363c18f062e7988139c4d3ba1d5234a9af1d78bf021ac04ce49ac0c28f3b16ee | Triage

Sharing

General

Target

CapCut_7378123805472112645_installer.exe
Size

2.2MB
Sample

241121-qkhbmsxjar
MD5

b828031f324919aeab20775eef0de631
SHA1

45e01b273e2112cfefe128074bd089bd9ba931e4
SHA256

363c18f062e7988139c4d3ba1d5234a9af1d78bf021ac04ce49ac0c28f3b16ee
SHA512

d8d15807605499ac8ca073ae99fd8fb7830c502c60357629931e4af9ea72d7cae5b5cbbc93e0e8891bd5fde364c5382687b78b35f63c004a8722ac225ade47dd
SSDEEP

49152:8vhVn6EWMfCz0DqfMus8/V3sYPyD9+gqulxheyN:85Vn65MfCS7ec7fxN

Score

5^/10

discovery

Malware Config

Targets

- Target
  
  CapCut_7378123805472112645_installer.exe
- Size
  
  2.2MB
- MD5
  
  b828031f324919aeab20775eef0de631
- SHA1
  
  45e01b273e2112cfefe128074bd089bd9ba931e4
- SHA256
  
  363c18f062e7988139c4d3ba1d5234a9af1d78bf021ac04ce49ac0c28f3b16ee
- SHA512
  
  d8d15807605499ac8ca073ae99fd8fb7830c502c60357629931e4af9ea72d7cae5b5cbbc93e0e8891bd5fde364c5382687b78b35f63c004a8722ac225ade47dd
- SSDEEP
  
  49152:8vhVn6EWMfCz0DqfMus8/V3sYPyD9+gqulxheyN:85Vn65MfCS7ec7fxN
Score

5^/10

discovery
- Suspicious use of NtCreateThreadExHideFromDebugger
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/BgWorker.dll
- Size
  
  2KB
- MD5
  
  33ec04738007e665059cf40bc0f0c22b
- SHA1
  
  4196759a922e333d9b17bda5369f14c33cd5e3bc
- SHA256
  
  50f735ab8f3473423e6873d628150bbc0777be7b4f6405247cddf22bb00fb6be
- SHA512
  
  2318b01f0c2f2f021a618ca3e6e5c24a94df5d00154766b77160203b8b0a177c8581c7b688ffe69be93a69bc7fd06b8a589844d42447f5060fb4bcf94d8a9aef
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  0d7ad4f45dc6f5aa87f606d0331c6901
- SHA1
  
  48df0911f0484cbe2a8cdd5362140b63c41ee457
- SHA256
  
  3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca
- SHA512
  
  c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9
- SSDEEP
  
  192:1enY0LWelt70elWjvfstJcVtwtYbjnIOg5AaDnbC7ypXhtIj:18PJlt70esj0Mt9vn6ay6
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/deviceregister_shared.dll
- Size
  
  226KB
- MD5
  
  8baaaeacb97679fb495e1c4f902f0a68
- SHA1
  
  29185b00e4c56ff8cc22de64c1407809d60348f1
- SHA256
  
  7c2a74c4be8d524a121e78e763c05c7b5cb58b524119ac8897c493e717a1d42a
- SHA512
  
  49f864332165c0229f0588fa1fd56fdc04bb005be1b61a9367fac5f45c32783e2e633c8acb64c3a921d41d9b79ceb3315813aa409a8f725cc7193958bf4bb8e0
- SSDEEP
  
  6144:5Nj2oPjbpV4hliZ7xsFARHtw+WY0L1TBWoBvF:6KV4hliZ7KFAb+L1TIo
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/downloader_nsis_plugin.dll
- Size
  
  1.2MB
- MD5
  
  14930a06cbfb26d5ffffd354fa12d5f8
- SHA1
  
  1de289bab03eaad965e419d657c3531a3738c558
- SHA256
  
  3ef7a13886328dafba1c49ec096da122e63839ac6965bf4f3d4dcce3a35ccc6d
- SHA512
  
  385268602f050c060795312c9cb86e979030a21b8cecc20303b346bbc0800a468a84a291224592d9b0e43458e579660b8062f6b9cba3b2e79aab5015d1dcc67b
- SSDEEP
  
  24576:eDe+j+n40zyob+w+LsoZttOWR7vDzAOdYKT9s6rNnb3Khz:Eei+n7zy2ULsGjOWR7vDzhdYKThNnzKN
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/shell_downloader.dll
- Size
  
  2.2MB
- MD5
  
  30c4aa9356d60d2039ed6bfb7850c4c1
- SHA1
  
  ef23c32dab6ed871527151932bbfe8b917d507af
- SHA256
  
  0c4abb66d9a69c80cfaa0eb3c988d4dc40d989843a87e95ed3cc6e75dae31559
- SHA512
  
  f425c9fcefd2ed55160d173b8e441f7867307fd006b0f01a655120ba150d87568ddc6266d36163267ce508df8147a97c16982093808c766051ca1e02ba9cc62b
- SSDEEP
  
  49152:6oiR6tzluS2KbICD13Nw2FiBLROWnhJV:6oiR+zDhbB19w+i1ROW
Score

3^/10

discovery
behavioral11 behavioral12

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12