Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

capcut.exe

windows7-x64

7

capcut.exe

windows10-2004-x64

9

Resubmissions

12/01/2025, 14:13

250112-rjjzhsvqcv 10

12/01/2025, 13:42

250112-qz5qgsxkfk 10

15/08/2024, 09:06

240815-k2ygaszekn 10

13/08/2024, 13:12

240813-qfy4lavfpf 10

Analysis

  • max time kernel
    119s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    13/08/2024, 13:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    capcut.exe

  • Size

    75.4MB

  • MD5

    5151a9b4fe4920035044c45d3e65d076

  • SHA1

    30aabb92740c7f9d07b7574807ea3191a17f3c0d

  • SHA256

    105f95599be36c69ceff06df68c88ecfeeec436bdbc44f02b2b9fb0adfae61ce

  • SHA512

    0119c4e4b981d4590fef5c625da9416df937991438a4087b6b793b8c50d9fff611a12ed1e84a8dbe4a20dd48076df764c86a2160fecaf9596fac2e70bfddb903

  • SSDEEP

    1572864:PvhQ6lNWTp7vDSk8IpG7V+VPhqIbE7WTylPj4iY4MHHLeqPNLtDaTteZppKb:Pvh1f2pPSkB05awIxTy5nMHVLtewpKb

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\capcut.exe
    "C:\Users\Admin\AppData\Local\Temp\capcut.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2064
    • C:\Users\Admin\AppData\Local\Temp\capcut.exe
      "C:\Users\Admin\AppData\Local\Temp\capcut.exe"
      2⤵
      • Loads dropped DLL
      PID:1156

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI20642\python310.dll
    Filesize

    1.4MB

    MD5

    933b49da4d229294aad0c6a805ad2d71

    SHA1

    9828e3ce504151c2f933173ef810202d405510a4

    SHA256

    ab3e996db016ba87004a3c4227313a86919ff6195eb4b03ac1ce523f126f2206

    SHA512

    6023188f3b412dd12c2d4f3a8e279dcace945b6e24e1f6bbd4e49a5d2939528620ceb9a5f77b9a47d2d0454e472e2999240b81bed0239e7e400a4e25c96e1165

    Download Submit

  • memory/1156-1261-0x000007FEF5BC0000-0x000007FEF602E000-memory.dmp

    Filesize

    4.4MB

    Download