq-dalla-turchia-veicola-agenttesla-e-zgrat/ https://www.fortinet.com/blog/threat-research/smokeloader-using-old-vulnerabilities	https://malpedia.caad.fkie.fraunhofer.de/details/win.zgrat

Signatures

Cryptography

Uses Microsoft's Enhanced Cryptographic Provider

Source: C:\Program Files\Voice.ai\tools\vc2019.exe	Code function: 6_2_00CD9EB7 DecryptFileW,	6_2_00CD9EB7
Source: C:\Program Files\Voice.ai\tools\vc2019.exe	Code function: 6_2_00CFF961 CryptAcquireContextW,GetLastError,CryptCreateHash,GetLastError,CryptHashData,ReadFile,GetLastError,CryptDestroyHash,CryptReleaseContext,GetLastError,CryptGetHashParam,GetLastError,SetFilePointerEx,GetLastError,	6_2_00CFF961
Source: C:\Program Files\Voice.ai\tools\vc2019.exe	Code function: 6_2_00CD9C99 DecryptFileW,DecryptFileW,	6_2_00CD9C99
Source: C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe	Code function: 7_2_00809EB7 DecryptFileW,	7_2_00809EB7
Source: C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe	Code function: 7_2_0082F961 CryptAcquireContextW,GetLastError,CryptCreateHash,GetLastError,CryptHashData,ReadFile,GetLastError,CryptDestroyHash,CryptReleaseContext,GetLastError,CryptGetHashParam,GetLastError,SetFilePointerEx,GetLastError,	7_2_0082F961
Source: C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe	Code function: 7_2_00809C99 DecryptFileW,DecryptFileW,	7_2_00809C99

Compliance

Uses 32bit PE files

Source: Voice.ai-Downloader-alphaver-9aab5f151e93466090a2c1fe0b2e9d6e(1).exe

Static PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE

Source: C:\Users\user\Desktop\Voice.ai-Downloader-alphaver-9aab5f151e93466090a2c1fe0b2e9d6e(1).exe

Window detected: I &AgreeCancel License AgreementPlease review the license terms before installing Voice.ai Voice Changer.Press Page Down to see the rest of the agreement.Beta Testing TermsThe Beta Testing Terms are made by and between the entity accepting these Testing Terms ("you") and Voice.ai unless otherwise indicated below (as applicable "we" or "us") and are effective as of the date you first accept them (whether via an online click-through agreement signed agreement or by using the Beta Product) (the "Effective Date).General Terms. We may test Voice.ai products and make them available to you under these Beta Testing Terms (each the "Beta Product"). These products are not for commercial use. For purposes of these Terms Voice.ai Products may also include software features services APIs and other products created for businesses (as we make them available under these Beta Testing Terms each a Voice.ai Product and also the Beta Product). You agree these Beta Testing Terms are separate and independent agreements for each such Beta Product.2.Beta Testers. The Beta Product is in a testing phase and may contain errors. You agree the Beta Product is provided "AS IS" and also "AS AVAILABLE." We reserve the right to modify or terminate the software or your access to the Software or the participation in our Beta Testers Program for any reason without notice at any time and without liability to you. Under these Beta Testing Terms you agree to use reasonable efforts to provide suggestions or comments and report any bugs or issues related to your use of the Beta Product in a timely basis or as otherwise agreed between the parties in writing via email or contact form. You agree not to disclose feedback to any third party and hereby assign to us all right title and interest in and to any feedback without any right to compensation or other obligation from us. 3.Use Restrictions. We reserve the right to remove any voice from the Beta Product for any reason including if we are uncertain about their intentions conduct or feel they are in breach of our Terms. You may only upload audio to our platform with authorization from the person whose voice was used. Voices may only be uploaded to our platform for the purpose of parody or satire. You are responsible for all files you upload to and generate on the platform and for the consequences of publishing those files elsewhere. The products under these Beta Testing Terms are not available to rent lease distribute or resell the Beta Product(s) or use the Beta Product(s) as the basis for or in conjunction with developing a competitive solution (or contract with a third party to do so) or remove or alter any of the logos trademark patent or copyright notices confidentiality or proprietary legends or other notices or markings that are on or in the Beta Product(s). 4.Branding. In accordance with the Brand Use Guidelines you agree to provide proper credit to Voice.ai for any use of its products. 5.Warranty Disclaimer & Perform

Source: C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe	File created: C:\Windows\Temp\{5668B2D8-2C06-477E-A562-C647F92F8007}\.ba\license.rtf	Jump to behavior
Source: C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe	File created: C:\Windows\Temp\{5668B2D8-2C06-477E-A562-C647F92F8007}\.ba\1028\license.rtf	Jump to behavior
Source: C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe	File created: C:\Windows\Temp\{5668B2D8-2C06-477E-A562-C647F92F8007}\.ba\1029\license.rtf	Jump to behavior
Source: C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe	File created: C:\Windows\Temp\{5668B2D8-2C06-477E-A562-C647F92F8007}\.ba\1031\license.rtf	Jump to behavior
Source: C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe	File created: C:\Windows\Temp\{5668B2D8-2C06-477E-A562-C647F92F8007}\.ba\1036\license.rtf	Jump to behavior
Source: C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe	File created: C:\Windows\Temp\{5668B2D8-2C06-477E-A562-C647F92F8007}\.ba\1040\license.rtf	Jump to behavior
Source: C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe	File created: C:\Windows\Temp\{5668B2D8-2C06-477E-A562-C647F92F8007}\.ba\1041\license.rtf	Jump to behavior
Source: C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe	File created: C:\Windows\Temp\{5668B2D8-2C06-477E-A562-C647F92F8007}\.ba\1042\license.rtf	Jump to behavior
Source: C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe	File created: C:\Windows\Temp\{5668B2D8-2C06-477E-A562-C647F92F8007}\.ba\1045\license.rtf	Jump to behavior
Source: C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe	File created: C:\Windows\Temp\{5668B2D8-2C06-477E-A562-C647F92F8007}\.ba\1046\license.rtf	Jump to behavior
Source: C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe	File created: C:\Windows\Temp\{5668B2D8-2C06-477E-A562-C647F92F8007}\.ba\1049\license.rtf	Jump to behavior
Source: C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe	File created: C:\Windows\Temp\{5668B2D8-2C06-477E-A562-C647F92F8007}\.ba\1055\license.rtf	Jump to behavior
Source: C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe	File created: C:\Windows\Temp\{5668B2D8-2C06-477E-A562-C647F92F8007}\.ba\2052\license.rtf	Jump to behavior
Source: C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe	File created: C:\Windows\Temp\{5668B2D8-2C06-477E-A562-C647F92F8007}\.ba\3082\license.rtf	Jump to behavior

Source: C:\Users\user\Desktop\Voice.ai-Downloader-alphaver-9aab5f151e93466090a2c1fe0b2e9d6e(1).exe	Directory created: C:\Program Files\Voice.ai	Jump to behavior
Source: C:\Users\user\Desktop\Voice.ai-Downloader-alphaver-9aab5f151e93466090a2c1fe0b2e9d6e(1).exe	Directory created: C:\Program Files\Voice.ai\installer.log	Jump to behavior
Source: C:\Users\user\Desktop\Voice.ai-Downloader-alphaver-9aab5f151e93466090a2c1fe0b2e9d6e(1).exe	Directory created: C:\Program Files\Voice.ai\meta	Jump to behavior
Source: C:\Users\user\Desktop\Voice.ai-Downloader-alphaver-9aab5f151e93466090a2c1fe0b2e9d6e(1).exe	Directory created: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\VoiceAI.exe	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\AudioPX.dll	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\gcrypt.dll	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\DriverManager.dll	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\BsSndRpt.exe	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\AudioConverter.dll	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\BugSplatDotNet.dll	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\BugSplatRc.dll	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\CefSharp.BrowserSubprocess.Core.dll	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\CefSharp.Core.Runtime.dll	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\CefSharp.Core.dll	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\CefSharp.WinForms.dll	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\CefSharp.dll	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\DirectML.dll	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\NAudio.dll	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\Newtonsoft.Json.dll	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\VoiceAILib.dll	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\chrome_elf.dll	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\cudart64_110.dll	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\d3dcompiler_47.dll	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\dbgshim.dll	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\discord_game_sdk.dll	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\hostfxr.dll	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\hostpolicy.dll	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\libEGL.dll	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\libGLESv2.dll	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\libcef.dll	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\libmp3lame.dll	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\libsamplerate-0.dll	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\libsndfile-1.dll	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\onnxruntime.dll	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\onnxruntime_providers_shared.dll	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\version	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\0.vai	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\tools	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\tools\net452.exe	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\tools\vc2019.exe	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\opensource	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\opensource\cefsharp.txt	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\opensource\devcon.txt	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\opensource\libcotp.txt	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\opensource\libgcrypt.txt	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\opensource\libgpg-error.txt	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\opensource\libmp3lame.txt	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\opensource\libsamplerate.txt	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\opensource\libsndfile.txt	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\opensource\naudio.txt	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\opensource\newtonsoft.json.txt	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\opensource\onnxruntime.txt	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\opensource\swipe.txt	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\locales	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\locales\am.pak	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\locales\ar.pak	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\locales\bg.pak	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\locales\bn.pak	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\locales\ca.pak	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\locales\cs.pak	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\locales\da.pak	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\locales\de.pak	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\locales\el.pak	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\locales\en-GB.pak	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\locales\en-US.pak	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\locales\es-419.pak	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\locales\es.pak	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\locales\et.pak	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\locales\fa.pak	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\locales\fi.pak	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\locales\fil.pak	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\locales\fr.pak	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\locales\gu.pak	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\locales\he.pak	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\locales\hi.pak	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\locales\hr.pak	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\locales\hu.pak	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\locales\id.pak	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\locales\it.pak	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\locales\ja.pak	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\locales\kn.pak	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\locales\ko.pak	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\locales\lt.pak	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\locales\lv.pak	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\locales\ml.pak	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\locales\mr.pak	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\locales\ms.pak	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\locales\nb.pak	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\locales\nl.pak	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\locales\pl.pak	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\locales\pt-BR.pak	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\locales\pt-PT.pak	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\locales\ro.pak	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\locales\ru.pak	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\locales\sk.pak	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\locales\sl.pak	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\locales\sr.pak	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\locales\sv.pak	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\locales\sw.pak	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\locales\ta.pak	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\locales\te.pak	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\locales\th.pak	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\locales\tr.pak	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\locales\uk.pak	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\locales\vi.pak	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\locales\zh-CN.pak	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\locales\zh-TW.pak	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\icudtl.dat	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\snapshot_blob.bin	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\v8_context_snapshot.bin	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\chrome_100_percent.pak	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\chrome_200_percent.pak	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\resources.pak	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\VoiceAIDriver	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\VoiceAIDriver\VoiceAIDriver.cat	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\VoiceAIDriver\VoiceAIDriver.inf	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\VoiceAIDriver\VoiceAIDriver.sys	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\uninstall.exe	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Directory created: C:\Program Files\Voice.ai\OK	Jump to behavior

