3bfb70ce7b9a33b624289336f8c8990d430d30a2c50aa31efd0d2d562c24a9a6

Analysis

max time kernel
31s
max time network
144s
platform
windows7_x64
resource
win7-20230621-en
resource tags

arch:x64arch:x86image:win7-20230621-enlocale:en-usos:windows7-x64system
submitted
01-07-2023 19:22

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

BlueStacks10Installer_10.2.5.1004_native_bd4aeac568d5591cca32b547009cdf29_MDs1LDM7MTUsMTsxNSw0OzE1.exe
Size

897KB
MD5

d0348c278d94b30a9bcb05cc7b1dfe80
SHA1

62d0eb1c033251f9c7a1724e575d4386af26a60c
SHA256

3bfb70ce7b9a33b624289336f8c8990d430d30a2c50aa31efd0d2d562c24a9a6
SHA512

b1ec8cbcc1a00ea78a2e39362931fc5068e9eb283c494cba07b9239d0f011352a39f1811c3b3c19458f81e55207448115a99933c9bed9893827683fb26836a79
SSDEEP

12288:+ivtCXQd0gjKX7zuqGKlFGPDy1xBVG2xs1vK6Qlq+oxwzQ+1Ibq+2u9/X1:+ivtCXWeGKlFGCG2xslKd9oKk+WHZ1

Score

4^/10

Malware Config

Signatures

Executes dropped EXE 3 IoCs

pid	Process
1428	BlueStacksInstaller.exe
1064	HD-CheckCpu.exe
1192	HD-CheckCpu.exe

Loads dropped DLL 4 IoCs

pid	Process
2024	BlueStacks10Installer_10.2.5.1004_native_bd4aeac568d5591cca32b547009cdf29_MDs1LDM7MTUsMTsxNSw0OzE1.exe
2024	BlueStacks10Installer_10.2.5.1004_native_bd4aeac568d5591cca32b547009cdf29_MDs1LDM7MTUsMTsxNSw0OzE1.exe
2024	BlueStacks10Installer_10.2.5.1004_native_bd4aeac568d5591cca32b547009cdf29_MDs1LDM7MTUsMTsxNSw0OzE1.exe
2024	BlueStacks10Installer_10.2.5.1004_native_bd4aeac568d5591cca32b547009cdf29_MDs1LDM7MTUsMTsxNSw0OzE1.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Suspicious behavior: EnumeratesProcesses 5 IoCs

pid	Process
1428	BlueStacksInstaller.exe
1428	BlueStacksInstaller.exe
1428	BlueStacksInstaller.exe
1428	BlueStacksInstaller.exe
1428	BlueStacksInstaller.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	1428	BlueStacksInstaller.exe

Suspicious use of WriteProcessMemory 12 IoCs

description	pid	Process	procid_target
PID 2024 wrote to memory of 1428	2024	BlueStacks10Installer_10.2.5.1004_native_bd4aeac568d5591cca32b547009cdf29_MDs1LDM7MTUsMTsxNSw0OzE1.exe	28
PID 2024 wrote to memory of 1428	2024	BlueStacks10Installer_10.2.5.1004_native_bd4aeac568d5591cca32b547009cdf29_MDs1LDM7MTUsMTsxNSw0OzE1.exe	28
PID 2024 wrote to memory of 1428	2024	BlueStacks10Installer_10.2.5.1004_native_bd4aeac568d5591cca32b547009cdf29_MDs1LDM7MTUsMTsxNSw0OzE1.exe	28
PID 2024 wrote to memory of 1428	2024	BlueStacks10Installer_10.2.5.1004_native_bd4aeac568d5591cca32b547009cdf29_MDs1LDM7MTUsMTsxNSw0OzE1.exe	28
PID 1428 wrote to memory of 1064	1428	BlueStacksInstaller.exe	29
PID 1428 wrote to memory of 1064	1428	BlueStacksInstaller.exe	29
PID 1428 wrote to memory of 1064	1428	BlueStacksInstaller.exe	29
PID 1428 wrote to memory of 1064	1428	BlueStacksInstaller.exe	29
PID 1428 wrote to memory of 1192	1428	BlueStacksInstaller.exe	31
PID 1428 wrote to memory of 1192	1428	BlueStacksInstaller.exe	31
PID 1428 wrote to memory of 1192	1428	BlueStacksInstaller.exe	31
PID 1428 wrote to memory of 1192	1428	BlueStacksInstaller.exe	31

C:\Users\Admin\AppData\Local\Temp\BlueStacks10Installer_10.2.5.1004_native_bd4aeac568d5591cca32b547009cdf29_MDs1LDM7MTUsMTsxNSw0OzE1.exe
"C:\Users\Admin\AppData\Local\Temp\BlueStacks10Installer_10.2.5.1004_native_bd4aeac568d5591cca32b547009cdf29_MDs1LDM7MTUsMTsxNSw0OzE1.exe"
1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:2024
- C:\Users\Admin\AppData\Local\Temp\7zS8E73DB1C\BlueStacksInstaller.exe
  "C:\Users\Admin\AppData\Local\Temp\7zS8E73DB1C\BlueStacksInstaller.exe"
  2⤵
  - Executes dropped EXE
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of WriteProcessMemory
  PID:1428
- - C:\Users\Admin\AppData\Local\Temp\7zS8E73DB1C\HD-CheckCpu.exe
    "C:\Users\Admin\AppData\Local\Temp\7zS8E73DB1C\HD-CheckCpu.exe" --cmd checkHypervEnabled
    3⤵
    - Executes dropped EXE
    PID:1064
- - C:\Users\Admin\AppData\Local\Temp\7zS8E73DB1C\HD-CheckCpu.exe
    "C:\Users\Admin\AppData\Local\Temp\7zS8E73DB1C\HD-CheckCpu.exe" --cmd checkSSE4
    3⤵
    - Executes dropped EXE
    PID:1192

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
97846006fa7d99f833ed61b7783c63d2

SHA1
0cf9c1671821b17b3eb4b85b68a61b904b47ec87

SHA256
d35cdd4375392ed3e2a028b1046ce75be036d2e5bcf6f1e60150d9291317fa71

SHA512
62d5aa8052d7def1ff700da7cd602c302ffa61e51053922354f2196156e4a0db7932cd8a830d2b4a9f8e84907057a3dba2e48a8493c52b8abffcc40171b8fd57

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
6253bcea9244b37f1c63cb5320870eb6

SHA1
507afc119b81c6e110bd3f9dcd3dfd8af9db8b20

SHA256
270da9ad0de2546a5841994bb7a802e26e243f94b30a0f8c86748afb395d5070

SHA512
39b8287e0cb561893927281051323c430315c698acd4641ffdf4a4316f65e567845baa3ba5da5a604289952b8de4269b1f1b9396a7eb7417312e298ea9c1b225

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ae34f16428e8bf304985d00093499040

SHA1
259f275e5041dbfb46b785ccbd50caf0cb8284b6

SHA256
20db7e19e0c8ac04ea7e1e1d8e1978549eb7965f553853ab0159c9d0774a3e97

SHA512
c9b1afa7e4e95206c34defb1951bef4f29cced4376cec5c7d2d4ed123939e43b5de1fc3d4336dd514ab93d103e8cd7175eb31902faf13f08571a9fc5835b0465

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
dc0e49deec7289c63d936f86277aed98

SHA1
dc11689cfb4375bf80b9de615e2e113f57e2ebbe

SHA256
71ad88d88a3e3c8a63fb237456fe81430488b07483b2461402fb0d4d8fc67c4b

SHA512
e93c790383353c9f3808c73dd5daf678d8ca0064327fe3181fd1137916e631e693a3e757a6ba961bf0039eb3fbc536535f99da2fcce1d60df2c238a3b1a7cd95

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
a814da3a8a87d7f2aaa927ff3e6bf5f0

SHA1
e08a13693172bfb6f14a3fbd36cc851bc2513a6f

SHA256
b8a59606543f65946da9c9c940c09115642d1306a37888ad193ea622cca6cd8c

SHA512
30d63b231256d44fe32f3980db898edf20f91d883947f0cd39b99381627abc42a655b804e6163fd0f3d28c75e65f93f78d0d348cf628a622711da88ce3a4fed4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
0fe2d8be3999f7b068698ac4e89829eb

SHA1
4ab3264125f3aa61dc131f0718d6247cc8881f7e

SHA256
834c1089b9522e6d50b9d3bbe69f4fc6376a462218bd30ae3e79c9ee073e5d48

SHA512
a29d96b0faa184d313519c69337ee62a99a75877c4bad3a2f749def980d89413d5e86c6ae92452a9c06a8ec65a074e2bfcb9210d9ba2fe89dc67ae96c70f64d4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
585d1dd439d8f1730251b58a0b2f7b56

SHA1
83c3f473f95fb41c2c8eafe9d1bb45bce8d2ae53

SHA256
58676aef283d8ed7d2ea157eb684889905858f6959bec452bb6cca92bd316a58

SHA512
dc03260ed7f2a9703e479d8361bab21f3c66f0e31e12e1c78658dc8445a1614dc01df79d5b1add515487a83de16b9207eec20d987a30fdcf1a5ed74acdbdfa9d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
9c0844e18c5ba1d9b32f0cbdf8171461

SHA1
5dc67a97fea64013934ce2e36c0f30d73faa00e5

SHA256
d547839ed22cd81fcf63dda5dcf46776490389e58d0deb0a36a85a91747d6214

SHA512
23f4065321394783f1adc0d7c31ffc1d4c267deadecfec474042eb47280efad36f95ad82478896fc482150ffc41a9e6d68b12241fad25a3a442b646dda7a873f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
0bd8e24961a13dd48feabacf104be72b

SHA1
f712b47051aeec9c232c010a013fd03c313ccb8f

SHA256
625ba780b16eda01841eb7cb8a987322bcb3d5617d36e9dc4db76dbdeaeebb92

SHA512
15c36cc548cb93d376d92bf05be289bcde8b518046cdd290925f0fbbb0d1f26a643c91bd6fc9d55e2d1df6381c2d56ca57faa41387d60edb5375f2f2b56b9fd6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
229a9037a8d6ea5c7a0ce1a457c7894d

SHA1
15831570ae1d00526500fb9bb4944713b530c110

SHA256
62a6cde1ee21e32c57817b9b3c1af400dd12991b83b31878f75f4b13eae65cea

SHA512
2a3869fa167d8dc9dfb28b394f6070f291196b771534f69422c0686119cdef0639befb35b217e74bcd35afbe6e930c4fa2ede5dde5f53d70e219cb59288913f2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
1f9bed19313f2122e62d1c0128fadcf8

SHA1
5ca5caf59fdfaaad6fadece045020d09a52fefa9

SHA256
a4b60040e92c21b8b35cec25982a0f405f50b21efdb571c2e46d6ab5a6e7d4dc

SHA512
e259da68bd8293219b765a17a7f1721665f0b0499281b6649160637c5cf5a799ea8c8808d57853d4318b9251432de67ef3df3494ee475a67d4af2db886dc2eea

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
d04f8572a37f910a8dfaecbe44d4f6b1

SHA1
74df47588dae3f9ba8fa5944f77e6f309ff8d2d0

SHA256
6a10f1bba68c92c49e0f3db172c942013464ba982a6f61bd220401593f99d205

SHA512
5f2f3e2a8319f6401ff3dce0fde2c582c1af5f947380b0a9deeef390e7ae516051ba7bbc1751df3062ee0008c649d6588eaf145ec052533af8b1895258e7cc75

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
e3c36bf5a09fd6e41c189a7c9ad2825e

SHA1
ebed5ea54a2d40b14a1baa282bb87b4f7e757774

SHA256
9206e9edf8d25f7cd998b20e16c38d6f01d3b99e5aea84b8e7d6b56875af3c6b

SHA512
a023fbfd65b590543d818c979357f48364d0c3135e810f5f674eb27c6cfbef453ad747d2e83b1c71ee1027a9c34e35018db179b4af1b683a2901dfd555d6e2c7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
1c007ba672d5b0c0074319897c3eb7fb

