Overview

overview

10

Static

static

10

capcut.exe

windows7-x64

7

capcut.exe

windows10-2004-x64

9

capcut.exe

android-9-x86

capcut.exe

android-10-x64

capcut.exe

android-11-x64

capcut.exe

macos-10.15-amd64

capcut.exe

ubuntu-18.04-amd64

capcut.exe

debian-9-armhf

capcut.exe

debian-9-mips

capcut.exe

debian-9-mipsel

discord_to...er.pyc

windows7-x64

discord_to...er.pyc

windows10-2004-x64

discord_to...er.pyc

android-9-x86

discord_to...er.pyc

android-10-x64

discord_to...er.pyc

android-11-x64

discord_to...er.pyc

macos-10.15-amd64

discord_to...er.pyc

ubuntu-18.04-amd64

discord_to...er.pyc

debian-9-armhf

discord_to...er.pyc

debian-9-mips

discord_to...er.pyc

debian-9-mipsel

get_cookies.pyc

windows7-x64

get_cookies.pyc

windows10-2004-x64

get_cookies.pyc

android-9-x86

get_cookies.pyc

android-10-x64

get_cookies.pyc

android-11-x64

get_cookies.pyc

macos-10.15-amd64

get_cookies.pyc

ubuntu-18.04-amd64

get_cookies.pyc

debian-9-armhf

get_cookies.pyc

debian-9-mips

get_cookies.pyc

debian-9-mipsel

misc.pyc

windows7-x64

misc.pyc

windows10-2004-x64

Resubmissions

12-01-2025 14:13

250112-rjjzhsvqcv 10

12-01-2025 13:42

250112-qz5qgsxkfk 10

15-08-2024 09:06

240815-k2ygaszekn 10

13-08-2024 13:12

240813-qfy4lavfpf 10

Analysis

  • max time kernel
    844s
  • max time network
    845s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    12-01-2025 14:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    capcut.exe

  • Size

    75.4MB

  • MD5

    5151a9b4fe4920035044c45d3e65d076

  • SHA1

    30aabb92740c7f9d07b7574807ea3191a17f3c0d

  • SHA256

    105f95599be36c69ceff06df68c88ecfeeec436bdbc44f02b2b9fb0adfae61ce

  • SHA512

    0119c4e4b981d4590fef5c625da9416df937991438a4087b6b793b8c50d9fff611a12ed1e84a8dbe4a20dd48076df764c86a2160fecaf9596fac2e70bfddb903

  • SSDEEP

    1572864:PvhQ6lNWTp7vDSk8IpG7V+VPhqIbE7WTylPj4iY4MHHLeqPNLtDaTteZppKb:Pvh1f2pPSkB05awIxTy5nMHVLtewpKb

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\capcut.exe
    C:\Users\Admin\AppData\Local\Temp\capcut.exe cmd /c %SIGILL% "SIGTERM|DELETE|SIGKILL"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2096
    • C:\Users\Admin\AppData\Local\Temp\capcut.exe
      C:\Users\Admin\AppData\Local\Temp\capcut.exe cmd /c %SIGILL% "SIGTERM|DELETE|SIGKILL"
      2⤵
      • Loads dropped DLL
      PID:760

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI20962\python310.dll
    Filesize

    1.4MB

    MD5

    933b49da4d229294aad0c6a805ad2d71

    SHA1

    9828e3ce504151c2f933173ef810202d405510a4

    SHA256

    ab3e996db016ba87004a3c4227313a86919ff6195eb4b03ac1ce523f126f2206

    SHA512

    6023188f3b412dd12c2d4f3a8e279dcace945b6e24e1f6bbd4e49a5d2939528620ceb9a5f77b9a47d2d0454e472e2999240b81bed0239e7e400a4e25c96e1165

    Download Submit

  • memory/760-1261-0x000007FEF59C0000-0x000007FEF5E2E000-memory.dmp

    Filesize

    4.4MB

    Download