Source: C:\Users\user\Desktop\Voice.ai-Downloader-alphaver-9aab5f151e93466090a2c1fe0b2e9d6e(1).exe

File created: C:\Program Files\Voice.ai\installer.log

Source:	Binary string: C:\agent\_work\8\s\build\ship\x86\burn.pdb source: vc2019.exe, 00000006.00000000.2995895997.0000000000D0B000.00000002.00000001.01000000.0000000E.sdmp, vc2019.exe, 00000006.00000002.3008620123.0000000000D0B000.00000002.00000001.01000000.0000000E.sdmp, vc2019.exe, 00000007.00000002.3006866716.000000000083B000.00000002.00000001.01000000.00000010.sdmp, vc2019.exe, 00000007.00000000.3000243600.000000000083B000.00000002.00000001.01000000.00000010.sdmp
Source:	Binary string: C:\Users\D\Desktop\CefSharp-99.2.120\CefSharp.BrowserSubprocess.Core\bin\x64\Release\CefSharp.BrowserSubprocess.Core.pdb source: VoiceAI.exe, 00000011.00000002.3188952966.000001C10095C000.00000002.00000001.01000000.00000020.sdmp
Source:	Binary string: C:\Users\D\Desktop\CefSharp-99.2.120\CefSharp.WinForms\obj\Release\net452\CefSharp.WinForms.pdb0 source: VoiceAI.exe, 00000011.00000002.3207051413.000001C1653D2000.00000002.00000001.01000000.0000002E.sdmp
Source:	Binary string: C:\Users\D\Desktop\devcon\x64\Release\DriverManager.pdb source: VoiceAI.exe, 00000008.00000002.3074958393.00007FFDA54CC000.00000002.00000001.01000000.00000016.sdmp
Source:	Binary string: D3DCompiler_47.pdb source: VoiceAI.exe, 00000011.00000002.3236470437.00007FFD838BA000.00000002.00000001.01000000.00000024.sdmp, d3dcompiler_47.dll.5.dr
Source:	Binary string: C:\Users\D\Downloads\NAudio-1.10.0\NAudio-1.10.0\NAudio\obj\Release\net35\NAudio.pdb source: VoiceAI.exe, 00000011.00000002.3211291565.000001C17F4F2000.00000002.00000001.01000000.0000002F.sdmp
Source:	Binary string: C:\Users\D\Desktop\CefSharp-99.2.120\CefSharp\obj\Release\CefSharp.pdb source: VoiceAI.exe, 00000011.00000002.3211951718.000001C17F632000.00000002.00000001.01000000.00000030.sdmp
Source:	Binary string: D:\a\_work\1\s\artifacts\obj\coreclr\windows.x64.Release\dlls\dbgshim\dbgshim.pdb source: dbgshim.dll.5.dr
Source:	Binary string: C:\Users\D\Desktop\CefSharp-99.2.120\CefSharp.Core\obj\Release\CefSharp.Core.pdb source: VoiceAI.exe, 00000011.00000002.3206824076.000001C1653B2000.00000002.00000001.01000000.0000002C.sdmp
Source:	Binary string: C:\Users\D\Desktop\CefSharp-99.2.120\CefSharp.Core.Runtime\bin\x64\Release\CefSharp.Core.Runtime.pdb source: VoiceAI.exe, 00000011.00000002.3185716835.000001C100237000.00000002.00000001.01000000.00000018.sdmp, CefSharp.Core.Runtime.dll.5.dr
Source:	Binary string: `OTHER`TEMP`PACKED<%s return value>internal error: failed to write debug data to pdb streaminternal error: failed to add section contributioninternal warning: PDB Error string is "%S"internal error: failed to close debug infointernal error: failed to close PDBinternal error: failed to open PDB for writing in streaminternal error: failed to create debug info in PDBinternal error: failed to add code section to debug infointernal error: failed to add module to debug infointernal error: failed to create type info in PDBinternal error: failed to create inline type info in PDBinternal error: failed to create source file store in PDBinternal error: failed to close source file store in PDBinternal error: failed to close module in debug infointernal error: failed to commit type info in PDBinternal error: failed to commit inline type info in PDBinternal error: failed to add section header to debug infointernal error: failed to append section header to pdbinternal error: failed to close section header in debug infointernal error: failed to close debug info in PDBinternal error: failed to commit PDBinternal error: PDB data too largeinternal error: PDB stream truncatedinternal error: failed to close source file storeinternal error: failed to close type infointernal error: pdb append failedfxl_4_0too many arguments to target TXtoo many outputs to target TXclip not supported in texture shadersinvalid reference to input semantic '%s%d'invalid reference to output semantic '%s%d'0123456789abcdef.pdbVPosSV_ViewportArrayIndexColorFailed to log error, redirecting to debug output: source: VoiceAI.exe, 00000011.00000002.3236470437.00007FFD838BA000.00000002.00000001.01000000.00000024.sdmp, d3dcompiler_47.dll.5.dr
Source:	Binary string: C:\Users\Devin Roth\Desktop\VoiceAI\windows-driver-2\Source\Main\x64\Release\VoiceAIDriver.pdb source: VoiceAI.exe, 00000008.00000002.3073236062.000001BB6B498000.00000004.00000020.00020000.00000000.sdmp, drvinst.exe, 0000000B.00000003.3047220202.0000028BFA637000.00000004.00000020.00020000.00000000.sdmp, drvinst.exe, 0000000B.00000003.3048020455.0000028BFA9D2000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\www\src\BugSplat\BugSplatDotNet\obj\Release\BugSplatDotNet.pdb source: VoiceAI.exe, 00000011.00000002.3206973384.000001C1653C2000.00000002.00000001.01000000.0000002D.sdmp
Source:	Binary string: D3DCompiler_47.pdbGCTL source: VoiceAI.exe, 00000011.00000002.3236470437.00007FFD838BA000.00000002.00000001.01000000.00000024.sdmp, d3dcompiler_47.dll.5.dr
Source:	Binary string: C:\Users\Devin Roth\Desktop\VoiceAI\windows-driver-2\Source\Main\x64\Release\VoiceAIDriver.pdbE source: drvinst.exe, 0000000B.00000003.3047220202.0000028BFA637000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: chrome_elf.dll.pdb source: VoiceAI.exe, 00000011.00000002.3241246069.00007FFD84F70000.00000002.00000001.01000000.0000001B.sdmp
Source:	Binary string: VoiceAI.pdb source: VoiceAI.exe, 00000008.00000000.3010448309.000001BB68E9F000.00000002.00000001.01000000.00000014.sdmp
Source:	Binary string: libGLESv2.dll.pdb source: VoiceAI.exe, 00000011.00000002.3227024610.00007FFD83373000.00000002.00000001.01000000.00000025.sdmp
Source:	Binary string: C:\Users\D\Downloads\NAudio-1.10.0\NAudio-1.10.0\NAudio\obj\Release\net35\NAudio.pdbSHA256 source: VoiceAI.exe, 00000011.00000002.3211291565.000001C17F4F2000.00000002.00000001.01000000.0000002F.sdmp
Source:	Binary string: D:\a\_work\1\s\artifacts\obj\coreclr\windows.x64.Release\dlls\dbgshim\dbgshim.pdbVVVGCTL source: dbgshim.dll.5.dr
Source:	Binary string: C:\Users\D\Desktop\CefSharp-99.2.120\CefSharp.WinForms\obj\Release\net452\CefSharp.WinForms.pdb source: VoiceAI.exe, 00000011.00000002.3207051413.000001C1653D2000.00000002.00000001.01000000.0000002E.sdmp