SHA1
cae7577a61a84e3b27501988ddcb3d5b68c6d274

SHA256
f06807e3ad98fb1fa199e28d2c5d2ba6032c329a297b7b34dde23eb6d1eefef3

SHA512
ea5d91940f70f875ebe3199f2f87c8c1504326b0d74b2692cfa456be54ada32545e394bf46b69efe8f3fcedeb3d388c1d59ea3be110711767d18434254dd9d01

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
85e12726b865f6e0d69db78e5353d2ac

SHA1
bda344413237607c836fba96eb3435fc4acdee62

SHA256
263e09e2c92f2a21c161ea0c061c6bdf2d15306f42561539ad8d4d8eebb1702b

SHA512
cb065da84e3f088892642662d5a0ff610d6f0454a4fde61718ec103091ca89c86c428769663d0175eb35e96d249bdee3053526636d71b0ed18de82bd7b199e5c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
30243d5eec40dba0f1e4b729edc46131

SHA1
074f53b8b44666e1deea327a0619c0a452f8bf11

SHA256
c31b063b6c7075389003c94f0788ff518da48919d809d21012207c635b6e8d06

SHA512
1009f689c5bf4d6a54c14e146561de9402b788713f1fc767da0e2d9e48693d0ce54958fd287e3ddfc4def5463e47a8dbc8df8886527b9d90ff9bf1dac0bf62f7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
c5e127773e94b6f8b9c209dd8e5682d3

SHA1
eb2daeb6af0d72b84990865452ccd98220d7066f

SHA256
767291614e5d33dc635f4340fe360132415610b792a292460b2d2e376467a43f

SHA512
d6a88af29ff057325cea6165a13d6d14cfa1a80305d4a6e0f33b93dd06a8d623cd9a6976b87ac71fe4595b0b1cea23df45ce27a39c15ca4ffedf877d63de926c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
a691ee2f0856fab7fb2ad69c4e13878c

SHA1
fd8697a2913b34e003ac5dca7e7fafdc13a36c44

SHA256
18d773243365ba7fa3baf5958c9dad7567297b2bdc197184939ca6ddc8f35b43

SHA512
64f3480ea7c6785f4b78c3dabb181829485af71f820d9c76b1393ee02fda4776d4321732100eccc0b17f1b65cbeaf0c28d5a1659d451eac02cd9a6bf2730b6ec

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
a712ea0d50ee82fa2241fb3472389728

SHA1
8a772579400c9fb6da2104c5c187412946494dcd

SHA256
ce02a8eb59faca40218dcaed74dc34e09c912f18f381b3b86ed33535bb6ad5ec

SHA512
da3466966b2e2e627da1b458371a580f6c793bcfa1c9b1f2be0ef25de214147bf94d8a78d014153b0f19e24fe1d93ee2355190425e080deb0428b58dd4757e11

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
09f991fd057c46a1c4e5922be32ac7ab

SHA1
b2e677e373255c897dc89baa00face23d3e91894

SHA256
b26b78d9885e017f7967b8df4732744a1ce84067a368827d5099e023047f4302

SHA512
230131a22ec9d1b79413590e15ef7b795dacc7f78e75d85ce3bba068740509aef294d909fbfea606a17d336b7d0bef9e8fe2d14c328083d05be856d7ff640395

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
54fa059e75063654d85c3eaf9695d015

SHA1
b9943200b39446299a80451b08514e35e611fc05

SHA256
1850174b8fe450ed24a2140a065ac3b80acdd957fc4060356861d525337ee931

SHA512
c36e0a6c452246eca3994cc5f2721904568a3c892734c5a6cb096e8f818397a7812906f6dd17b5f8864ecb9190c19d679ea9e7edaf16e6eba9c7824b0b303a3d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
74afac583705cba03b9812102911d422

SHA1
c2ed0567d254ec681599c5d3a565a59ebc5ae670

SHA256
c01ed977e2f5c7d69d279bf4d2a6396c333a615d39d91f593aec20b16e4eb964

SHA512
e9888f3257523ef4638107e5b9de30ad546370fd669b635ca2c12e9f0dffa93ab67e22a31f9c5866516ce9487a6f1be367672c7b1214b38f9e9ab56835f424ba

