328cc1ada1bc88ecf8ffa10525069123ac5b027121326fc51aaf6798f09636c5

Resubmissions

10/07/2023, 07:24

230710-h8s42shb68 8

10/07/2023, 07:18

230710-h5fdsahb56 8

10/07/2023, 07:14

230710-h2x5eshb49 8

Analysis

max time kernel
114s
max time network
126s
platform
windows7_x64
resource
win7-20230703-en
resource tags

arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system
submitted
10/07/2023, 07:14

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

BlueStacksInstaller_5.12.105.1006_native_e873a0c9e8bece18687d4057ffbcafc9_MDs1.exe
Size

897KB
MD5

f7e5464eb87a09f9831e5154512004b6
SHA1

04a35bfd2bd2dd96da428df3de78d5d22fe30271
SHA256

328cc1ada1bc88ecf8ffa10525069123ac5b027121326fc51aaf6798f09636c5
SHA512

500795616e448b34b3d608d4dd897a35891eda5f85d3ce189d7a58245a903ef177a81ee01e7a35052504fb5d3bc8a7935ecf20a6e2f453f72f1567b3b0e158d5
SSDEEP

12288:GivtCXQd0gjKX7zuqGKhFGPDy1xBVG2xsvNdeuCad2YteFph8iMeKMD7pY4JqG76:GivtCXWeGKhFGCG2xs6eQGGpTlNbJq6i

Score

4^/10

Malware Config

Signatures

Executes dropped EXE 3 IoCs

pid	Process
3008	BlueStacksInstaller.exe
516	HD-CheckCpu.exe
2136	HD-CheckCpu.exe

Loads dropped DLL 4 IoCs

pid	Process
996	BlueStacksInstaller_5.12.105.1006_native_e873a0c9e8bece18687d4057ffbcafc9_MDs1.exe
996	BlueStacksInstaller_5.12.105.1006_native_e873a0c9e8bece18687d4057ffbcafc9_MDs1.exe
996	BlueStacksInstaller_5.12.105.1006_native_e873a0c9e8bece18687d4057ffbcafc9_MDs1.exe
996	BlueStacksInstaller_5.12.105.1006_native_e873a0c9e8bece18687d4057ffbcafc9_MDs1.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Suspicious behavior: EnumeratesProcesses 5 IoCs

pid	Process
3008	BlueStacksInstaller.exe
3008	BlueStacksInstaller.exe
3008	BlueStacksInstaller.exe
3008	BlueStacksInstaller.exe
3008	BlueStacksInstaller.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	3008	BlueStacksInstaller.exe

Suspicious use of WriteProcessMemory 12 IoCs

description	pid	Process	procid_target
PID 996 wrote to memory of 3008	996	BlueStacksInstaller_5.12.105.1006_native_e873a0c9e8bece18687d4057ffbcafc9_MDs1.exe	29
PID 996 wrote to memory of 3008	996	BlueStacksInstaller_5.12.105.1006_native_e873a0c9e8bece18687d4057ffbcafc9_MDs1.exe	29
PID 996 wrote to memory of 3008	996	BlueStacksInstaller_5.12.105.1006_native_e873a0c9e8bece18687d4057ffbcafc9_MDs1.exe	29
PID 996 wrote to memory of 3008	996	BlueStacksInstaller_5.12.105.1006_native_e873a0c9e8bece18687d4057ffbcafc9_MDs1.exe	29
PID 3008 wrote to memory of 516	3008	BlueStacksInstaller.exe	30
PID 3008 wrote to memory of 516	3008	BlueStacksInstaller.exe	30
PID 3008 wrote to memory of 516	3008	BlueStacksInstaller.exe	30
PID 3008 wrote to memory of 516	3008	BlueStacksInstaller.exe	30
PID 3008 wrote to memory of 2136	3008	BlueStacksInstaller.exe	32
PID 3008 wrote to memory of 2136	3008	BlueStacksInstaller.exe	32
PID 3008 wrote to memory of 2136	3008	BlueStacksInstaller.exe	32
PID 3008 wrote to memory of 2136	3008	BlueStacksInstaller.exe	32