Source: C:\Program Files\Voice.ai\VoiceAI.exe	File opened: C:\Users\user\AppData\Local\Voice.ai\Cache\
Source: C:\Program Files\Voice.ai\VoiceAI.exe	File opened: C:\Users\user\AppData\Local\Voice.ai\
Source: C:\Program Files\Voice.ai\VoiceAI.exe	File opened: C:\Users\user\AppData\Local\Voice.ai\Cache\Network\615c07c6-36e3-473c-9ae8-c28bb6d80b59.tmp
Source: C:\Program Files\Voice.ai\VoiceAI.exe	File opened: C:\Users\user\AppData\Local\
Source: C:\Program Files\Voice.ai\VoiceAI.exe	File opened: C:\Users\user\
Source: C:\Program Files\Voice.ai\VoiceAI.exe	File opened: C:\Users\user\AppData\

Source: C:\Users\user\Desktop\Voice.ai-Downloader-alphaver-9aab5f151e93466090a2c1fe0b2e9d6e(1).exe	Code function: 0_2_00405A19 GetTempPathA,DeleteFileA,lstrcatA,lstrcatA,lstrlenA,FindFirstFileA,FindNextFileA,FindClose,	0_2_00405A19
Source: C:\Users\user\Desktop\Voice.ai-Downloader-alphaver-9aab5f151e93466090a2c1fe0b2e9d6e(1).exe	Code function: 0_2_004065CE FindFirstFileA,FindClose,	0_2_004065CE
Source: C:\Users\user\Desktop\Voice.ai-Downloader-alphaver-9aab5f151e93466090a2c1fe0b2e9d6e(1).exe	Code function: 0_2_004027AA FindFirstFileA,	0_2_004027AA
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Code function: 5_2_00405A19 GetTempPathA,DeleteFileA,lstrcatA,lstrcatA,lstrlenA,FindFirstFileA,FindNextFileA,FindClose,	5_2_00405A19
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Code function: 5_2_004065CE FindFirstFileA,FindClose,	5_2_004065CE
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Code function: 5_2_004027AA FindFirstFileA,	5_2_004027AA
Source: C:\Program Files\Voice.ai\tools\vc2019.exe	Code function: 6_2_00CC3BC3 GetFileAttributesW,GetLastError,GetLastError,SetFileAttributesW,GetLastError,GetTempPathW,GetLastError,FindFirstFileW,GetLastError,SetFileAttributesW,DeleteFileW,GetTempFileNameW,MoveFileExW,MoveFileExW,MoveFileExW,FindNextFileW,GetLastError,GetLastError,GetLastError,GetLastError,RemoveDirectoryW,GetLastError,MoveFileExW,GetLastError,FindClose,	6_2_00CC3BC3
Source: C:\Program Files\Voice.ai\tools\vc2019.exe	Code function: 6_2_00D04315 FindFirstFileW,FindClose,	6_2_00D04315
Source: C:\Program Files\Voice.ai\tools\vc2019.exe	Code function: 6_2_00CD993E FindFirstFileW,lstrlenW,FindNextFileW,FindClose,	6_2_00CD993E
Source: C:\Program Files\Voice.ai\tools\vc2019.exe	Code function: 6_2_00CF7A87 FindFirstFileExW,	6_2_00CF7A87
Source: C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe	Code function: 7_2_007F3BC3 GetFileAttributesW,GetLastError,GetLastError,SetFileAttributesW,GetLastError,GetTempPathW,GetLastError,FindFirstFileW,GetLastError,SetFileAttributesW,DeleteFileW,GetTempFileNameW,MoveFileExW,MoveFileExW,MoveFileExW,FindNextFileW,GetLastError,GetLastError,GetLastError,GetLastError,RemoveDirectoryW,GetLastError,MoveFileExW,GetLastError,FindClose,	7_2_007F3BC3
Source: C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe	Code function: 7_2_00834315 FindFirstFileW,FindClose,	7_2_00834315
Source: C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe	Code function: 7_2_0080993E FindFirstFileW,lstrlenW,FindNextFileW,FindClose,	7_2_0080993E
Source: C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe	Code function: 7_2_00827A87 FindFirstFileExW,	7_2_00827A87
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84F097EC FindFirstFileExW,GetLastError,	17_2_00007FFD84F097EC
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84F092CC FindFirstFileExW,GetLastError,	17_2_00007FFD84F092CC

Source: Joe Sandbox View	IP Address: 23.62.164.112 23.62.164.112
Source: Joe Sandbox View	IP Address: 172.64.41.3 172.64.41.3

Source: C:\Program Files\Voice.ai\VoiceAI.exe	File created: C:\Users\user\AppData\Local\Temp\{6ba11cfe-7589-5b42-af6f-af407f34b132}\SETF73E.tmp	Jump to dropped file
Source: C:\Windows\System32\drvinst.exe	File created: C:\Windows\System32\DriverStore\Temp\{8c6912fd-8e80-054e-98db-197808639641}\SETFC5F.tmp	Jump to dropped file
Source: C:\Program Files\Voice.ai\VoiceAI.exe	File created: (copy)	Jump to dropped file

Source: C:\Users\user\Desktop\Voice.ai-Downloader-alphaver-9aab5f151e93466090a2c1fe0b2e9d6e(1).exe	Code function: 0_2_0040727F	0_2_0040727F
Source: C:\Users\user\Desktop\Voice.ai-Downloader-alphaver-9aab5f151e93466090a2c1fe0b2e9d6e(1).exe	Code function: 0_2_00406AA8	0_2_00406AA8
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Code function: 5_2_0040727F	5_2_0040727F
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Code function: 5_2_00406AA8	5_2_00406AA8
Source: C:\Program Files\Voice.ai\tools\vc2019.exe	Code function: 6_2_00CEC0FA	6_2_00CEC0FA
Source: C:\Program Files\Voice.ai\tools\vc2019.exe	Code function: 6_2_00CC6184	6_2_00CC6184
Source: C:\Program Files\Voice.ai\tools\vc2019.exe	Code function: 6_2_00CF022D	6_2_00CF022D
Source: C:\Program Files\Voice.ai\tools\vc2019.exe	Code function: 6_2_00CFA3B0	6_2_00CFA3B0
Source: C:\Program Files\Voice.ai\tools\vc2019.exe	Code function: 6_2_00CF0662	6_2_00CF0662
Source: C:\Program Files\Voice.ai\tools\vc2019.exe	Code function: 6_2_00CCA7EF	6_2_00CCA7EF
Source: C:\Program Files\Voice.ai\tools\vc2019.exe	Code function: 6_2_00CFA85E	6_2_00CFA85E
Source: C:\Program Files\Voice.ai\tools\vc2019.exe	Code function: 6_2_00CD69CC	6_2_00CD69CC
Source: C:\Program Files\Voice.ai\tools\vc2019.exe	Code function: 6_2_00CEF919	6_2_00CEF919
Source: C:\Program Files\Voice.ai\tools\vc2019.exe	Code function: 6_2_00CF0A97	6_2_00CF0A97
Source: C:\Program Files\Voice.ai\tools\vc2019.exe	Code function: 6_2_00CF2B21	6_2_00CF2B21
Source: C:\Program Files\Voice.ai\tools\vc2019.exe	Code function: 6_2_00CFED4C	6_2_00CFED4C
Source: C:\Program Files\Voice.ai\tools\vc2019.exe	Code function: 6_2_00CF2D50	6_2_00CF2D50
Source: C:\Program Files\Voice.ai\tools\vc2019.exe	Code function: 6_2_00CEFE15	6_2_00CEFE15
Source: C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe	Code function: 7_2_0081C0FA	7_2_0081C0FA
Source: C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe	Code function: 7_2_007F6184	7_2_007F6184
Source: C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe	Code function: 7_2_0082022D	7_2_0082022D
Source: C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe	Code function: 7_2_0082A3B0	7_2_0082A3B0
Source: C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe	Code function: 7_2_00820662	7_2_00820662
Source: C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe	Code function: 7_2_007FA7EF	7_2_007FA7EF
Source: C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe	Code function: 7_2_0082A85E	7_2_0082A85E
Source: C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe	Code function: 7_2_008069CC	7_2_008069CC
Source: C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe	Code function: 7_2_0081F919	7_2_0081F919
Source: C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe	Code function: 7_2_00820A97	7_2_00820A97
Source: C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe	Code function: 7_2_00822B21	7_2_00822B21
Source: C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe	Code function: 7_2_0082ED4C	7_2_0082ED4C
Source: C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe	Code function: 7_2_00822D50	7_2_00822D50
Source: C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe	Code function: 7_2_0081FE15	7_2_0081FE15
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 8_2_00007FFDA54C2B60	8_2_00007FFDA54C2B60
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 8_2_00007FFDA54C11EA	8_2_00007FFDA54C11EA
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 8_2_00007FFDA54C1122	8_2_00007FFDA54C1122
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 8_2_00007FFDA54C2B60	8_2_00007FFDA54C2B60
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 8_2_00007FFDA54C62C0	8_2_00007FFDA54C62C0
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84EF47A0	17_2_00007FFD84EF47A0
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84EF6440	17_2_00007FFD84EF6440
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84F50FD0	17_2_00007FFD84F50FD0
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84EE4F60	17_2_00007FFD84EE4F60
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84ED5680	17_2_00007FFD84ED5680
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84EE3E80	17_2_00007FFD84EE3E80
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84EE5B40	17_2_00007FFD84EE5B40
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84EF2474	17_2_00007FFD84EF2474
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84F2E4A0	17_2_00007FFD84F2E4A0
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84F02730	17_2_00007FFD84F02730
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84F18800	17_2_00007FFD84F18800
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84F28660	17_2_00007FFD84F28660
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84F0A670	17_2_00007FFD84F0A670
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84ED2844	17_2_00007FFD84ED2844
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84EA8808	17_2_00007FFD84EA8808
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84ED280C	17_2_00007FFD84ED280C
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84F1E6E0	17_2_00007FFD84F1E6E0
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84F266F0	17_2_00007FFD84F266F0
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84ED67A4	17_2_00007FFD84ED67A4
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84F12740	17_2_00007FFD84F12740
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84F2A160	17_2_00007FFD84F2A160
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84EAA154	17_2_00007FFD84EAA154
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84EA8094	17_2_00007FFD84EA8094
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84EE01B0	17_2_00007FFD84EE01B0
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84F06190	17_2_00007FFD84F06190
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84EE22E0	17_2_00007FFD84EE22E0
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84F18440	17_2_00007FFD84F18440
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84F4C44C	17_2_00007FFD84F4C44C
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84F5A260	17_2_00007FFD84F5A260
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84EA8444	17_2_00007FFD84EA8444
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84EF8420	17_2_00007FFD84EF8420
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84EE43D0	17_2_00007FFD84EE43D0
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84F1E2F0	17_2_00007FFD84F1E2F0
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84F14340	17_2_00007FFD84F14340
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84F16350	17_2_00007FFD84F16350
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84F2ADF0	17_2_00007FFD84F2ADF0
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84F1EDF0	17_2_00007FFD84F1EDF0
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84EECC80	17_2_00007FFD84EECC80
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84F18D00	17_2_00007FFD84F18D00
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84ED2D94	17_2_00007FFD84ED2D94
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84F2AF90	17_2_00007FFD84F2AF90
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84F1F040	17_2_00007FFD84F1F040
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84F21050	17_2_00007FFD84F21050
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84F16E70	17_2_00007FFD84F16E70
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84EA8F86	17_2_00007FFD84EA8F86
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84EEE8E2	17_2_00007FFD84EEE8E2
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84F1E9E0	17_2_00007FFD84F1E9E0
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84F2AA00	17_2_00007FFD84F2AA00
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84EE28A0	17_2_00007FFD84EE28A0
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84F00970	17_2_00007FFD84F00970
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84F2AB60	17_2_00007FFD84F2AB60
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84EA4A90	17_2_00007FFD84EA4A90
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84F24AD0	17_2_00007FFD84F24AD0
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84F06BB0	17_2_00007FFD84F06BB0
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84EDEBA0	17_2_00007FFD84EDEBA0
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84EA2B74	17_2_00007FFD84EA2B74
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84F27EE0	17_2_00007FFD84F27EE0
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84EB35D0	17_2_00007FFD84EB35D0
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84EDF5B0	17_2_00007FFD84EDF5B0
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84EB95A8	17_2_00007FFD84EB95A8
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84EE1720	17_2_00007FFD84EE1720
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84EFD670	17_2_00007FFD84EFD670
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84F2965E	17_2_00007FFD84F2965E
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84F49684	17_2_00007FFD84F49684
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84F356C0	17_2_00007FFD84F356C0
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84ECD7A0	17_2_00007FFD84ECD7A0
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84EF7760	17_2_00007FFD84EF7760
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84F271AA	17_2_00007FFD84F271AA
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84EED0F0	17_2_00007FFD84EED0F0
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84F491E0	17_2_00007FFD84F491E0
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84EA70A8	17_2_00007FFD84EA70A8
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84EA9200	17_2_00007FFD84EA9200
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84ECD1D0	17_2_00007FFD84ECD1D0
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84F17150	17_2_00007FFD84F17150
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84F1936C	17_2_00007FFD84F1936C
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84F4F3F8	17_2_00007FFD84F4F3F8
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84EFF260	17_2_00007FFD84EFF260
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84EE1430	17_2_00007FFD84EE1430
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84F172A0	17_2_00007FFD84F172A0
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84F57344	17_2_00007FFD84F57344
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84EEDD2E	17_2_00007FFD84EEDD2E
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84EE1CA0	17_2_00007FFD84EE1CA0
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84EEBC90	17_2_00007FFD84EEBC90
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84F0DE50	17_2_00007FFD84F0DE50
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84F15E50	17_2_00007FFD84F15E50
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84F19CE4	17_2_00007FFD84F19CE4
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84ECDF40	17_2_00007FFD84ECDF40
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84EE7EF0	17_2_00007FFD84EE7EF0
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84EA4160	17_2_00007FFD84EA4160
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84F1DEB0	17_2_00007FFD84F1DEB0
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84EEBFF0	17_2_00007FFD84EEBFF0
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84EF7FA0	17_2_00007FFD84EF7FA0
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84EA5908	17_2_00007FFD84EA5908
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84ED98E8	17_2_00007FFD84ED98E8
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84F03880	17_2_00007FFD84F03880
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84ED1A41	17_2_00007FFD84ED1A41
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84ECDA40	17_2_00007FFD84ECDA40
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84F278E0	17_2_00007FFD84F278E0
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84EF79B0	17_2_00007FFD84EF79B0
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84EDF9B0	17_2_00007FFD84EDF9B0
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84EE39B0	17_2_00007FFD84EE39B0
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84EA598C	17_2_00007FFD84EA598C
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84F49B84	17_2_00007FFD84F49B84
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84EE1AE0	17_2_00007FFD84EE1AE0
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84EA1C4F	17_2_00007FFD84EA1C4F
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84EF7C30	17_2_00007FFD84EF7C30
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84EC9C10	17_2_00007FFD84EC9C10
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD348A0C91	17_2_00007FFD348A0C91
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD348A0E35	17_2_00007FFD348A0E35

Source: C:\Users\user\Desktop\Voice.ai-Downloader-alphaver-9aab5f151e93466090a2c1fe0b2e9d6e(1).exe	Code function: 0_2_004033B3 EntryPoint,SetErrorMode,GetVersionExA,GetVersionExA,GetVersionExA,lstrlenA,#17,OleInitialize,SHGetFileInfoA,GetCommandLineA,CharNextA,GetTempPathA,GetTempPathA,GetWindowsDirectoryA,lstrcatA,GetTempPathA,lstrcatA,SetEnvironmentVariableA,SetEnvironmentVariableA,SetEnvironmentVariableA,DeleteFileA,ExitProcess,OleUninitialize,ExitProcess,lstrcatA,lstrcatA,lstrcatA,lstrcmpiA,SetCurrentDirectoryA,DeleteFileA,CopyFileA,CloseHandle,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueA,AdjustTokenPrivileges,ExitWindowsEx,ExitProcess,		0_2_004033B3
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Code function: 5_2_004033B3 EntryPoint,SetErrorMode,GetVersionExA,GetVersionExA,GetVersionExA,lstrlenA,#17,OleInitialize,SHGetFileInfoA,GetCommandLineA,CharNextA,GetTempPathA,GetTempPathA,GetWindowsDirectoryA,lstrcatA,GetTempPathA,lstrcatA,SetEnvironmentVariableA,SetEnvironmentVariableA,SetEnvironmentVariableA,DeleteFileA,KiUserCallbackDispatcher,ExitProcess,OleUninitialize,ExitProcess,lstrcatA,lstrcatA,lstrcatA,lstrcmpiA,SetCurrentDirectoryA,DeleteFileA,CopyFileA,CloseHandle,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueA,AdjustTokenPrivileges,ExitWindowsEx,ExitProcess,		5_2_004033B3

Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: String function: 00007FFD84EA41D0 appears 77 times
Source: C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe	Code function: String function: 0083012F appears 678 times
Source: C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe	Code function: String function: 007F37D3 appears 496 times
Source: C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe	Code function: String function: 008331C7 appears 83 times
Source: C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe	Code function: String function: 007F1F20 appears 54 times
Source: C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe	Code function: String function: 0083061A appears 34 times
Source: C:\Program Files\Voice.ai\tools\vc2019.exe	Code function: String function: 00D0012F appears 678 times
Source: C:\Program Files\Voice.ai\tools\vc2019.exe	Code function: String function: 00CC1F20 appears 54 times
Source: C:\Program Files\Voice.ai\tools\vc2019.exe	Code function: String function: 00D0061A appears 34 times
Source: C:\Program Files\Voice.ai\tools\vc2019.exe	Code function: String function: 00CC37D3 appears 496 times
Source: C:\Program Files\Voice.ai\tools\vc2019.exe	Code function: String function: 00D031C7 appears 83 times

Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84ECAC74 RtlInitUnicodeString,NtOpenKeyEx,NtOpenKeyEx,	17_2_00007FFD84ECAC74
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84ECB1F2 NtClose,	17_2_00007FFD84ECB1F2
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84ECAE30 NtClose,	17_2_00007FFD84ECAE30
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84ECAE5F RtlInitUnicodeString,NtQueryValueKey,	17_2_00007FFD84ECAE5F
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84ECABA5 RtlInitUnicodeString,NtCreateKey,	17_2_00007FFD84ECABA5
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84ECB284 RtlInitUnicodeString,NtSetValueKey,	17_2_00007FFD84ECB284
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84EC9C10 NtClose,NtClose,NtDeleteKey,NtClose,NtClose,	17_2_00007FFD84EC9C10

Source: AudioConverter.dll.5.dr	Static PE information: No import functions for PE file found
Source: BugSplatRc.dll.5.dr	Static PE information: No import functions for PE file found
Source: VoiceAI.exe.5.dr	Static PE information: No import functions for PE file found