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
e393fb3b7b05df79e91bfe9473cd0a2b

SHA1
8391ea16106b4ec26a4a4ed71aa695a6f09103ee

SHA256
23d01826d0c47b94ae96a05264095f81bba34e5febe5f489373844f7706a7613

SHA512
0ac9ec122e668555aabb53549f3f60406007f4e8a99c5765c1497e73e7d6d91576a99669644d29d9c168b3bfd91a56c66d032f6ac13c6e9f21b7d06e39765205

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ecbe9cee113c3ba4e846eda84b694989

SHA1
6d23445a2edfb4fb54c4ef486d59433772dea108

SHA256
e88cdb053e83b9d0b066a23dbb8440537a89140ad7e07c69b699479b775730a7

SHA512
26e80eb3c3b688d95b9577b628f209382743baf73e526a83091f35c880441d7956da1da055fb53c9bed8771d68ee45359156223b86009f07a0db9dc879865d1b

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS8E73DB1C\Assets\exit_close.png

Filesize
670B

MD5
26eb04b9e0105a7b121ea9c6601bbf2a

SHA1
efc08370d90c8173df8d8c4b122d2bb64c07ccd8

SHA256
7aaef329ba9fa052791d1a09f127551289641ea743baba171de55faa30ec1157

SHA512
9df3c723314d11a6b4ce0577eb61488061f2f96a9746a944eb6a4ee8c0c4d29131231a1b20988ef5454b79f9475b43d62c710839ecc0a9c98324f977cab6db68

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS8E73DB1C\Assets\loader.png

Filesize
279B

MD5
03903fd42ed2ee3cb014f0f3b410bcb4

SHA1
762a95240607fe8a304867a46bc2d677f494f5c2

SHA256
076263cc65f9824f4f82eb6beaa594d1df90218a2ee21664cf209181557e04b1

SHA512
8b0e717268590e5287c07598a06d89220c5e9a33cd1c29c55f8720321f4b3efc869d20c61fcc892e13188d77f0fdc4c73a2ee6dece174bf876fcc3a6c5683857

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS8E73DB1C\Assets\minimize_progress.png

Filesize
212B

MD5
1504b80f2a6f2d3fefc305da54a2a6c2

SHA1
432a9d89ebc2f693836d3c2f0743ea5d2077848d

SHA256
2f62d4e8c643051093f907058dddc78cc525147d9c4f4a0d78b4d0e5c90979f6

SHA512
675db04baf3199c8d94af30a1f1c252830a56a90f633c3a72aa9841738b04242902a5e7c56dd792626338e8b7eabc1f359514bb3a2e62bc36c16919e196cfd94

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS8E73DB1C\BlueStacksInstaller.exe

Filesize
604KB

MD5
d4371d6fa1e03356d0bec49879d9996f

SHA1
652677bc8f62da3e2816a25b3633d84cb10fe8db

SHA256
6685e1bb21e199f4ae07042a4a479528491d1953f1882a2a5036c9d71a90f71a

SHA512
933aad448413360753c54696c3aa9b22c235e7ebdccf772fc7d878193417d4dc0ec7c1c7468cd083c3913c10ae778e4d6ddc9a54209723b96d9366cc92f3e651

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS8E73DB1C\BlueStacksInstaller.exe

Filesize
604KB

MD5
d4371d6fa1e03356d0bec49879d9996f

SHA1
652677bc8f62da3e2816a25b3633d84cb10fe8db

SHA256
6685e1bb21e199f4ae07042a4a479528491d1953f1882a2a5036c9d71a90f71a

SHA512
933aad448413360753c54696c3aa9b22c235e7ebdccf772fc7d878193417d4dc0ec7c1c7468cd083c3913c10ae778e4d6ddc9a54209723b96d9366cc92f3e651

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS8E73DB1C\BlueStacksInstaller.exe