C:\Users\Admin\AppData\Local\Temp\BlueStacksInstaller_5.12.105.1006_native_e873a0c9e8bece18687d4057ffbcafc9_MDs1.exe
"C:\Users\Admin\AppData\Local\Temp\BlueStacksInstaller_5.12.105.1006_native_e873a0c9e8bece18687d4057ffbcafc9_MDs1.exe"
1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:996
- C:\Users\Admin\AppData\Local\Temp\7zS4E37830D\BlueStacksInstaller.exe
  "C:\Users\Admin\AppData\Local\Temp\7zS4E37830D\BlueStacksInstaller.exe"
  2⤵
  - Executes dropped EXE
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of WriteProcessMemory
  PID:3008
- - C:\Users\Admin\AppData\Local\Temp\7zS4E37830D\HD-CheckCpu.exe
    "C:\Users\Admin\AppData\Local\Temp\7zS4E37830D\HD-CheckCpu.exe" --cmd checkHypervEnabled
    3⤵
    - Executes dropped EXE
    PID:516
- - C:\Users\Admin\AppData\Local\Temp\7zS4E37830D\HD-CheckCpu.exe
    "C:\Users\Admin\AppData\Local\Temp\7zS4E37830D\HD-CheckCpu.exe" --cmd checkSSE4
    3⤵
    - Executes dropped EXE
    PID:2136

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
484ad75e71a0c8451e8fb6fc2fd4963f

SHA1
f382cd789724b8931ece939dedce10bd6c44b93b

SHA256
40798ba4f2a68be4e73ccad1528e88c9f0159db72cc7d93e7a8d16c47d65d44a

SHA512
10c5dc4d4ab464acc84614865de061f0af0513a36960f7e27ea9bba5cd83258d8e7c0fd4885e1886e1daf0b249bf815e71f77896313aef5c3b0186edd4e3607d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
a4df54e2c0fceea3385813d46a961041

SHA1
a8b61e399a78ae53e3d767770f25e5a536b50375

SHA256
947f8eef006d01bd9b2354c7d09c1ecbfd3d7f1037e7a4ab684a56f4238d4b31

SHA512
5132292c9cfe7714b2189cd72266d7f271e653688337ae5350f5c337d4d43d4c218fb02109b5d217c2b284ae21a0b667875bffdeb154c93a601b2f4a7dd9ba63

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
65e6ce49761380732d55edd62e9d54a4

SHA1
1c70a99266a5c3d34aa28bc02d906a0873b605b0

SHA256
84ee9f68afff1dcbc13887b514744f0054c9de9afd6c36f4e119ef6770d5d436

SHA512
b48247372a2ff72518d23449420229ce43e3ed53dff8f44180964fbd5173c5eddfb42618abbc145b8cec00101ee13a9a5fdd5a5f389c0b6d23ca06a7a2c0cc91

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
f70ca1fd8c370e86e7c42c44c4096ac0

SHA1
2a3d5303dcd469343424fccfea64b9d4965ab1e9

SHA256
5c2eccd97c98ef257fb77fdb6b6f101368afae9840da2470350b16b313569a2b

SHA512
6dc9ce9f08166e6f93279064fdc6d7831e17ed6dd027a1a30731b8aa40cd04bd71b0c4c3bccd1aa4257f62bca9fd64a7c6413aae405480865aa6494c2abe767a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
e241aa119726edcabff1a05bc700b34e

SHA1
0f011503b2e5c432f50cfb1f6ca876730bfaedcf

SHA256
454796ef4c6eb079ab71a630d177c5fde34383809de70664a83f3b29cf7e61f4

SHA512
718c146cc1f2b37591810d6911d0e57187a91e8bbdd79fd7ab15e3697490c59a85a76108074e79273cc92ae4822e83a024aea74c03fb84b51ef0d67378bc1998

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
9bf97d9ed29841daa817200bef2f106d