Source: Voice.ai-Downloader-alphaver-9aab5f151e93466090a2c1fe0b2e9d6e(1).exe, 00000000.00000002.3146544123.0000000000421000.00000004.00000001.01000000.00000003.sdmp	Binary or memory string: OriginalFilenameinetc.dllF vs Voice.ai-Downloader-alphaver-9aab5f151e93466090a2c1fe0b2e9d6e(1).exe
Source: Voice.ai-Downloader-alphaver-9aab5f151e93466090a2c1fe0b2e9d6e(1).exe, 00000000.00000002.3146544123.000000000040A000.00000004.00000001.01000000.00000003.sdmp	Binary or memory string: OriginalFilenameinetc.dllF vs Voice.ai-Downloader-alphaver-9aab5f151e93466090a2c1fe0b2e9d6e(1).exe

Source: VoiceAI.exe, 00000011.00000002.3211951718.000001C17F632000.00000002.00000001.01000000.00000030.sdmp	Binary or memory string: .sln
Source: VoiceAI.exe, 00000011.00000002.3211951718.000001C17F632000.00000002.00000001.01000000.00000030.sdmp	Binary or memory string: .csproj.css
Source: VoiceAI.exe, 00000011.00000002.3211951718.000001C17F632000.00000002.00000001.01000000.00000030.sdmp	Binary or memory string: .vbproj.vbs

Source: unknown	Process created: C:\Users\user\Desktop\Voice.ai-Downloader-alphaver-9aab5f151e93466090a2c1fe0b2e9d6e(1).exe C:\Users\user\Desktop\Voice.ai-Downloader-alphaver-9aab5f151e93466090a2c1fe0b2e9d6e(1).exe
Source: C:\Users\user\Desktop\Voice.ai-Downloader-alphaver-9aab5f151e93466090a2c1fe0b2e9d6e(1).exe	Process created: C:\Program Files\Voice.ai\VoiceAI-Installer.exe C:\Program Files\Voice.ai\VoiceAI-Installer.exe" /path "C:\Program Files\Voice.ai
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Process created: C:\Program Files\Voice.ai\tools\vc2019.exe "C:\Program Files\Voice.ai\tools\vc2019.exe" /q /norestart
Source: C:\Program Files\Voice.ai\tools\vc2019.exe	Process created: C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe "C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe" -burn.clean.room="C:\Program Files\Voice.ai\tools\vc2019.exe" -burn.filehandle.attached=648 -burn.filehandle.self=512 /q /norestart
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Process created: C:\Program Files\Voice.ai\VoiceAI.exe "C:\Program Files\Voice.ai\VoiceAI.exe" installdriver
Source: unknown	Process created: C:\Windows\System32\svchost.exe C:\Windows\system32\svchost.exe -k DcomLaunch -p -s DeviceInstall
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\System32\drvinst.exe DrvInst.exe "4" "0" "C:\Users\user\AppData\Local\Temp\{6ba11cfe-7589-5b42-af6f-af407f34b132}\voiceaidriver.inf" "9" "46b7f3743" "0000000000000158" "WinSta0\Default" "0000000000000164" "208" "c:\program files\voice.ai\voiceaidriver"
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\System32\drvinst.exe DrvInst.exe "2" "211" "ROOT\MEDIA\0000" "C:\Windows\INF\oem4.inf" "oem4.inf:ed86ca11bfc96d40:VOICEAIDRIVER_SA:16.36.0.99:root\voiceaidriver," "46b7f3743" "0000000000000158"
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Process created: C:\Windows\explorer.exe C:\Windows\explorer.exe" "C:\Program Files\Voice.ai\VoiceAI.exe
Source: unknown	Process created: C:\Windows\explorer.exe C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
Source: C:\Windows\explorer.exe	Process created: C:\Program Files\Voice.ai\VoiceAI.exe "C:\Program Files\Voice.ai\VoiceAI.exe"
Source: unknown	Process created: C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Process created: C:\Program Files\Voice.ai\VoiceAI.exe "C:\Program Files\Voice.ai\VoiceAI.exe" --type=gpu-process --no-sandbox --log-severity=disable --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --cefsharpexitsub --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --log-file="C:\Program Files\Voice.ai\debug.log" --mojo-platform-channel-handle=2584 --field-trial-handle=2648,i,8202924802425580642,3664495284549469561,131072 --disable-features=CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:2 --host-process-id=4132
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Process created: C:\Program Files\Voice.ai\VoiceAI.exe "C:\Program Files\Voice.ai\VoiceAI.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --no-sandbox --log-severity=disable --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --cefsharpexitsub --log-file="C:\Program Files\Voice.ai\debug.log" --mojo-platform-channel-handle=3020 --field-trial-handle=2648,i,8202924802425580642,3664495284549469561,131072 --disable-features=CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8 --host-process-id=4132
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Process created: C:\Program Files\Voice.ai\VoiceAI.exe "C:/Program Files/Voice.ai/VoiceAI.exe" discord 4132
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Process created: C:\Program Files\Voice.ai\VoiceAI.exe "C:\Program Files\Voice.ai\VoiceAI.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --log-severity=disable --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --cefsharpexitsub --log-file="C:\Program Files\Voice.ai\debug.log" --mojo-platform-channel-handle=3032 --field-trial-handle=2648,i,8202924802425580642,3664495284549469561,131072 --disable-features=CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8 --host-process-id=4132
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Process created: C:\Program Files\Voice.ai\VoiceAI.exe "C:\Program Files\Voice.ai\VoiceAI.exe" --type=renderer --log-severity=disable --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --cefsharpexitsub --no-sandbox --autoplay-policy=no-user-gesture-required --log-file="C:\Program Files\Voice.ai\debug.log" --use-fake-ui-for-media-stream --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --launch-time-ticks=5711982421 --mojo-platform-channel-handle=3244 --field-trial-handle=2648,i,8202924802425580642,3664495284549469561,131072 --disable-features=CalculateNativeWinOcclusion,WinUseBrowserSpellChecker --host-process-id=4132 /prefetch:1
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Process created: C:\Program Files\Voice.ai\VoiceAI.exe "C:\Program Files\Voice.ai\VoiceAI.exe" --type=renderer --log-severity=disable --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --cefsharpexitsub --no-sandbox --autoplay-policy=no-user-gesture-required --log-file="C:\Program Files\Voice.ai\debug.log" --use-fake-ui-for-media-stream --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --launch-time-ticks=5712169225 --mojo-platform-channel-handle=3260 --field-trial-handle=2648,i,8202924802425580642,3664495284549469561,131072 --disable-features=CalculateNativeWinOcclusion,WinUseBrowserSpellChecker --host-process-id=4132 /prefetch:1
Source: unknown	Process created: C:\Program Files\Voice.ai\VoiceAI.exe "C:\Program Files\Voice.ai\VoiceAI.exe" startup
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Process created: C:\Program Files\Voice.ai\VoiceAI.exe "C:\Program Files\Voice.ai\VoiceAI.exe" --type=gpu-process --no-sandbox --log-severity=disable --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --cefsharpexitsub --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --log-file="C:\Program Files\Voice.ai\debug.log" --mojo-platform-channel-handle=2472 --field-trial-handle=2560,i,1165960106417954657,3029754261506682906,131072 --disable-features=CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:2 --host-process-id=3920
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Process created: C:\Program Files\Voice.ai\VoiceAI.exe "C:/Program Files/Voice.ai/VoiceAI.exe" discord 3920
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Process created: C:\Program Files\Voice.ai\VoiceAI.exe "C:\Program Files\Voice.ai\VoiceAI.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --no-sandbox --log-severity=disable --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --cefsharpexitsub --log-file="C:\Program Files\Voice.ai\debug.log" --mojo-platform-channel-handle=2992 --field-trial-handle=2560,i,1165960106417954657,3029754261506682906,131072 --disable-features=CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8 --host-process-id=3920
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Process created: C:\Program Files\Voice.ai\VoiceAI.exe "C:\Program Files\Voice.ai\VoiceAI.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --log-severity=disable --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --cefsharpexitsub --log-file="C:\Program Files\Voice.ai\debug.log" --mojo-platform-channel-handle=3044 --field-trial-handle=2560,i,1165960106417954657,3029754261506682906,131072 --disable-features=CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8 --host-process-id=3920
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Process created: C:\Program Files\Voice.ai\VoiceAI.exe "C:\Program Files\Voice.ai\VoiceAI.exe" --type=renderer --log-severity=disable --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --cefsharpexitsub --no-sandbox --autoplay-policy=no-user-gesture-required --log-file="C:\Program Files\Voice.ai\debug.log" --use-fake-ui-for-media-stream --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --launch-time-ticks=5721035491 --mojo-platform-channel-handle=3244 --field-trial-handle=2560,i,1165960106417954657,3029754261506682906,131072 --disable-features=CalculateNativeWinOcclusion,WinUseBrowserSpellChecker --host-process-id=3920 /prefetch:1
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Process created: C:\Program Files\Voice.ai\VoiceAI.exe "C:\Program Files\Voice.ai\VoiceAI.exe" --type=renderer --log-severity=disable --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --cefsharpexitsub --no-sandbox --autoplay-policy=no-user-gesture-required --log-file="C:\Program Files\Voice.ai\debug.log" --use-fake-ui-for-media-stream --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --launch-time-ticks=5721085630 --mojo-platform-channel-handle=3268 --field-trial-handle=2560,i,1165960106417954657,3029754261506682906,131072 --disable-features=CalculateNativeWinOcclusion,WinUseBrowserSpellChecker --host-process-id=3920 /prefetch:1
Source: C:\Users\user\Desktop\Voice.ai-Downloader-alphaver-9aab5f151e93466090a2c1fe0b2e9d6e(1).exe	Process created: C:\Program Files\Voice.ai\VoiceAI-Installer.exe C:\Program Files\Voice.ai\VoiceAI-Installer.exe" /path "C:\Program Files\Voice.ai	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Process created: C:\Program Files\Voice.ai\tools\vc2019.exe "C:\Program Files\Voice.ai\tools\vc2019.exe" /q /norestart	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Process created: C:\Program Files\Voice.ai\VoiceAI.exe "C:\Program Files\Voice.ai\VoiceAI.exe" installdriver	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Process created: C:\Windows\explorer.exe C:\Windows\explorer.exe" "C:\Program Files\Voice.ai\VoiceAI.exe	Jump to behavior
Source: C:\Program Files\Voice.ai\tools\vc2019.exe	Process created: C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe "C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe" -burn.clean.room="C:\Program Files\Voice.ai\tools\vc2019.exe" -burn.filehandle.attached=648 -burn.filehandle.self=512 /q /norestart	Jump to behavior
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\System32\drvinst.exe DrvInst.exe "4" "0" "C:\Users\user\AppData\Local\Temp\{6ba11cfe-7589-5b42-af6f-af407f34b132}\voiceaidriver.inf" "9" "46b7f3743" "0000000000000158" "WinSta0\Default" "0000000000000164" "208" "c:\program files\voice.ai\voiceaidriver"
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\System32\drvinst.exe DrvInst.exe "2" "211" "ROOT\MEDIA\0000" "C:\Windows\INF\oem4.inf" "oem4.inf:ed86ca11bfc96d40:VOICEAIDRIVER_SA:16.36.0.99:root\voiceaidriver," "46b7f3743" "0000000000000158"
Source: C:\Windows\explorer.exe	Process created: C:\Program Files\Voice.ai\VoiceAI.exe "C:\Program Files\Voice.ai\VoiceAI.exe"
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Process created: C:\Program Files\Voice.ai\VoiceAI.exe "C:\Program Files\Voice.ai\VoiceAI.exe" --type=gpu-process --no-sandbox --log-severity=disable --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --cefsharpexitsub --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --log-file="C:\Program Files\Voice.ai\debug.log" --mojo-platform-channel-handle=2584 --field-trial-handle=2648,i,8202924802425580642,3664495284549469561,131072 --disable-features=CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:2 --host-process-id=4132
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Process created: C:\Program Files\Voice.ai\VoiceAI.exe "C:\Program Files\Voice.ai\VoiceAI.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --no-sandbox --log-severity=disable --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --cefsharpexitsub --log-file="C:\Program Files\Voice.ai\debug.log" --mojo-platform-channel-handle=3020 --field-trial-handle=2648,i,8202924802425580642,3664495284549469561,131072 --disable-features=CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8 --host-process-id=4132
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Process created: C:\Program Files\Voice.ai\VoiceAI.exe "C:/Program Files/Voice.ai/VoiceAI.exe" discord 4132
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Process created: C:\Program Files\Voice.ai\VoiceAI.exe "C:\Program Files\Voice.ai\VoiceAI.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --log-severity=disable --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --cefsharpexitsub --log-file="C:\Program Files\Voice.ai\debug.log" --mojo-platform-channel-handle=3032 --field-trial-handle=2648,i,8202924802425580642,3664495284549469561,131072 --disable-features=CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8 --host-process-id=4132
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Process created: C:\Program Files\Voice.ai\VoiceAI.exe "C:\Program Files\Voice.ai\VoiceAI.exe" --type=renderer --log-severity=disable --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --cefsharpexitsub --no-sandbox --autoplay-policy=no-user-gesture-required --log-file="C:\Program Files\Voice.ai\debug.log" --use-fake-ui-for-media-stream --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --launch-time-ticks=5711982421 --mojo-platform-channel-handle=3244 --field-trial-handle=2648,i,8202924802425580642,3664495284549469561,131072 --disable-features=CalculateNativeWinOcclusion,WinUseBrowserSpellChecker --host-process-id=4132 /prefetch:1
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Process created: C:\Program Files\Voice.ai\VoiceAI.exe "C:\Program Files\Voice.ai\VoiceAI.exe" --type=renderer --log-severity=disable --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --cefsharpexitsub --no-sandbox --autoplay-policy=no-user-gesture-required --log-file="C:\Program Files\Voice.ai\debug.log" --use-fake-ui-for-media-stream --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --launch-time-ticks=5712169225 --mojo-platform-channel-handle=3260 --field-trial-handle=2648,i,8202924802425580642,3664495284549469561,131072 --disable-features=CalculateNativeWinOcclusion,WinUseBrowserSpellChecker --host-process-id=4132 /prefetch:1
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Process created: C:\Program Files\Voice.ai\VoiceAI.exe "C:\Program Files\Voice.ai\VoiceAI.exe" --type=gpu-process --no-sandbox --log-severity=disable --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --cefsharpexitsub --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --log-file="C:\Program Files\Voice.ai\debug.log" --mojo-platform-channel-handle=2472 --field-trial-handle=2560,i,1165960106417954657,3029754261506682906,131072 --disable-features=CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:2 --host-process-id=3920
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Process created: C:\Program Files\Voice.ai\VoiceAI.exe "C:/Program Files/Voice.ai/VoiceAI.exe" discord 3920
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Process created: C:\Program Files\Voice.ai\VoiceAI.exe "C:\Program Files\Voice.ai\VoiceAI.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --no-sandbox --log-severity=disable --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --cefsharpexitsub --log-file="C:\Program Files\Voice.ai\debug.log" --mojo-platform-channel-handle=2992 --field-trial-handle=2560,i,1165960106417954657,3029754261506682906,131072 --disable-features=CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8 --host-process-id=3920
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Process created: C:\Program Files\Voice.ai\VoiceAI.exe "C:\Program Files\Voice.ai\VoiceAI.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --log-severity=disable --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --cefsharpexitsub --log-file="C:\Program Files\Voice.ai\debug.log" --mojo-platform-channel-handle=3044 --field-trial-handle=2560,i,1165960106417954657,3029754261506682906,131072 --disable-features=CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8 --host-process-id=3920
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Process created: C:\Program Files\Voice.ai\VoiceAI.exe "C:\Program Files\Voice.ai\VoiceAI.exe" --type=renderer --log-severity=disable --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --cefsharpexitsub --no-sandbox --autoplay-policy=no-user-gesture-required --log-file="C:\Program Files\Voice.ai\debug.log" --use-fake-ui-for-media-stream --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --launch-time-ticks=5721035491 --mojo-platform-channel-handle=3244 --field-trial-handle=2560,i,1165960106417954657,3029754261506682906,131072 --disable-features=CalculateNativeWinOcclusion,WinUseBrowserSpellChecker --host-process-id=3920 /prefetch:1
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Process created: C:\Program Files\Voice.ai\VoiceAI.exe "C:\Program Files\Voice.ai\VoiceAI.exe" --type=renderer --log-severity=disable --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --cefsharpexitsub --no-sandbox --autoplay-policy=no-user-gesture-required --log-file="C:\Program Files\Voice.ai\debug.log" --use-fake-ui-for-media-stream --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --launch-time-ticks=5721085630 --mojo-platform-channel-handle=3268 --field-trial-handle=2560,i,1165960106417954657,3029754261506682906,131072 --disable-features=CalculateNativeWinOcclusion,WinUseBrowserSpellChecker --host-process-id=3920 /prefetch:1