Filesize
604KB

MD5
d4371d6fa1e03356d0bec49879d9996f

SHA1
652677bc8f62da3e2816a25b3633d84cb10fe8db

SHA256
6685e1bb21e199f4ae07042a4a479528491d1953f1882a2a5036c9d71a90f71a

SHA512
933aad448413360753c54696c3aa9b22c235e7ebdccf772fc7d878193417d4dc0ec7c1c7468cd083c3913c10ae778e4d6ddc9a54209723b96d9366cc92f3e651

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS8E73DB1C\BlueStacksInstaller.exe.config

Filesize
324B

MD5
1b456d88546e29f4f007cd0bf1025703

SHA1
e5c444fcfe5baf2ef71c1813afc3f2c1100cab86

SHA256
d6d316584b63bb0d670a42f88b8f84e0de0db4275f1a342084dc383ebeb278eb

SHA512
c545e416c841b8786e4589fc9ca2b732b16cdd759813ec03f558332f2436f165ec1ad2fbc65012b5709fa19ff1e8396639c17bfad150cabeb51328a39ea556e6

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS8E73DB1C\HD-CheckCpu.exe

Filesize
200KB

MD5
81234fd9895897b8d1f5e6772a1b38d0

SHA1
80b2fec4a85ed90c4db2f09b63bd8f37038db0d3

SHA256
2e14887f3432b4a313442247fc669f891dbdad7ef1a2d371466a2afa88074a4c

SHA512
4c924d6524dc2c7d834bfc1a0d98b21753a7bf1e94b1c2c6650f755e6f265512d3a963bc7bc745351f79f547add57c37e29ba9270707edbf62b60df3a541bc16

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS8E73DB1C\HD-CheckCpu.exe

Filesize
200KB

MD5
81234fd9895897b8d1f5e6772a1b38d0

SHA1
80b2fec4a85ed90c4db2f09b63bd8f37038db0d3

SHA256
2e14887f3432b4a313442247fc669f891dbdad7ef1a2d371466a2afa88074a4c

SHA512
4c924d6524dc2c7d834bfc1a0d98b21753a7bf1e94b1c2c6650f755e6f265512d3a963bc7bc745351f79f547add57c37e29ba9270707edbf62b60df3a541bc16

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS8E73DB1C\HD-CheckCpu.exe

Filesize
200KB

MD5
81234fd9895897b8d1f5e6772a1b38d0

SHA1
80b2fec4a85ed90c4db2f09b63bd8f37038db0d3

SHA256
2e14887f3432b4a313442247fc669f891dbdad7ef1a2d371466a2afa88074a4c

SHA512
4c924d6524dc2c7d834bfc1a0d98b21753a7bf1e94b1c2c6650f755e6f265512d3a963bc7bc745351f79f547add57c37e29ba9270707edbf62b60df3a541bc16

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS8E73DB1C\JSON.dll

Filesize
411KB

MD5
f5fd966e29f5c359f78cb61a571d1be4

SHA1
a55e7ed593b4bc7a77586da0f1223cfd9d51a233

SHA256
d2c8d26f95f55431e632c8581154db7c19547b656380e051194a9d2583dd2156

SHA512
d99e6fe250bb106257f86135938635f6e7ad689b2c11a96bb274f4c4c5e9a85cfacba40122dbc953f77b5d33d886c6af30bff821f10945e15b21a24b66f6c8be

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS8E73DB1C\Locales\i18n.en-US.txt

Filesize
18KB

MD5
2e67781c074a702af42f2c2259a9e94d

SHA1
c40ec186835abd9e8cd1976b0005e57e17c672f2

SHA256
858f09be7e462198c0e77b2b84de544158789f53eff200be78eab70a6acadd1a

SHA512
4adbf7cb6f1621ed1d3904beaad55eb5229475c9007c7ba41720d9dcc9b3f63c849b9a5cd9aaf86c5a063693b80c1b39fdf41eb2b026f35cd15a5d92d5ce843a

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS8E73DB1C\ThemeFile

Filesize
80KB

MD5
c3e6bab4f92ee40b9453821136878993

SHA1
94493a6b3dfb3135e5775b7d3be227659856fbc4

SHA256
de1a2e6b560e036da5ea6b042e29e81a5bfcf67dde89670c332fc5199e811ba6

SHA512
a64b6b06b3a0f3591892b60e59699682700f4018b898efe55d6bd5fb417965a55027671c58092d1eb7e21c2dbac42bc68dfb8c70468d98bed45a8cff0e945895