SHA1
4fb93cfdc835bd96cb0435842d9a914243f84eb1

SHA256
500036ca437de79cf69f62da0e496c16a0c82a2567df6be7c3388119bf798cf6

SHA512
68d5ac36a548e0fc8d97b275ae50a51a8e334dadb2653330ef8d14ff786c65e2872259b10efc6f9b81b4d36be9649875a19ab039dd458a225ec60f03dd3f7525

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
9db9d5c1b3a0b91ed2729dfa4265a4cd

SHA1
3765d125b81e6b4c7d490dae6137a0d07f4a6433

SHA256
576e26c6bf53353eb25508aadb39b0365d1cd08e765cac61f90fd38ce6791f6c

SHA512
b8f817e81cbdec9d0a0f70373a36f47cef02992b68ecf95b8389de58f21610ce1bba7fd8b3cb570971069d02a67d4fe7def98bea3c40079e06f5ce08566f6008

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
80f4d2eef4232fba35ed25be41348b53

SHA1
867f41a488dcc6b49fcdde1209f434cbf8ece593

SHA256
a602c7a3b090c4ef7b283ca98ea04283d9ae350dd6bf568e7938ecd1910e10b0

SHA512
a1be177d35c9520b563699dfab00aba7af9666a8bc126d5e10c41007ee2c1085b87a445fa5e3cad374bfd9fbbd514cb84e85b16bfea33966b72203e4ee763c9b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
b3b1e3aaffeeaf3358ae939feb1c74bb

SHA1
853c8446b2388f5aea779bdf211f29140bddd5cf

SHA256
dbb0c306d3bffe7bc23762baa313932625251c8a3863ef6ad8d03b33ca989001

SHA512
679e3d28eb7e5e0aace03549d1d61aaa1fc434f369ec9238a4519b33cb9273cb7c26f152d75a6e9f00de23b428eea17da52ddde494ee349f8ce20a7996df7b44

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
d13359a6d51efe7020c9e2c6643b2dc4

SHA1
6d697996d9c7bab87271107cc8b11f923965b12a

SHA256
b13d4b4e1b8469e627ca71eb84aee712edda895e75761814c745f6a5da61b4ed

SHA512
df90470846200c7a66e6f0714254a6374f077ed1083cdd35b7312574b530f29c616b505408059b46ebb204970d881d92e1278ca03821ac9c5037d3cb1ac4809c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
1417eac90e3ae46f6a5025cf92349715

SHA1
21c07c0dc3a0313977ec4af6ec1dc37c84124b85

SHA256
1203e418d5863cd9e8f9362b1cdc950b7fe5fe192653d58af03ee2ac33938d82

SHA512
6020b74d2667de063b09c37803de2446b141b6c8eb408231191ae1a429631d9f085582b60e81d7330ad03066d91cfefd2fd06276898b2d80a5df57060001bc47

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
e87d9006e58bef5819700e028ce7234c

SHA1
59e37c227dad23f17a771c65e4c25859cf160acc

SHA256
d1fab048b1c2d4a43d12ea33c400521abef23fdcb0dcffe3a93fb24f2e89a371

SHA512
d631b5528c22ba55abbf05d07c21681c1abfee5b3698c11f11e40b59c26821b2e707d7629c5eb18d844d7bbe1696a118498d7cbd918c6440d0ef356ec8fcd771

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
9e587f8cd30e9b1632ad06f8756db735

SHA1
0dbaf52aef930a8a4ee4e5b6d2c033c28b8e88cc

SHA256
73bf4c3b96a45c01f8054c0b1833f46e3be0fe2423a3c0083cc07d76fee4cd77

SHA512
a596a9a4d3eb967e7ed2c76798f9c8cdac3dd19e71e78c6ad43c4e291bc519fa50999409095606e15b4bab3cd21e3b40c45b5504cc5c47e6a84d764ab0a85bec

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
21f728c6b37b711b6ce3a392e1047622

