Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

6

CapCut.zip

windows7-x64

1

CapCut.zip

windows10-2004-x64

1

Payload/Ca...API.js

windows7-x64

3

Payload/Ca...API.js

windows10-2004-x64

3

Payload/Ca...nfo.js

windows7-x64

3

Payload/Ca...nfo.js

windows10-2004-x64

3

Payload/Ca...dge.js

windows7-x64

3

Payload/Ca...dge.js

windows10-2004-x64

3

Payload/Ca...ore.js

windows7-x64

3

Payload/Ca...ore.js

windows10-2004-x64

3

Payload/Ca...-v1.js

windows7-x64

3

Payload/Ca...-v1.js

windows10-2004-x64

3

Payload/Ca...cation

macos-10.15-amd64

1

Payload/Ca...ension

macos-10.15-amd64

1

Payload/Ca...st.xml

windows7-x64

3

Payload/Ca...st.xml

windows10-2004-x64

1

Payload/Ca...trings

windows7-x64

3

Payload/Ca...trings

windows10-2004-x64

3

Payload/Ca....dylib

macos-10.15-amd64

1

Payload/Ca...st.xml

windows7-x64

3

Payload/Ca...st.xml

windows10-2004-x64

1

Payload/Ca...trings

windows7-x64

3

Payload/Ca...trings

windows10-2004-x64

3

Payload/Ca...st.xml

windows7-x64

3

Payload/Ca...st.xml

windows10-2004-x64

1

Payload/Ca...trings

windows7-x64

3

Payload/Ca...trings

windows10-2004-x64

3

Payload/Ca...st.xml

windows7-x64

3

Payload/Ca...st.xml

windows10-2004-x64

1

Payload/Ca...trings

windows7-x64

3

Payload/Ca...trings

windows10-2004-x64

3

Payload/Ca...st.xml

windows7-x64

3

Analysis

  • max time kernel
    144s
  • max time network
    156s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22/12/2024, 19:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Payload/CapCut.app/pl.lproj/InfoPlist.xml

  • Size

    1KB

  • MD5

    148ba997b776f9d3be8f9785f1407672

  • SHA1

    59f1bfc08740d78caaafe5fcadc7ecd0f26cbbeb

  • SHA256

    9b96df2fe3fc8fc6db5e2822d6133834f3eaf541ca1e3a91587b63f67f1f748d

  • SHA512

    ec98922994ac5bed2c4276c292dfc871629da6ef1c2fc0f43142a7a49ea42cde98d8249ffb2d363e3224c6a90a33e9ae382b0652f895227172d86c2851830b5f

Score
1/10

Malware Config

Signatures

Processes

  • C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLED.EXE
    "C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLED.EXE" /verb open "C:\Users\Admin\AppData\Local\Temp\Payload\CapCut.app\pl.lproj\InfoPlist.xml"
    1⤵
      PID:3332

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3332-1-0x00007FFE9042D000-0x00007FFE9042E000-memory.dmp

      Filesize

      4KB

      Download

    • memory/3332-0-0x00007FFE50410000-0x00007FFE50420000-memory.dmp

      Filesize

      64KB

      Download

    • memory/3332-3-0x00007FFE90390000-0x00007FFE90585000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/3332-2-0x00007FFE90390000-0x00007FFE90585000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/3332-4-0x00007FFE90390000-0x00007FFE90585000-memory.dmp

      Filesize

      2.0MB

      Download