Source: C:\Program Files\Voice.ai\VoiceAI.exe	Section loaded: C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\b8493bec853ac702d2188091d76ccffa\mscorlib.ni.dll	Jump to behavior
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Section loaded: C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\b8493bec853ac702d2188091d76ccffa\mscorlib.ni.dll
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Section loaded: C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\b8493bec853ac702d2188091d76ccffa\mscorlib.ni.dll
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Section loaded: C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\b8493bec853ac702d2188091d76ccffa\mscorlib.ni.dll
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Section loaded: C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\b8493bec853ac702d2188091d76ccffa\mscorlib.ni.dll
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Section loaded: C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\b8493bec853ac702d2188091d76ccffa\mscorlib.ni.dll
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Section loaded: C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\b8493bec853ac702d2188091d76ccffa\mscorlib.ni.dll
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Section loaded: C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\b8493bec853ac702d2188091d76ccffa\mscorlib.ni.dll
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Section loaded: C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\b8493bec853ac702d2188091d76ccffa\mscorlib.ni.dll
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Section loaded: C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\b8493bec853ac702d2188091d76ccffa\mscorlib.ni.dll
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Section loaded: C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\b8493bec853ac702d2188091d76ccffa\mscorlib.ni.dll
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Section loaded: C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\b8493bec853ac702d2188091d76ccffa\mscorlib.ni.dll
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Section loaded: C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\b8493bec853ac702d2188091d76ccffa\mscorlib.ni.dll
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Section loaded: C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\b8493bec853ac702d2188091d76ccffa\mscorlib.ni.dll
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Section loaded: C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\b8493bec853ac702d2188091d76ccffa\mscorlib.ni.dll

