328cc1ada1bc88ecf8ffa10525069123ac5b027121326fc51aaf6798f09636c5

Resubmissions

10/07/2023, 07:24

230710-h8s42shb68 8

10/07/2023, 07:18

230710-h5fdsahb56 8

10/07/2023, 07:14

230710-h2x5eshb49 8

Analysis

max time kernel
28s
max time network
142s
platform
windows7_x64
resource
win7-20230703-en
resource tags

arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system
submitted
10/07/2023, 07:24

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

BlueStacksInstaller_5.12.105.1006_native_e873a0c9e8bece18687d4057ffbcafc9_MDs1.exe
Size

897KB
MD5

f7e5464eb87a09f9831e5154512004b6
SHA1

04a35bfd2bd2dd96da428df3de78d5d22fe30271
SHA256

328cc1ada1bc88ecf8ffa10525069123ac5b027121326fc51aaf6798f09636c5
SHA512

500795616e448b34b3d608d4dd897a35891eda5f85d3ce189d7a58245a903ef177a81ee01e7a35052504fb5d3bc8a7935ecf20a6e2f453f72f1567b3b0e158d5
SSDEEP

12288:GivtCXQd0gjKX7zuqGKhFGPDy1xBVG2xsvNdeuCad2YteFph8iMeKMD7pY4JqG76:GivtCXWeGKhFGCG2xs6eQGGpTlNbJq6i

Score

4^/10

Malware Config

Signatures

Executes dropped EXE 3 IoCs

pid	Process
2124	BlueStacksInstaller.exe
2172	HD-CheckCpu.exe
2232	HD-CheckCpu.exe

Loads dropped DLL 4 IoCs

pid	Process
1204	BlueStacksInstaller_5.12.105.1006_native_e873a0c9e8bece18687d4057ffbcafc9_MDs1.exe
1204	BlueStacksInstaller_5.12.105.1006_native_e873a0c9e8bece18687d4057ffbcafc9_MDs1.exe
1204	BlueStacksInstaller_5.12.105.1006_native_e873a0c9e8bece18687d4057ffbcafc9_MDs1.exe
1204	BlueStacksInstaller_5.12.105.1006_native_e873a0c9e8bece18687d4057ffbcafc9_MDs1.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Suspicious behavior: EnumeratesProcesses 5 IoCs

pid	Process
2124	BlueStacksInstaller.exe
2124	BlueStacksInstaller.exe
2124	BlueStacksInstaller.exe
2124	BlueStacksInstaller.exe
2124	BlueStacksInstaller.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	2124	BlueStacksInstaller.exe

Suspicious use of WriteProcessMemory 12 IoCs

description	pid	Process	procid_target
PID 1204 wrote to memory of 2124	1204	BlueStacksInstaller_5.12.105.1006_native_e873a0c9e8bece18687d4057ffbcafc9_MDs1.exe	29
PID 1204 wrote to memory of 2124	1204	BlueStacksInstaller_5.12.105.1006_native_e873a0c9e8bece18687d4057ffbcafc9_MDs1.exe	29
PID 1204 wrote to memory of 2124	1204	BlueStacksInstaller_5.12.105.1006_native_e873a0c9e8bece18687d4057ffbcafc9_MDs1.exe	29
PID 1204 wrote to memory of 2124	1204	BlueStacksInstaller_5.12.105.1006_native_e873a0c9e8bece18687d4057ffbcafc9_MDs1.exe	29
PID 2124 wrote to memory of 2172	2124	BlueStacksInstaller.exe	30
PID 2124 wrote to memory of 2172	2124	BlueStacksInstaller.exe	30
PID 2124 wrote to memory of 2172	2124	BlueStacksInstaller.exe	30
PID 2124 wrote to memory of 2172	2124	BlueStacksInstaller.exe	30
PID 2124 wrote to memory of 2232	2124	BlueStacksInstaller.exe	32
PID 2124 wrote to memory of 2232	2124	BlueStacksInstaller.exe	32
PID 2124 wrote to memory of 2232	2124	BlueStacksInstaller.exe	32
PID 2124 wrote to memory of 2232	2124	BlueStacksInstaller.exe	32

C:\Users\Admin\AppData\Local\Temp\BlueStacksInstaller_5.12.105.1006_native_e873a0c9e8bece18687d4057ffbcafc9_MDs1.exe
"C:\Users\Admin\AppData\Local\Temp\BlueStacksInstaller_5.12.105.1006_native_e873a0c9e8bece18687d4057ffbcafc9_MDs1.exe"
1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:1204
- C:\Users\Admin\AppData\Local\Temp\7zS4B44E10D\BlueStacksInstaller.exe
  "C:\Users\Admin\AppData\Local\Temp\7zS4B44E10D\BlueStacksInstaller.exe"
  2⤵
  - Executes dropped EXE
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of WriteProcessMemory
  PID:2124
- - C:\Users\Admin\AppData\Local\Temp\7zS4B44E10D\HD-CheckCpu.exe
    "C:\Users\Admin\AppData\Local\Temp\7zS4B44E10D\HD-CheckCpu.exe" --cmd checkHypervEnabled
    3⤵
    - Executes dropped EXE
    PID:2172
- - C:\Users\Admin\AppData\Local\Temp\7zS4B44E10D\HD-CheckCpu.exe
    "C:\Users\Admin\AppData\Local\Temp\7zS4B44E10D\HD-CheckCpu.exe" --cmd checkSSE4
    3⤵
    - Executes dropped EXE
    PID:2232

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
a740c742761e06b46324b574aa1539bb

SHA1
d031cfe5de4a13d9783a2d30e2c0f83c1e49163a

SHA256
3c55228a514af264d7a69489ccf69b5c4d6c39891c6e70fef2be1e45ca377c6b

SHA512
f5df518f089f7d65f2226c9325f36465e77a5d2c85080877807b63d9069343ba8a6c6b4bf4054d76b1b23abd47b44d76521381137f209a7496c8b7cd04a6970b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
b7531f6526b6bbbf792c4519ad441570

SHA1
97711de60ecfa3074d21ac0a303442fc47b2baf5

SHA256
448c3d4a9553dc908b46be39fe8c1d490c6e822a98cf18d041f4f0e573dc67ae

SHA512
48994687e2273aa4e6c5bf0abbdf10031ef433ea586721b013f97dc80f8b9928543d24ea5b19bf70d2108344e6a31180e9f785e037def571ced2e69bd89e57f2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
45f8160021e34f9627fd854ff92083a0

SHA1
3907a268216dc99f04be8ad9c7cebcf130768dd2

SHA256
4ce000282673c62a9721d5996a196affe7daa177af564533365cbfa120e169b5

SHA512
7ecca3fbc6d5aa7382aeda45e3a2483eca488c71896f6400a86e546857e1aaa46760d3b834f727911348fff24023a693d24913232be4a38d0fdeeba79eeebf7b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
38758b8c8ecfd121ee57dec195637b49

SHA1
82af466a1030ccac946fe80f6bfdbfc79d2d51d3

SHA256
df11c89148c29e32328a24957e2617f07915d004cba2cbc32c4f6d408f0e9e14

SHA512
7dbed5d93e6e4a01d20023498ca1bc6c6f825f8c3a422d190d3abd9f82ba34eba1fdb86016ba481e80eb128362031d929542a28df1f04d2e4996697f4a2148e5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
1851b75d7ec3a1d62c942e9aeaadb578

SHA1
40f7cd5c1916490e4f40ed928e2eee48b2bdc7da

SHA256
484cbd3ad7ed2d6ed04585b27f3c0f47bcad2b3adc8f02edb4d225706eb714a4

SHA512
84de4ea839f457a6fd1285a5510bd662c275ca923156cb2ca40a015d1dab3585755f836e0b7b5f4c6e51ebda52b836f10a90bb8026ebde17771fe2b907695944

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
191b4d26d1a75943206ed89bff1b2bb8

SHA1
41bf2534c6f01a44c4b73c7f71f6cf27452f3a9a

SHA256
5e979c7115db9fab33d075079a48cc7ebdb96c8f2ba193154149c200834be19c

SHA512
a42a3a13a655805a5f1c08555c1312c7a2aaeaf20c24871dbc525ea85bcbfb71a37cd374afd7283e14a7edb0c6910b810859f50b0be072a90af95729d63b9856

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
fbbbd0f92d799e4a66946008745f196b

SHA1
3ff812475e45ccb2e040873caa4a4e2e7eb72df4

SHA256
51b16388d7e793a1f32521e1027bb7b4ccd91817c4f3fdf2b07389e16669f38d

SHA512
bebe2f8b4b2f021865505b4206dff277075c7f3793e761a1481132ea44d76f482eb2fb584818b7c950c5a3648f03c57c04df1cd7507d7c5ef916adb810f8ea1a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
2b0dff2517c19d5639a5a094b5f8e8c4

SHA1
f46fc1e60f7b9090b42c94a737d18dc20108702a

SHA256
e568a0aafc6bad4e4bd461f2f14d2b7c855e61c7e9f7d9c4960331f84063f1d8

SHA512
b31caa80728a9ee3b1776e9fc21dbef2e523ce3c57d6c66239917efff1c49320455ebd9da87888e13ec6e45b5b951a7240def3cfeacbe4a127c0f088507a1de5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ca10ed75bcee85704b7a91be5e2b4fa1

SHA1
cf07c2ee26ac56e358c4ae41b4adce692011d3f7

SHA256
6704ccbdbce781633a5c8d5b194e4fc6fe8b371cd8d23a55c4d8276c6acde177

SHA512
572ce74a038b0610fc5b269ced3eeb0e054bcc10f4c59f86ece90213ff588e84585ac7f4c4407a910f94d2518888a42217529b48cb779ec51dcbb88f288cfc26

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
efbfd94d3ee194e5f67f44338f0bbbde

SHA1
33847a59eb84880141b069b5fd5898f0b111ab6c

SHA256
5bbffe926cc52b7649efa679ecbb24a3b394cd18a0cd50a34231506afa8b0fc0

SHA512
2e510e295bb01275c6a35a4f03ebb255659a045c22cc3d99d9bf8900821ccd7dbc52c504799c1bf18a102beb59aa4bf86af444db721fb95597944c4caa4e219a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
daf8a2d1cce1a44eb75f810e049581ff

