CapCut_1_5_1_245_capcutpc_0[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

CapCut_1_5_1_245_capcutpc_0.exe
Size

389.6MB
MD5

3f6e83001e8b00ffb3fe4a46a225a392
SHA1

8ea04d7a107c7e1e1800963b6b3679be38d9ad26
SHA256

8910ad23b09a097235cedf09448484d2167aa3f0134ba5c30a18223721c0abf5
SHA512

ebf81583ff7fa0226239ea03653c4a35bf84cebffc6c367f190983fce7ce5b3dadc39e47c87e323248f71d67f81db3424ddf8f3760c3167188880b9d20aeac82
SSDEEP

12582912:AxKcllijFwgj0DWQK2Uc3y0ySmkFZavCJxqPGOV:AAclliHjpI3FmH6jq+q

Score

1^/10

Malware Config

Signatures

Files

CapCut_1_5_1_245_capcutpc_0.exe
.exe windows x86

3e4f801fa8c433c12db4de0194c60819

Code Sign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2013 12:00

Not After

15-01-2038 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0f:d1:bb:ca:79:6b:d7:f8:dd:4c:82:e1:0a:9a:96:31
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

13-01-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:df:4d:93:8e:75:e6:3d:64:8a:be:02:29:5c:d3:3c
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

01-08-2022 00:00

Not After

30-07-2025 23:59

Subject

SERIALNUMBER=201923456H,CN=Bytedance Pte. Ltd.,O=Bytedance Pte. Ltd.,L=Singapore,C=SG,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13025347

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21-09-2022 00:00

Not After

21-11-2033 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

72:ed:0d:1d:61:94:fc:a7:25:b9:78:60:b0:e6:d5:f9:c6:85:5a:4b:de:58:97:8c:5d:3f:97:48:cf:23:5a:9b
Signer

Actual PE Digest

72:ed:0d:1d:61:94:fc:a7:25:b9:78:60:b0:e6:d5:f9:c6:85:5a:4b:de:58:97:8c:5d:3f:97:48:cf:23:5a:9b

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

SERIALNUMBER=201923456H,CN=Bytedance Pte. Ltd.,O=Bytedance Pte. Ltd.,L=Singapore,C=SG,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13025347

24-02-2023 12:51
Valid: true

Chain 1

SERIALNUMBER=201923456H,CN=Bytedance Pte. Ltd.,O=Bytedance Pte. Ltd.,L=Singapore,C=SG,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13025347

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Chain 2

SERIALNUMBER=201923456H,CN=Bytedance Pte. Ltd.,O=Bytedance Pte. Ltd.,L=Singapore,C=SG,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13025347

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Chain 3

SERIALNUMBER=201923456H,CN=Bytedance Pte. Ltd.,O=Bytedance Pte. Ltd.,L=Singapore,C=SG,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13025347

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessW
GetDiskFreeSpaceExW
GetVolumeInformationW
GetCurrentProcessId
TerminateProcess
GetLocalTime
GetTickCount
GetSystemDirectoryW
lstrcmpW
CopyFileW
MoveFileExW
TerminateThread
GetPrivateProfileStringA
WritePrivateProfileStringA
MoveFileW
MapViewOfFile
InitializeCriticalSection
SetEvent
ResetEvent
CreateEventW
CreateMutexW
ReleaseMutex
GetStdHandle
GetFileType
GetNativeSystemInfo
FindFirstFileExW
OutputDebugStringA
GetUserDefaultLangID
SetEndOfFile
SetFilePointerEx
FlushFileBuffers
QueryPerformanceCounter
GetSystemTimeAsFileTime
CreateThread
IsDebuggerPresent
GetModuleHandleExW
TlsGetValue
TlsSetValue
TlsAlloc
TlsFree
lstrcmpiW
GetTimeZoneInformation
FreeEnvironmentStringsW
GetEnvironmentStringsW
ReadConsoleW
GetOEMCP
GetACP
IsValidCodePage
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
ExitProcess
SetStdHandle
GetConsoleMode
GetConsoleCP
GetCPInfo
RtlUnwind
GetStringTypeW
EncodePointer
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
OutputDebugStringW
LoadLibraryExA
UnmapViewOfFile
MapViewOfFileEx
CreateFileMappingW
Sleep
LeaveCriticalSection
EnterCriticalSection
SetFilePointer
GetCurrentProcess
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
FreeLibrary
OpenProcess
WaitForSingleObject
LocalFree
GetVersionExW
SetLastError
SetFileAttributesW
MultiByteToWideChar
ReadFile
GetFileSize
SetErrorMode
GetCommandLineW
LoadLibraryExW
ProcessIdToSessionId
FlushInstructionCache
GetCurrentThreadId
WideCharToMultiByte
CloseHandle
WriteFile
CreateFileW
GetModuleFileNameW
InitializeCriticalSectionAndSpinCount
RemoveDirectoryW
GetFileAttributesW
FindNextFileW
FindFirstFileW
FindClose
CreateDirectoryW
FindResourceW
LoadLibraryW
SizeofResource
LockResource
LoadResource
GetProcAddress
GetModuleHandleW
FindResourceExW
DeleteCriticalSection
InitializeCriticalSectionEx
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
GetLastError
RaiseException
DecodePointer
GetTempPathW
DeleteFileW
WriteConsoleW
SetEnvironmentVariableA

