Overview

overview

8

Static

static

BlueStacks...E1.exe

windows7-x64

8

BlueStacks...E1.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    BlueStacksInstaller_5.10.10.1013_native_c88eadd044a12b82925c88f65e0d6919_MzsxNSwwOzUsMTsxNSw0OzE1.exe

  • Size

    798KB

  • Sample

    230104-1489kshg99

  • MD5

    7ad91568390407eb5b795373a7d304b2

  • SHA1

    ee859b3ad89e528d300cc658f13ffcdf665cecf1

  • SHA256

    1f2ccebfe09c6815004f8f606aedfeca82182d2c18c76102ef85430dfd241da1

  • SHA512

    d249e0df905a198f7101d7ebe6ab957cab47344b3c7dc0671bc2c233c5ce37e798cf744cd84c6b398448f4f9fb005bb3f62b913695f659dded6e7174fb7e35ff

  • SSDEEP

    12288:8ivtCXQd0RYK1Lv6qQdeRPHKid1956SgMJXGWzkDDYrCyznjcMc3fQFZn:8ivtCXF1Lv6qQOq8HfrNAAekjrc3fQF9

Score
8/10
discoveryevasion

Malware Config

Targets

    • Target

      BlueStacksInstaller_5.10.10.1013_native_c88eadd044a12b82925c88f65e0d6919_MzsxNSwwOzUsMTsxNSw0OzE1.exe

    • Size

      798KB

    • MD5

      7ad91568390407eb5b795373a7d304b2

    • SHA1

      ee859b3ad89e528d300cc658f13ffcdf665cecf1

    • SHA256

      1f2ccebfe09c6815004f8f606aedfeca82182d2c18c76102ef85430dfd241da1

    • SHA512

      d249e0df905a198f7101d7ebe6ab957cab47344b3c7dc0671bc2c233c5ce37e798cf744cd84c6b398448f4f9fb005bb3f62b913695f659dded6e7174fb7e35ff

    • SSDEEP

      12288:8ivtCXQd0RYK1Lv6qQdeRPHKid1956SgMJXGWzkDDYrCyznjcMc3fQFZn:8ivtCXF1Lv6qQOq8HfrNAAekjrc3fQF9

    Score
    8/10
    discoveryevasion

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Modifies Windows Firewall

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks