Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
CapCut_2_9_1_990_capcut_pro_by_capcutmod.io.exe
-
Size
547.8MB
-
Sample
241013-p8hrmsxfkh
-
MD5
851a63665f0116e347bb357946b2a985
-
SHA1
c4e522f28871e49293c42e7922a1e648c68bf044
-
SHA256
a9388f99dd5ddecbf6c741e58a9486195e38b0d53274a08c74907b6b532734ad
-
SHA512
c362ee8c1cf75f126f6dddcda5bb0c60995cff41aa47861d4a7114c41b271534e77997e3f3a949ea48533a3b4bbda308916d8bd51ed4995cdb4ea7616b111966
-
SSDEEP
12582912:4XIDIdWDY7qeaPiHOPek6VV2dKS+H0MPKTiClGTl6s4HGMHoqXiAExB:4YDIdWDVe/O2k66iH0sKW/Dn/qyAExB
Static task
static1
Behavioral task
behavioral1
Sample
CapCut_2_9_1_990_capcut_pro_by_capcutmod.io.exe
Resource
win11-20241007-en
Malware Config
Targets
-
-
Target
CapCut_2_9_1_990_capcut_pro_by_capcutmod.io.exe
-
Size
547.8MB
-
MD5
851a63665f0116e347bb357946b2a985
-
SHA1
c4e522f28871e49293c42e7922a1e648c68bf044
-
SHA256
a9388f99dd5ddecbf6c741e58a9486195e38b0d53274a08c74907b6b532734ad
-
SHA512
c362ee8c1cf75f126f6dddcda5bb0c60995cff41aa47861d4a7114c41b271534e77997e3f3a949ea48533a3b4bbda308916d8bd51ed4995cdb4ea7616b111966
-
SSDEEP
12582912:4XIDIdWDY7qeaPiHOPek6VV2dKS+H0MPKTiClGTl6s4HGMHoqXiAExB:4YDIdWDVe/O2k66iH0sKW/Dn/qyAExB
Score9/10-
Renames multiple (475) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Suspicious use of NtCreateThreadExHideFromDebugger
-