Source: C:\Windows\System32\drvinst.exe	Mutant created: \BaseNamedObjects\DrvInst.exe_mutex_{5B10AC83-4F13-4fde-8C0B-B85681BA8D73}
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Mutant created: \Sessions\1\BaseNamedObjects\Global\Voice.ai

Source: C:\Program Files\Voice.ai\tools\vc2019.exe	Command line argument: cabinet.dll	6_2_00CC1070
Source: C:\Program Files\Voice.ai\tools\vc2019.exe	Command line argument: msi.dll	6_2_00CC1070
Source: C:\Program Files\Voice.ai\tools\vc2019.exe	Command line argument: version.dll	6_2_00CC1070
Source: C:\Program Files\Voice.ai\tools\vc2019.exe	Command line argument: wininet.dll	6_2_00CC1070
Source: C:\Program Files\Voice.ai\tools\vc2019.exe	Command line argument: comres.dll	6_2_00CC1070
Source: C:\Program Files\Voice.ai\tools\vc2019.exe	Command line argument: clbcatq.dll	6_2_00CC1070
Source: C:\Program Files\Voice.ai\tools\vc2019.exe	Command line argument: msasn1.dll	6_2_00CC1070
Source: C:\Program Files\Voice.ai\tools\vc2019.exe	Command line argument: crypt32.dll	6_2_00CC1070
Source: C:\Program Files\Voice.ai\tools\vc2019.exe	Command line argument: feclient.dll	6_2_00CC1070
Source: C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe	Command line argument: cabinet.dll	7_2_007F1070
Source: C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe	Command line argument: msi.dll	7_2_007F1070
Source: C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe	Command line argument: version.dll	7_2_007F1070
Source: C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe	Command line argument: wininet.dll	7_2_007F1070
Source: C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe	Command line argument: comres.dll	7_2_007F1070
Source: C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe	Command line argument: clbcatq.dll	7_2_007F1070
Source: C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe	Command line argument: msasn1.dll	7_2_007F1070
Source: C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe	Command line argument: crypt32.dll	7_2_007F1070
Source: C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe	Command line argument: feclient.dll	7_2_007F1070

Source: VoiceAI-Installer.exe	String found in binary or memory: C:\Program Files\Voice.ai\VoiceAI-Installer.exe" /path "C:\Program Files\Voice.ai"
Source: VoiceAI-Installer.exe	String found in binary or memory: "C:\Program Files\Voice.ai\VoiceAI-Installer.exe" /path "C:\Program Files\Voice.ai"
Source: VoiceAI-Installer.exe	String found in binary or memory: C:\Program Files\Voice.ai\VoiceAI-Installer.exe
Source: VoiceAI-Installer.exe	String found in binary or memory: VoiceAI-Installer.exe
Source: vc2019.exe	String found in binary or memory: Failed to re-launch bundle process after RunOnce: %ls
Source: vc2019.exe	String found in binary or memory: Failed to re-launch bundle process after RunOnce: %ls

Source: C:\Program Files\Voice.ai\VoiceAI.exe	File read: C:\Windows\System32\drivers\etc\hosts
Source: C:\Program Files\Voice.ai\VoiceAI.exe	File read: C:\Windows\System32\drivers\etc\hosts
Source: C:\Program Files\Voice.ai\VoiceAI.exe	File read: C:\Windows\System32\drivers\etc\hosts
Source: C:\Program Files\Voice.ai\VoiceAI.exe	File read: C:\Windows\System32\drivers\etc\hosts

Source: C:\Users\user\Desktop\Voice.ai-Downloader-alphaver-9aab5f151e93466090a2c1fe0b2e9d6e(1).exe	Automated click: I Agree
Source: C:\Users\user\Desktop\Voice.ai-Downloader-alphaver-9aab5f151e93466090a2c1fe0b2e9d6e(1).exe	Automated click: Install

Source: C:\Program Files\Voice.ai\tools\vc2019.exe	Code function: 6_2_00CF1080 push es; iretd	6_2_00CF1083
Source: C:\Program Files\Voice.ai\tools\vc2019.exe	Code function: 6_2_00CF101D push es; iretd	6_2_00CF101F
Source: C:\Program Files\Voice.ai\tools\vc2019.exe	Code function: 6_2_00CF1022 push cs; iretd	6_2_00CF1037
Source: C:\Program Files\Voice.ai\tools\vc2019.exe	Code function: 6_2_00CEE876 push ecx; ret	6_2_00CEE889
Source: C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe	Code function: 7_2_0081E876 push ecx; ret	7_2_0081E889
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84F2BA3E push rax; retf	17_2_00007FFD84F2BA53
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Code function: 17_2_00007FFD84F2BA57 push rax; retf	17_2_00007FFD84F2BA53

Windows Analysis Report Voice.ai-Downloader-alphaver-9aab5f151e93466090a2c1fe0b2e9d6e(1).exe

Overview

General Information

Detection

Compliance

Signatures

Classification

Malware Threat Intel Provided by

Signatures

Cryptography

Compliance

Spreading

Networking

Key, Mouse, Clipboard, Microphone and Screen Capturing

E-Banking Fraud

System Summary

Data Obfuscation

Persistence and Installation Behavior

Boot Survival

Hooking and other Techniques for Hiding and Protection

Malware Analysis System Evasion

Anti Debugging

HIPS / PFW / Operating System Protection Evasion

Language, Device and Operating System Detection

Stealing of Sensitive Information

Remote Access Functionality

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Windows Analysis Report
Voice.ai-Downloader-alphaver-9aab5f151e93466090a2c1fe0b2e9d6e(1).exe

Malware Threat Intel
Provided by

Source: DriverManager.dll.5.dr	Static PE information: section name: .00cfg
Source: CefSharp.BrowserSubprocess.Core.dll.5.dr	Static PE information: section name: .nep
Source: CefSharp.Core.Runtime.dll.5.dr	Static PE information: section name: .nep

Source: C:\Windows\System32\drvinst.exe	File opened: C:\Windows\System32\drivers
Source: C:\Windows\System32\drvinst.exe	File opened: C:\Windows\System32\drivers
Source: C:\Windows\System32\drvinst.exe	File opened: C:\Windows\System32\drivers

Source: C:\Program Files\Voice.ai\VoiceAI.exe TID: 3560	Thread sleep time: -922337203685477s >= -30000s	Jump to behavior
Source: C:\Windows\System32\svchost.exe TID: 2940	Thread sleep time: -30000s >= -30000s
Source: C:\Program Files\Voice.ai\VoiceAI.exe TID: 4236	Thread sleep count: 131 > 30
Source: C:\Program Files\Voice.ai\VoiceAI.exe TID: 4208	Thread sleep count: 117 > 30
Source: C:\Program Files\Voice.ai\VoiceAI.exe TID: 4208	Thread sleep count: 100 > 30
Source: C:\Program Files\Voice.ai\VoiceAI.exe TID: 4208	Thread sleep count: 93 > 30

Source: C:\Program Files\Voice.ai\VoiceAI.exe	Last function: Thread delayed
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Last function: Thread delayed
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Last function: Thread delayed

Source: C:\Program Files\Voice.ai\tools\vc2019.exe	Code function: 6_2_00CFFDC2 GetLocalTime followed by cmp: cmp dword ptr [ebp+08h], 05h and CTI: je 00CFFE5Dh	6_2_00CFFDC2
Source: C:\Program Files\Voice.ai\tools\vc2019.exe	Code function: 6_2_00CFFDC2 GetLocalTime followed by cmp: cmp dword ptr [ebp+08h], 01h and CTI: je 00CFFE56h	6_2_00CFFDC2
Source: C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe	Code function: 7_2_0082FDC2 GetLocalTime followed by cmp: cmp dword ptr [ebp+08h], 05h and CTI: je 0082FE5Dh	7_2_0082FDC2
Source: C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe	Code function: 7_2_0082FDC2 GetLocalTime followed by cmp: cmp dword ptr [ebp+08h], 01h and CTI: je 0082FE56h	7_2_0082FDC2

Source: C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe	Check user administrative privileges: GetTokenInformation,DecisionNodes
Source: C:\Program Files\Voice.ai\tools\vc2019.exe	Check user administrative privileges: GetTokenInformation,DecisionNodes

Source: C:\Program Files\Voice.ai\VoiceAI.exe	API coverage: 9.2 %
Source: C:\Program Files\Voice.ai\VoiceAI.exe	API coverage: 4.3 %

Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Dropped PE file which has not been started: C:\Program Files\Voice.ai\hostpolicy.dll	Jump to dropped file
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Dropped PE file which has not been started: C:\Program Files\Voice.ai\AudioPX.dll	Jump to dropped file
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Dropped PE file which has not been started: C:\Program Files\Voice.ai\gcrypt.dll	Jump to dropped file
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Dropped PE file which has not been started: C:\Program Files\Voice.ai\BugSplatDotNet.dll	Jump to dropped file
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Dropped PE file which has not been started: C:\Program Files\Voice.ai\AudioConverter.dll	Jump to dropped file
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Dropped PE file which has not been started: C:\Program Files\Voice.ai\dbgshim.dll	Jump to dropped file
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Dropped PE file which has not been started: C:\Program Files\Voice.ai\libmp3lame.dll	Jump to dropped file
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Dropped PE file which has not been started: C:\Program Files\Voice.ai\NAudio.dll	Jump to dropped file
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Dropped PE file which has not been started: C:\Program Files\Voice.ai\hostfxr.dll	Jump to dropped file
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Dropped PE file which has not been started: C:\Program Files\Voice.ai\Newtonsoft.Json.dll	Jump to dropped file
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Dropped PE file which has not been started: C:\Program Files\Voice.ai\libsndfile-1.dll	Jump to dropped file
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Dropped PE file which has not been started: C:\Program Files\Voice.ai\onnxruntime_providers_shared.dll	Jump to dropped file
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Dropped PE file which has not been started: C:\Program Files\Voice.ai\onnxruntime.dll	Jump to dropped file
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Dropped PE file which has not been started: C:\Program Files\Voice.ai\cudart64_110.dll	Jump to dropped file
Source: C:\Program Files\Voice.ai\VoiceAI.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\{6ba11cfe-7589-5b42-af6f-af407f34b132}\SETF75F.tmp	Jump to dropped file
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Dropped PE file which has not been started: C:\Program Files\Voice.ai\VoiceAILib.dll	Jump to dropped file
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Dropped PE file which has not been started: C:\Program Files\Voice.ai\CefSharp.WinForms.dll	Jump to dropped file
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Dropped PE file which has not been started: C:\Program Files\Voice.ai\DirectML.dll	Jump to dropped file
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Dropped PE file which has not been started: C:\Program Files\Voice.ai\BugSplatRc.dll	Jump to dropped file
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Dropped PE file which has not been started: C:\Program Files\Voice.ai\CefSharp.dll	Jump to dropped file
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Dropped PE file which has not been started: C:\Program Files\Voice.ai\libsamplerate-0.dll	Jump to dropped file
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Dropped PE file which has not been started: C:\Program Files\Voice.ai\BsSndRpt.exe	Jump to dropped file
Source: C:\Windows\System32\drvinst.exe	Dropped PE file which has not been started: C:\Windows\System32\DriverStore\Temp\{8c6912fd-8e80-054e-98db-197808639641}\SETFC80.tmp	Jump to dropped file
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	Dropped PE file which has not been started: C:\Program Files\Voice.ai\CefSharp.Core.dll	Jump to dropped file

Source: C:\Users\user\Desktop\Voice.ai-Downloader-alphaver-9aab5f151e93466090a2c1fe0b2e9d6e(1).exe	API call chain: ExitProcess graph end node
Source: C:\Program Files\Voice.ai\VoiceAI-Installer.exe	API call chain: ExitProcess graph end node
Source: C:\Program Files\Voice.ai\tools\vc2019.exe	API call chain: ExitProcess graph end node
Source: C:\Windows\Temp\{152EC609-63B8-4D42-A4AE-BD9DC2EF9276}\.cr\vc2019.exe	API call chain: ExitProcess graph end node

Source: VoiceAI.exe, 00000011.00000002.3227024610.00007FFD83373000.00000002.00000001.01000000.00000025.sdmp	Binary or memory string: GL_EXT_texture_lod_biasARB_draw_buffersGL_ARB_texture_swizzleGL_EXT_texture_swizzleGL_ARB_shader_bit_encodingGL_ARB_shading_language_packingGL_ARB_explicit_attrib_locationGL_ARB_explicit_uniform_locationGL_ARB_texture_gatherGL_ARB_texture_cube_map_arrayGL_ARB_pixel_buffer_objectGL_EXT_pixel_buffer_objectGL_EXT_draw_buffers2GL_ARB_fragment_shaderGL_ARB_shader_texture_lodGL_ARB_shader_viewport_layer_arrayGL_NV_viewport_array2GL_NV_texture_border_clampGL_ARB_robust_buffer_access_behaviorGL_EXT_framebuffer_sRGBGL_ARB_framebuffer_sRGBGL_ARB_gpu_shader5functions->standard == STANDARD_GL_DESKTOP && isAMDfunctions->standard == STANDARD_GL_DESKTOP && isIntelisIntel && !IsSandyBridge(device) && !IsIvyBridge(device) && !IsHaswell(device)IsApple() && isIntelisIntel && IsApple() && IsSkylake(device) && GetMacOSVersion() < OSVersion(10, 13, 2)isIntel \|\| isAMDIsLinux() && functions->standard == STANDARD_GL_DESKTOP && isAMD(IsApple() && functions->standard == STANDARD_GL_DESKTOP) \|\| (IsLinux() && isAMD)IsApple() && functions->standard == STANDARD_GL_DESKTOP && GetMacOSVersion() < OSVersion(10, 11, 0)IsApple() && isIntel && GetMacOSVersion() < OSVersion(10, 12, 0)IsApple() && isAMDIsAndroid() && isQualcommfunctions->standard == STANDARD_GL_DESKTOP && isNvidiaIsApple() \|\| isNvidiafunctions->isAtMostGL(gl::Version(4, 1)) \|\| (functions->standard == STANDARD_GL_DESKTOP && isAMD)isAMD \|\| IsAndroid()IsAndroid() \|\| isNvidia(IsAndroid() && isQualcomm) \|\| (isIntel && IsApple())isAMD \|\| isIntelIsNexus5X(vendor, device)IsAndroid() \|\| (IsWindows() && isIntel)(IsWindows() && (isIntel \|\| isAMD)) \|\| (IsLinux() && isNvidia) \|\| IsIOS() \|\| IsAndroid() \|\| IsAndroidEmulator(functions)IsAndroid() \|\| limitMaxTextureSizeIsAndroid() \|\| (IsApple() && (isIntel \|\| isAMD \|\| isNvidia))limitMaxTextureSizeIsApple()IsAndroid() \|\| isAMD \|\| !functions->hasExtension("GL_KHR_robust_buffer_access_behavior")IsApple() && isIntel && GetMacOSVersion() >= OSVersion(10, 12, 4)IsApple() && isIntel && GetMacOSVersion() < OSVersion(10, 12, 6)IsLinux() \|\| (IsAndroid() && isNvidia) \|\| (IsWindows() && isNvidia) \|\| (IsApple() && functions->standard == STANDARD_GL_ES)IsApple() \|\| (IsLinux() && isAMD)functions->standard == STANDARD_GL_DESKTOP && functions->isAtLeastGL(gl::Version(3, 1)) && !functions->isAtLeastGL(gl::Version(4, 3))features->emulatePrimitiveRestartFixedIndex.enabled && IsApple() && isIntelIsApple() \|\| IsAndroid() \|\| IsWindows()!isIntel && functions->standard == STANDARD_GL_ES && functions->isAtLeastGLES(gl::Version(3, 1)) && functions->hasGLESExtension("GL_EXT_texture_norm16")IsWindows() && isAMDIsLinux() && isAMD && isMesa && mesaVersion < (std::array<int, 3>{19, 3, 5})(IsLinux() && isVMWare) \|\| (IsAndroid() && isNvidia) \|\| (IsAndroid() && GetAndroidSdkLevel() < 27 && IsAdreno5xxOrOlder(functions)) \|\| (IsAndroid() && IsMaliT8xxOrOlder(functions)) \|\| (IsAndroid() && IsMaliG31OrOlder(functions))IsApple() && functions->standard == STANDARD_GL_ES && !(isAMD && IsWindows())isDualGPUMacWithNVIDIAisTSANB
Source: Voice.ai-Downloader-alphaver-9aab5f151e93466090a2c1fe0b2e9d6e(1).exe, 00000000.00000003.3145890672.00000000005C0000.00000004.00000020.00020000.00000000.sdmp, Voice.ai-Downloader-alphaver-9aab5f151e93466090a2c1fe0b2e9d6e(1).exe, 00000000.00000002.3147008214.00000000005C0000.00000004.00000020.00020000.00000000.sdmp, VoiceAI-Installer.exe, 00000005.00000003.3112060728.00000000006BB000.00000004.00000020.00020000.00000000.sdmp, VoiceAI-Installer.exe, 00000005.00000003.2751135613.000000000074D000.00000004.00000020.00020000.00000000.sdmp, VoiceAI-Installer.exe, 00000005.00000002.3113421841.00000000006BB000.00000004.00000020.00020000.00000000.sdmp, VoiceAI-Installer.exe, 00000005.00000003.3105371904.000000000074D000.00000004.00000020.00020000.00000000.sdmp, VoiceAI-Installer.exe, 00000005.00000003.3105371904.00000000006F5000.00000004.00000020.00020000.00000000.sdmp, VoiceAI-Installer.exe, 00000005.00000002.3113421841.000000000074D000.00000004.00000020.00020000.00000000.sdmp, VoiceAI-Installer.exe, 00000005.00000003.3112060728.000000000074D000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAW
Source: Voice.ai-Downloader-alphaver-9aab5f151e93466090a2c1fe0b2e9d6e(1).exe, 00000000.00000002.3146857641.0000000000550000.00000004.00000020.00020000.00000000.sdmp, Voice.ai-Downloader-alphaver-9aab5f151e93466090a2c1fe0b2e9d6e(1).exe, 00000000.00000003.3145713539.0000000000550000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAW0x\%SystemRoot%\system32\mswsock.dll
Source: VoiceAI.exe, 00000011.00000002.3227024610.00007FFD83373000.00000002.00000001.01000000.00000025.sdmp	Binary or memory string: (IsLinux() && isVMWare) \|\| (IsAndroid() && isNvidia) \|\| (IsAndroid() && GetAndroidSdkLevel() < 27 && IsAdreno5xxOrOlder(functions)) \|\| (IsAndroid() && IsMaliT8xxOrOlder(functions)) \|\| (IsAndroid() && IsMaliG31OrOlder(functions))