Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

1

CapCut_2_9...io.exe

windows11-21h2-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    CapCut_2_9_1_990_capcut_pro_by_capcutmod.io.exe

  • Size

    547.8MB

  • Sample

    241013-p8hrmsxfkh

  • MD5

    851a63665f0116e347bb357946b2a985

  • SHA1

    c4e522f28871e49293c42e7922a1e648c68bf044

  • SHA256

    a9388f99dd5ddecbf6c741e58a9486195e38b0d53274a08c74907b6b532734ad

  • SHA512

    c362ee8c1cf75f126f6dddcda5bb0c60995cff41aa47861d4a7114c41b271534e77997e3f3a949ea48533a3b4bbda308916d8bd51ed4995cdb4ea7616b111966

  • SSDEEP

    12582912:4XIDIdWDY7qeaPiHOPek6VV2dKS+H0MPKTiClGTl6s4HGMHoqXiAExB:4YDIdWDVe/O2k66iH0sKW/Dn/qyAExB

Score
9/10
discoveryransomware

Malware Config

Targets

    • Target

      CapCut_2_9_1_990_capcut_pro_by_capcutmod.io.exe

    • Size

      547.8MB

    • MD5

      851a63665f0116e347bb357946b2a985

    • SHA1

      c4e522f28871e49293c42e7922a1e648c68bf044

    • SHA256

      a9388f99dd5ddecbf6c741e58a9486195e38b0d53274a08c74907b6b532734ad

    • SHA512

      c362ee8c1cf75f126f6dddcda5bb0c60995cff41aa47861d4a7114c41b271534e77997e3f3a949ea48533a3b4bbda308916d8bd51ed4995cdb4ea7616b111966

    • SSDEEP

      12582912:4XIDIdWDY7qeaPiHOPek6VV2dKS+H0MPKTiClGTl6s4HGMHoqXiAExB:4YDIdWDVe/O2k66iH0sKW/Dn/qyAExB

    Score
    9/10
    discoveryransomware

    • Renames multiple (475) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Suspicious use of NtCreateThreadExHideFromDebugger

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks