General
-
Target
BlueStacksInstaller_5.11.41.1005_native_9db1e01872c2f6a84e7f67138fe3e140_MzsxNSwwOzUsMTsxNSw0OzE1.exe
-
Size
899KB
-
Sample
230331-v6mkpscb36
-
MD5
9f8a38bb72af8005f9ee7ad03d091aae
-
SHA1
b1bb8838168cce0bec65209d6d9f677f8faefe39
-
SHA256
9204ba83eb7eb818bc2b0e4d627e2bda31ce3aee8ee578115442262276e11746
-
SHA512
1ca6e93f32aeef525554fc71330fb6c738a83307a55bc628d023ef59025960df03b8df0e43773e708236771b29cac25e981f6860d144c08f359ef3ff86fcfd82
-
SSDEEP
12288:CivtCXQd0gjKX7zuqGKPFGPDy1x4Od57pn2riptda/L13uSEQRJyP/ZxG:CivtCXWeGKPFGF8KaAPEQLW/rG
Static task
static1
Behavioral task
behavioral1
Sample
BlueStacksInstaller_5.11.41.1005_native_9db1e01872c2f6a84e7f67138fe3e140_MzsxNSwwOzUsMTsxNSw0OzE1.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
BlueStacksInstaller_5.11.41.1005_native_9db1e01872c2f6a84e7f67138fe3e140_MzsxNSwwOzUsMTsxNSw0OzE1.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
BlueStacksInstaller_5.11.41.1005_native_9db1e01872c2f6a84e7f67138fe3e140_MzsxNSwwOzUsMTsxNSw0OzE1.exe
-
Size
899KB
-
MD5
9f8a38bb72af8005f9ee7ad03d091aae
-
SHA1
b1bb8838168cce0bec65209d6d9f677f8faefe39
-
SHA256
9204ba83eb7eb818bc2b0e4d627e2bda31ce3aee8ee578115442262276e11746
-
SHA512
1ca6e93f32aeef525554fc71330fb6c738a83307a55bc628d023ef59025960df03b8df0e43773e708236771b29cac25e981f6860d144c08f359ef3ff86fcfd82
-
SSDEEP
12288:CivtCXQd0gjKX7zuqGKPFGPDy1x4Od57pn2riptda/L13uSEQRJyP/ZxG:CivtCXWeGKPFGF8KaAPEQLW/rG
-
Downloads MZ/PE file
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-