SHA1
5a8850cde7e26f1ae51ee995c146c5e9b90e9395

SHA256
ea0fef816d8719c8a8943310e82f31927008cf10a64a408fbb04eb250854ef30

SHA512
f3f43e4437a595dc9ec4ce81878b9620f485e5eb82708549c7db5faf0893e1986371166f5926a8032a3c05e05d3a5eacf43655eaa8219e5a6944cd6831869e75

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
17e63e5d32ca1aed8dcde2cdfe82d7e7

SHA1
b289971f5b8162b7080f13dfb6578cad378b1c9f

SHA256
5fc7d38f3357f4411893eb3eb2ced3798b05b1dda0d97f60b3b09a7897abb6ec

SHA512
24b95339165810f8c00a92427a04dae1adfad8ff71218f4b8c25cb018119fccf7eb300dee283f62b87f65cbc572da2d02623cb74530b13f501944cf9d8cbc580

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
49654875627ddb8f25418fdb3473c8b6

SHA1
eafd76dc6d13b6d88b7f1462de2e6882d1a1666e

SHA256
634c92170227a436e0e182054bd0859ff67ef95801be3f07bfab87dbd898bfc6

SHA512
edb6c652089e7be6a133ba8ef7c02af65077e6abf51fdf53297d87c8e4352e5d411af4ab389fcd606a956df99801f5c5b274b6322dcfd925d11888ea4c031f75

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
2514c56c428d95a6b740468e5fcec229

SHA1
7c536ebc19550e268cdbf97b6884a47f568e8de0

SHA256
838f8e073e4611d12cf788170f5a60c9b4b74cba01131bd6eed9a36ead17a227

SHA512
2d9ceb8898b037cdabee5332761f9dd88b21d06719693ce10455c2a7f42e1df9707f972ce80aaa6726144ae58fa80f988a7edb20943305820c0e5ed9a45c88e8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
d2ad0a35d61c0e12c145f457689273f7

SHA1
190ebe11cf3e88e631fba30964c91b2e28d1a0b6

SHA256
f1e01839fc1000b312acec071ee2bf43b9dbdf5e9d9cb0c6e237a95e90c2a4b2

SHA512
30d6bd67dcbb83dc407663a5f8a76ba231e5670b6634cbd3fc591e9e90fdd906d00986f6eee1354218b763c8f91c6d3c4cb22e8bb3b4653bbe5e8b14d3f5b133

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
72b9b1133a905ebbcced00bd1bdb35d8

SHA1
56b2c3687fbb245a402f6d7c30360769a82eb007

SHA256
fca198f6b1320062b4e9ec96b6a0b5f3ebf2758c017c0036f10af69d54f2f96d

SHA512
a3b115421894de39fe26ad6f9b497217f892e03bc154749f20e2d1b81a9ee4af64bb3284a5612e47999be46ebe57c3e757cedcbed0fdc45438fa0bc5f6383fd0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
e35f567c371a76342952fc2d2125b67a

SHA1
27d77e7151a707ad2055f4c87478ca1d891484a9

SHA256
150c7ee418e3b6d0d1fb16a9bed239d815eca84484a18dbf0c1beb9ea6a26192

SHA512
f0bf18440af9eedc4d41d352eef5dd514ea97ab789a1dee77790297fdc914e1abcc24125d7738fed59ab7c756291b188638add85fa02a6fbc6fe8f5c45a642a0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
9a56ddcc95324709fd1b850e9f00aced

SHA1
3c1b9866b046131ed5c0cfe6308be29ca50978bd

SHA256
0979298887e25015d5ba462cd357d27d6a70e894342cfd4679b75b0db8ad08f9

SHA512
d6aadcdccd464b99656d41cc023be4001426a93e311244030f3a40e60004693196555675bf754b0f17e04e1822544a08ca80693f412be5d3d1cd844ca00c8d4c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
f2ddd3ecef00ce5d740c50933b3a9bb7

SHA1
9eb2b8e355735acb512cea44f07d14925a04fdd7

SHA256
b768116cd949ec98021a852c1f395a55386ffcd3fb4364ecb2961ecd918dfc36

SHA512
c3ee62fd222f955ecd4a7188c197ef36c7da0fe08a8dc6ba2ca41d281df48635479727d637e1fc8f690d8f5de60f01105b8e268b1fa98b41f631b29a7eaeb638

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
2d34c2244cd85d5daef8ecfe9ffc6c97

SHA1
02530a3a034f13d6416cc076d5592e2392a9c9e5

SHA256
0165c95f4949f7b748b70608f5203b334133d8931b3e0b28b4ec36df940e74a3

SHA512
8068b217035054a73a5f3e8b85026bb960fe4524f3f6922e795ca3c4c3a669a74217d0cb8dcd2d78e3a20f26f4785c617fd0f52ef302ac50fb4d86ef8e1c726b

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS4E37830D\Assets\exit_close.png

Filesize
670B

MD5
26eb04b9e0105a7b121ea9c6601bbf2a

SHA1
efc08370d90c8173df8d8c4b122d2bb64c07ccd8

SHA256
7aaef329ba9fa052791d1a09f127551289641ea743baba171de55faa30ec1157

SHA512
9df3c723314d11a6b4ce0577eb61488061f2f96a9746a944eb6a4ee8c0c4d29131231a1b20988ef5454b79f9475b43d62c710839ecc0a9c98324f977cab6db68

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS4E37830D\Assets\loader.png

Filesize
279B

MD5
03903fd42ed2ee3cb014f0f3b410bcb4

SHA1
762a95240607fe8a304867a46bc2d677f494f5c2

SHA256
076263cc65f9824f4f82eb6beaa594d1df90218a2ee21664cf209181557e04b1

SHA512
8b0e717268590e5287c07598a06d89220c5e9a33cd1c29c55f8720321f4b3efc869d20c61fcc892e13188d77f0fdc4c73a2ee6dece174bf876fcc3a6c5683857

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS4E37830D\Assets\minimize_progress.png

Filesize
212B

MD5
1504b80f2a6f2d3fefc305da54a2a6c2

SHA1
432a9d89ebc2f693836d3c2f0743ea5d2077848d

SHA256
2f62d4e8c643051093f907058dddc78cc525147d9c4f4a0d78b4d0e5c90979f6

SHA512
675db04baf3199c8d94af30a1f1c252830a56a90f633c3a72aa9841738b04242902a5e7c56dd792626338e8b7eabc1f359514bb3a2e62bc36c16919e196cfd94

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS4E37830D\BlueStacksInstaller.exe

Filesize
604KB

MD5
8fb32dffe84b6282e1e67296c4380510

SHA1
7dc43dbb76df9c681b4c9e331c0f1377505104bf

SHA256
c4fa55342169789e601314813369c8ad49c802d32d0ab9c7e343bdc4e13d8a63

SHA512
d1437fe1e459b7f84f40628b5d5c902ab9b7a86f517935f225a114dcc106ff9ebba82f5ef78fc249422a73a38ed7aefbacaefca31a613accd8c2a97c4754ca96

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS4E37830D\BlueStacksInstaller.exe

Filesize
604KB

MD5
8fb32dffe84b6282e1e67296c4380510

SHA1
7dc43dbb76df9c681b4c9e331c0f1377505104bf

SHA256
c4fa55342169789e601314813369c8ad49c802d32d0ab9c7e343bdc4e13d8a63

SHA512
d1437fe1e459b7f84f40628b5d5c902ab9b7a86f517935f225a114dcc106ff9ebba82f5ef78fc249422a73a38ed7aefbacaefca31a613accd8c2a97c4754ca96

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS4E37830D\BlueStacksInstaller.exe

Filesize
604KB

MD5
8fb32dffe84b6282e1e67296c4380510

SHA1
7dc43dbb76df9c681b4c9e331c0f1377505104bf

SHA256
c4fa55342169789e601314813369c8ad49c802d32d0ab9c7e343bdc4e13d8a63

SHA512
d1437fe1e459b7f84f40628b5d5c902ab9b7a86f517935f225a114dcc106ff9ebba82f5ef78fc249422a73a38ed7aefbacaefca31a613accd8c2a97c4754ca96

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS4E37830D\BlueStacksInstaller.exe.config

Filesize
324B

MD5
1b456d88546e29f4f007cd0bf1025703

SHA1
e5c444fcfe5baf2ef71c1813afc3f2c1100cab86

SHA256
d6d316584b63bb0d670a42f88b8f84e0de0db4275f1a342084dc383ebeb278eb

SHA512
c545e416c841b8786e4589fc9ca2b732b16cdd759813ec03f558332f2436f165ec1ad2fbc65012b5709fa19ff1e8396639c17bfad150cabeb51328a39ea556e6

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS4E37830D\HD-CheckCpu.exe

Filesize
200KB

MD5
81234fd9895897b8d1f5e6772a1b38d0

SHA1
80b2fec4a85ed90c4db2f09b63bd8f37038db0d3

SHA256
2e14887f3432b4a313442247fc669f891dbdad7ef1a2d371466a2afa88074a4c

SHA512
4c924d6524dc2c7d834bfc1a0d98b21753a7bf1e94b1c2c6650f755e6f265512d3a963bc7bc745351f79f547add57c37e29ba9270707edbf62b60df3a541bc16

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS4E37830D\HD-CheckCpu.exe

Filesize
200KB

MD5
81234fd9895897b8d1f5e6772a1b38d0

SHA1
80b2fec4a85ed90c4db2f09b63bd8f37038db0d3

SHA256
2e14887f3432b4a313442247fc669f891dbdad7ef1a2d371466a2afa88074a4c

SHA512
4c924d6524dc2c7d834bfc1a0d98b21753a7bf1e94b1c2c6650f755e6f265512d3a963bc7bc745351f79f547add57c37e29ba9270707edbf62b60df3a541bc16

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS4E37830D\HD-CheckCpu.exe

Filesize
200KB

MD5
81234fd9895897b8d1f5e6772a1b38d0

SHA1
80b2fec4a85ed90c4db2f09b63bd8f37038db0d3

SHA256
2e14887f3432b4a313442247fc669f891dbdad7ef1a2d371466a2afa88074a4c

SHA512
4c924d6524dc2c7d834bfc1a0d98b21753a7bf1e94b1c2c6650f755e6f265512d3a963bc7bc745351f79f547add57c37e29ba9270707edbf62b60df3a541bc16

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS4E37830D\JSON.dll

Filesize
411KB

MD5
f5fd966e29f5c359f78cb61a571d1be4

SHA1
a55e7ed593b4bc7a77586da0f1223cfd9d51a233

SHA256
d2c8d26f95f55431e632c8581154db7c19547b656380e051194a9d2583dd2156

SHA512
d99e6fe250bb106257f86135938635f6e7ad689b2c11a96bb274f4c4c5e9a85cfacba40122dbc953f77b5d33d886c6af30bff821f10945e15b21a24b66f6c8be

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS4E37830D\Locales\i18n.en-US.txt

Filesize
18KB

MD5
2e67781c074a702af42f2c2259a9e94d

SHA1
c40ec186835abd9e8cd1976b0005e57e17c672f2

SHA256
858f09be7e462198c0e77b2b84de544158789f53eff200be78eab70a6acadd1a

SHA512
4adbf7cb6f1621ed1d3904beaad55eb5229475c9007c7ba41720d9dcc9b3f63c849b9a5cd9aaf86c5a063693b80c1b39fdf41eb2b026f35cd15a5d92d5ce843a

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS4E37830D\ThemeFile

Filesize
80KB

MD5
c3e6bab4f92ee40b9453821136878993

SHA1
94493a6b3dfb3135e5775b7d3be227659856fbc4

SHA256
de1a2e6b560e036da5ea6b042e29e81a5bfcf67dde89670c332fc5199e811ba6

SHA512
a64b6b06b3a0f3591892b60e59699682700f4018b898efe55d6bd5fb417965a55027671c58092d1eb7e21c2dbac42bc68dfb8c70468d98bed45a8cff0e945895