user32

MapWindowPoints
GetParent
SetWindowPos
SetTimer
KillTimer
PostQuitMessage
DefWindowProcW
SendMessageW
DispatchMessageW
TranslateMessage
GetMessageW
GetDesktopWindow
GetDC
UnregisterClassW
DestroyWindow
GetSystemMetrics
GetWindowRect
GetCursorPos
GetWindowLongW
SetWindowLongW
LoadCursorW
MessageBoxW
PeekMessageW
PostMessageW
ShowWindow
IsWindowVisible
IsIconic
CharNextW
SetFocus
SetForegroundWindow
GetMonitorInfoW
MonitorFromWindow
GetWindow
LoadImageW
GetWindowDC
ReleaseDC
SetWindowTextW
GetWindowPlacement
OffsetRect
UpdateLayeredWindow
ScreenToClient
CreateDialogParamW
wsprintfW
SetCursor
GetClientRect

gdi32

CreateDIBSection
DeleteDC
GetDeviceCaps
DeleteObject
GetStockObject
CreateCompatibleDC
SelectObject
GetObjectA

advapi32

AddAce
RegDeleteValueW
RegQueryInfoKeyW
RegEnumKeyExW
LookupPrivilegeValueW
AdjustTokenPrivileges
GetTokenInformation
DuplicateTokenEx
OpenProcessToken
SetNamedSecurityInfoW
GetNamedSecurityInfoW
IsValidSid
InitializeSid
InitializeAcl
GetSidSubAuthority
GetSidLengthRequired
GetLengthSid
GetAclInformation
GetAce
CopySid
RegSetValueExW
RegOpenKeyExW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegOpenKeyW
RegQueryValueExW
SetEntriesInAclW
BuildExplicitAccessWithNameW

shell32

SHGetFolderPathW
SHChangeNotify
SHFileOperationW
CommandLineToArgvW
SHBrowseForFolderW
ShellExecuteW
SHGetPathFromIDListW

ole32

PropVariantClear
CoInitializeEx
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoInitialize
CoCreateInstance
CoUninitialize

oleaut32

VariantClear
SysFreeString
VarUI4FromStr
SysAllocStringLen
SysAllocString

shlwapi

SHSetValueW
SHGetValueW
PathIsDirectoryW
PathGetDriveNumberW
PathFindExtensionW
ord176
ord12
SHStrDupW
PathIsNetworkPathW
StrStrIW
PathAppendW
PathFileExistsW
PathRemoveFileSpecW

comctl32

InitCommonControlsEx
_TrackMouseEvent

gdiplus

GdipSetStringFormatTrimming
GdipSetStringFormatFlags
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipSetTextRenderingHint
GdipDrawString
GdipDeleteStringFormat
GdipGetImageGraphicsContext
GdipDrawImagePointRectI
GdipCloneBrush
GdipFree
GdipAlloc
GdiplusShutdown
GdiplusStartup
GdipCreateStringFormat
GdipSetImageAttributesColorMatrix
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipTranslateWorldTransform
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipCreateFont
GdipDeleteFontFamily
GdipCreateFontFamilyFromName
GdipDeleteFont
GdipCloneImage
GdipDisposeImage
GdipDeleteGraphics
GdipCreateFromHDC
GdipGraphicsClear
GdipSetClipRectI
GdipRestoreGraphics
GdipSaveGraphics
GdipDrawImageRectRectI
GdipFillRectangleI
GdipSetSmoothingMode
GdipGetImageHeight
GdipGetImageWidth
GdipCreateSolidFill
GdipCreateBitmapFromScan0
GdipDeleteBrush

Exports

Exports

GetHandleVerifier
_timeBeginPeriod@4
_timeEndPeriod@4
_timeGetTime@0

Sections

.text
Size: 528KB - Virtual size: 528KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3e4f801fa8c433c12db4de0194c60819

Code Sign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5cCertificate

Key Usages

0f:d1:bb:ca:79:6b:d7:f8:dd:4c:82:e1:0a:9a:96:31Certificate

Extended Key Usages

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

06:df:4d:93:8e:75:e6:3d:64:8a:be:02:29:5c:d3:3cCertificate

Extended Key Usages

Key Usages

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

72:ed:0d:1d:61:94:fc:a7:25:b9:78:60:b0:e6:d5:f9:c6:85:5a:4b:de:58:97:8c:5d:3f:97:48:cf:23:5a:9bSigner

Signature Validations

Verification

24-02-2023 12:51 Valid: true

Chain 1

Chain 2

Chain 3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

gdiplus

Exports

Exports

Sections

.text Size: 528KB - Virtual size: 528KB

.rdata Size: 112KB - Virtual size: 111KB

.data Size: 12KB - Virtual size: 27KB

.tls Size: 512B - Virtual size: 2B

.rsrc Size: 1.2MB - Virtual size: 1.2MB

.reloc Size: 26KB - Virtual size: 25KB

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

0f:d1:bb:ca:79:6b:d7:f8:dd:4c:82:e1:0a:9a:96:31
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

06:df:4d:93:8e:75:e6:3d:64:8a:be:02:29:5c:d3:3c
Certificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

72:ed:0d:1d:61:94:fc:a7:25:b9:78:60:b0:e6:d5:f9:c6:85:5a:4b:de:58:97:8c:5d:3f:97:48:cf:23:5a:9b
Signer

24-02-2023 12:51
Valid: true

.text
Size: 528KB - Virtual size: 528KB

.rdata
Size: 112KB - Virtual size: 111KB

.data
Size: 12KB - Virtual size: 27KB

.tls
Size: 512B - Virtual size: 2B

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

.reloc
Size: 26KB - Virtual size: 25KB