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab2CDD.tmp

Filesize
62KB

MD5
3ac860860707baaf32469fa7cc7c0192

SHA1
c33c2acdaba0e6fa41fd2f00f186804722477639

SHA256
d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

SHA512
d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar2D1F.tmp

Filesize
164KB

MD5
4ff65ad929cd9a367680e0e5b1c08166

SHA1
c0af0d4396bd1f15c45f39d3b849ba444233b3a2

SHA256
c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

SHA512
f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

Download Submit
\Users\Admin\AppData\Local\Temp\7zS8E73DB1C\BlueStacksInstaller.exe

Filesize
604KB

MD5
d4371d6fa1e03356d0bec49879d9996f

SHA1
652677bc8f62da3e2816a25b3633d84cb10fe8db

SHA256
6685e1bb21e199f4ae07042a4a479528491d1953f1882a2a5036c9d71a90f71a

SHA512
933aad448413360753c54696c3aa9b22c235e7ebdccf772fc7d878193417d4dc0ec7c1c7468cd083c3913c10ae778e4d6ddc9a54209723b96d9366cc92f3e651

Download Submit
\Users\Admin\AppData\Local\Temp\7zS8E73DB1C\BlueStacksInstaller.exe

Filesize
604KB

MD5
d4371d6fa1e03356d0bec49879d9996f

SHA1
652677bc8f62da3e2816a25b3633d84cb10fe8db

SHA256
6685e1bb21e199f4ae07042a4a479528491d1953f1882a2a5036c9d71a90f71a

SHA512
933aad448413360753c54696c3aa9b22c235e7ebdccf772fc7d878193417d4dc0ec7c1c7468cd083c3913c10ae778e4d6ddc9a54209723b96d9366cc92f3e651

Download Submit
\Users\Admin\AppData\Local\Temp\7zS8E73DB1C\BlueStacksInstaller.exe

Filesize
604KB

MD5
d4371d6fa1e03356d0bec49879d9996f

SHA1
652677bc8f62da3e2816a25b3633d84cb10fe8db

SHA256
6685e1bb21e199f4ae07042a4a479528491d1953f1882a2a5036c9d71a90f71a

SHA512
933aad448413360753c54696c3aa9b22c235e7ebdccf772fc7d878193417d4dc0ec7c1c7468cd083c3913c10ae778e4d6ddc9a54209723b96d9366cc92f3e651

Download Submit
\Users\Admin\AppData\Local\Temp\7zS8E73DB1C\BlueStacksInstaller.exe

Filesize
604KB

MD5
d4371d6fa1e03356d0bec49879d9996f

SHA1
652677bc8f62da3e2816a25b3633d84cb10fe8db

SHA256
6685e1bb21e199f4ae07042a4a479528491d1953f1882a2a5036c9d71a90f71a

SHA512
933aad448413360753c54696c3aa9b22c235e7ebdccf772fc7d878193417d4dc0ec7c1c7468cd083c3913c10ae778e4d6ddc9a54209723b96d9366cc92f3e651

Download Submit
memory/1428-175-0x000000001AEE0000-0x000000001AF60000-memory.dmp

Filesize
512KB

Download
memory/1428-324-0x000000001AEE0000-0x000000001AF60000-memory.dmp

Filesize
512KB

Download
memory/1428-328-0x0000000001E00000-0x0000000001E0A000-memory.dmp

Filesize
40KB

Download
memory/1428-172-0x0000000000230000-0x00000000002CA000-memory.dmp

Filesize
616KB

Download
memory/1428-1106-0x000000001AEE0000-0x000000001AF60000-memory.dmp

Filesize
512KB

Download
memory/1428-780-0x000000001A760000-0x000000001A761000-memory.dmp

Filesize
4KB

Download
memory/1428-174-0x0000000000510000-0x0000000000578000-memory.dmp

Filesize
416KB

Download
memory/1428-1217-0x000000001AEE0000-0x000000001AF60000-memory.dmp

Filesize
512KB

Download