Overview

overview

5

Static

static

3

capcut_cap...er.exe

windows10-1703-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    capcut_capcutpc_invitefission_1.2.4_installer.exe

  • Size

    2.2MB

  • Sample

    240710-ahmkksvaqm

  • MD5

    cafd508f953e2d28acf9b49e80bf2fc6

  • SHA1

    0c739749978ef0b6077261e511ab10e9211f2c71

  • SHA256

    aa8ff4d4c4505f9245ae995be2fee8f6a78b1167126e613490e1c22549bdf142

  • SHA512

    3ff026e849378691da40d406ce806c438c8a4f015217731bd132bfccdb58c4832306a3f92aa752af6d3ca71e2425f161155d767e56d23c15f0634424080caab3

  • SSDEEP

    49152:7VhVn6EBMgmH1Cz0DqfMus8/V3sYPyD9+gqulxheyY6:7XVn6OMgmH1CS7ec7fxY6

Score
5/10
discovery

Malware Config

Targets

    • Target

      capcut_capcutpc_invitefission_1.2.4_installer.exe

    • Size

      2.2MB

    • MD5

      cafd508f953e2d28acf9b49e80bf2fc6

    • SHA1

      0c739749978ef0b6077261e511ab10e9211f2c71

    • SHA256

      aa8ff4d4c4505f9245ae995be2fee8f6a78b1167126e613490e1c22549bdf142

    • SHA512

      3ff026e849378691da40d406ce806c438c8a4f015217731bd132bfccdb58c4832306a3f92aa752af6d3ca71e2425f161155d767e56d23c15f0634424080caab3

    • SSDEEP

      49152:7VhVn6EBMgmH1Cz0DqfMus8/V3sYPyD9+gqulxheyY6:7XVn6OMgmH1CS7ec7fxY6

    Score
    5/10
    discovery

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Suspicious use of NtCreateThreadExHideFromDebugger

    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

1
T1553

Install Root Certificate

1
T1553.004

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

3
T1012

System Information Discovery

3
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks