Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
BlueStacks10Installer_10.2.5.1004_native_bd4aeac568d5591cca32b547009cdf29_MDs1LDM7MTUsMTsxNSw0OzE1.exe
-
Size
897KB
-
Sample
230701-x3htfshd52
-
MD5
d0348c278d94b30a9bcb05cc7b1dfe80
-
SHA1
62d0eb1c033251f9c7a1724e575d4386af26a60c
-
SHA256
3bfb70ce7b9a33b624289336f8c8990d430d30a2c50aa31efd0d2d562c24a9a6
-
SHA512
b1ec8cbcc1a00ea78a2e39362931fc5068e9eb283c494cba07b9239d0f011352a39f1811c3b3c19458f81e55207448115a99933c9bed9893827683fb26836a79
-
SSDEEP
12288:+ivtCXQd0gjKX7zuqGKlFGPDy1xBVG2xs1vK6Qlq+oxwzQ+1Ibq+2u9/X1:+ivtCXWeGKlFGCG2xslKd9oKk+WHZ1
Malware Config
Targets
-
-
Target
BlueStacks10Installer_10.2.5.1004_native_bd4aeac568d5591cca32b547009cdf29_MDs1LDM7MTUsMTsxNSw0OzE1.exe
-
Size
897KB
-
MD5
d0348c278d94b30a9bcb05cc7b1dfe80
-
SHA1
62d0eb1c033251f9c7a1724e575d4386af26a60c
-
SHA256
3bfb70ce7b9a33b624289336f8c8990d430d30a2c50aa31efd0d2d562c24a9a6
-
SHA512
b1ec8cbcc1a00ea78a2e39362931fc5068e9eb283c494cba07b9239d0f011352a39f1811c3b3c19458f81e55207448115a99933c9bed9893827683fb26836a79
-
SSDEEP
12288:+ivtCXQd0gjKX7zuqGKlFGPDy1xBVG2xs1vK6Qlq+oxwzQ+1Ibq+2u9/X1:+ivtCXWeGKlFGCG2xslKd9oKk+WHZ1
Score8/10-
Downloads MZ/PE file
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops file in System32 directory
-