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab49A1.tmp

Filesize
62KB

MD5
3ac860860707baaf32469fa7cc7c0192

SHA1
c33c2acdaba0e6fa41fd2f00f186804722477639

SHA256
d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

SHA512
d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar4AAD.tmp

Filesize
164KB

MD5
4ff65ad929cd9a367680e0e5b1c08166

SHA1
c0af0d4396bd1f15c45f39d3b849ba444233b3a2

SHA256
c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

SHA512
f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

Download Submit
\Users\Admin\AppData\Local\Temp\7zS4E37830D\BlueStacksInstaller.exe

Filesize
604KB

MD5
8fb32dffe84b6282e1e67296c4380510

SHA1
7dc43dbb76df9c681b4c9e331c0f1377505104bf

SHA256
c4fa55342169789e601314813369c8ad49c802d32d0ab9c7e343bdc4e13d8a63

SHA512
d1437fe1e459b7f84f40628b5d5c902ab9b7a86f517935f225a114dcc106ff9ebba82f5ef78fc249422a73a38ed7aefbacaefca31a613accd8c2a97c4754ca96

Download Submit
\Users\Admin\AppData\Local\Temp\7zS4E37830D\BlueStacksInstaller.exe

Filesize
604KB

MD5
8fb32dffe84b6282e1e67296c4380510

SHA1
7dc43dbb76df9c681b4c9e331c0f1377505104bf

SHA256
c4fa55342169789e601314813369c8ad49c802d32d0ab9c7e343bdc4e13d8a63

SHA512
d1437fe1e459b7f84f40628b5d5c902ab9b7a86f517935f225a114dcc106ff9ebba82f5ef78fc249422a73a38ed7aefbacaefca31a613accd8c2a97c4754ca96

Download Submit
\Users\Admin\AppData\Local\Temp\7zS4E37830D\BlueStacksInstaller.exe

Filesize
604KB

MD5
8fb32dffe84b6282e1e67296c4380510

SHA1
7dc43dbb76df9c681b4c9e331c0f1377505104bf

SHA256
c4fa55342169789e601314813369c8ad49c802d32d0ab9c7e343bdc4e13d8a63

SHA512
d1437fe1e459b7f84f40628b5d5c902ab9b7a86f517935f225a114dcc106ff9ebba82f5ef78fc249422a73a38ed7aefbacaefca31a613accd8c2a97c4754ca96

Download Submit
\Users\Admin\AppData\Local\Temp\7zS4E37830D\BlueStacksInstaller.exe

Filesize
604KB

MD5
8fb32dffe84b6282e1e67296c4380510

SHA1
7dc43dbb76df9c681b4c9e331c0f1377505104bf

SHA256
c4fa55342169789e601314813369c8ad49c802d32d0ab9c7e343bdc4e13d8a63

SHA512
d1437fe1e459b7f84f40628b5d5c902ab9b7a86f517935f225a114dcc106ff9ebba82f5ef78fc249422a73a38ed7aefbacaefca31a613accd8c2a97c4754ca96

Download Submit
memory/3008-175-0x000000001B040000-0x000000001B0C0000-memory.dmp

Filesize
512KB

Download
memory/3008-174-0x00000000002D0000-0x0000000000338000-memory.dmp

Filesize
416KB

Download
memory/3008-443-0x000000001B040000-0x000000001B0C0000-memory.dmp

Filesize
512KB

Download
memory/3008-447-0x00000000006A0000-0x00000000006AA000-memory.dmp

Filesize
40KB

Download
memory/3008-172-0x00000000011C0000-0x000000000125A000-memory.dmp

Filesize
616KB

Download
memory/3008-1104-0x000000001B040000-0x000000001B0C0000-memory.dmp

Filesize
512KB

Download
memory/3008-454-0x000000001A7F0000-0x000000001A7F1000-memory.dmp

Filesize
4KB

Download
memory/3008-1215-0x000000001B040000-0x000000001B0C0000-memory.dmp

Filesize
512KB

Download