SHA1
d4f78be0fc75b6500126c2a284da66817fc4df78

SHA256
aaff58f4efcd5022a9f15ba84782e2d6a9b5f1e38a308adb12f3b8bbcc8689bf

SHA512
2940443194998496c08c9fe6580b930a4544f5c740c644e303fc20fa2bd79d24e38248e7b0a1b65fc430d8d3e0f56e758c08376f3b1e1aad7d73e32851ae8920

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
2e54c2040da408c9786964c1f44dc9b4

SHA1
d882acc951a1864deea5f1a5b9bc50f6919c0e48

SHA256
1c8ba6dea745b8664867545ec4fa03c39a09644dab7b8cf64ff02e60df50d7a8

SHA512
f5bde8dc9347eaeaea9efcf525497048b68717836cb624b2559ba8a8190332707e0495a9f02459a34ea417be7dce2aaf47b9ffe6fbaa32392393d31d033788d0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
64c36c97bc8bf01557a57b09dbfe6458

SHA1
57fa4f4b32f078831aa237bcc241d911ba78d6f7

SHA256
5eb3c02ee09b5813574d72e89ab363b32450170f76190f47aa24e87619665661

SHA512
186ed95538c658430223514810729042dc339e31f63fdd27a74b3a6c826e03049ecc059ac6d57b37915638f35452e3a3c44ec6e5ceaf1b2bf00178784900f132

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
a01401b2ebdcec14aafe994b32271fd9

SHA1
9cca874ba3bcf886df1f9d71141a2240333b24c5

SHA256
5159f87eb680174db2520d524c5158579ed57dc189b1efb287534b1510b1f8f1

SHA512
a59ea1f0c8df555dd350b8e7c0dda2416d309bbf0df96771968f632ec12483e32e090445a0458efd10e897f035e6ec7edb52d7de6776a938988565f491da2608

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
52e18b4ff672cbb9778c300082dd40d9

SHA1
4521383542998d504503f4dd5958c8094b490c67

SHA256
32698ec15ea3d42c84cce7ddb7dc0aa3b28e3111f6bbd1a9fae6b0f7ff674814

SHA512
0b3417b9f5d2c588d3e1f00e5a896f89e28bc2d9dfe36610d8a165ea31a363594281877127915cf3882beb98286c3863ea22e35ef1c70bbba4701ccc8fceedf1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
8534b567960d08afdb595a057470554b

SHA1
060a648057aeb73e180163a29c8f7a069c64534f

SHA256
2f62797c0b3398c67a353f445c11d352dbbaee73f174d8ae4d7f40b16cdb9193

SHA512
69acc25cd2493ea9147806ba8d5db7445a6c5c8f210fd8623191f9a75ca96861f9be48f552f626480f46998c16b384415d3937b88d287b59c918f28624161807

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
eed4f4731bbadbba517fff651ed5d325

SHA1
5a5b0ad1cb5809ce9f680f34967233d3b7af7dff

SHA256
c61d901555213665e7387ba3033e713061dfbeeead909b208cd7d9255246c54d

SHA512
410a8bc0df82e4a05b54551bb8ffe77e00ef4d3f483a9a0029adc6a1396f48648d6ef037dbb077a28e29059b7f8efd16e405d0da783b5672b6c9fabbd299c545

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
9eea99fa2794baac94d70bf1a56c7ad8

SHA1
a096b75eb6d6aa575e4173ed334f314dd4840ac4

SHA256
fffbc83726deb65213f0a3c71e856579ffb309889038f2a49584d00a3e580193

SHA512
599fa58a5fcb68cff1126bf49b9861ab2ae361cd9ea1aa5e2789c6685392ab69d60076958d1a4618f0e5cf960a79265e20f459c582013107a811167ecf9d2f66

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS4B44E10D\Assets\exit_close.png

Filesize
670B

MD5
26eb04b9e0105a7b121ea9c6601bbf2a

SHA1
efc08370d90c8173df8d8c4b122d2bb64c07ccd8

SHA256
7aaef329ba9fa052791d1a09f127551289641ea743baba171de55faa30ec1157

SHA512
9df3c723314d11a6b4ce0577eb61488061f2f96a9746a944eb6a4ee8c0c4d29131231a1b20988ef5454b79f9475b43d62c710839ecc0a9c98324f977cab6db68

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS4B44E10D\Assets\loader.png

Filesize
279B

MD5
03903fd42ed2ee3cb014f0f3b410bcb4

SHA1
762a95240607fe8a304867a46bc2d677f494f5c2

SHA256
076263cc65f9824f4f82eb6beaa594d1df90218a2ee21664cf209181557e04b1

SHA512
8b0e717268590e5287c07598a06d89220c5e9a33cd1c29c55f8720321f4b3efc869d20c61fcc892e13188d77f0fdc4c73a2ee6dece174bf876fcc3a6c5683857

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS4B44E10D\Assets\minimize_progress.png

Filesize
212B

MD5
1504b80f2a6f2d3fefc305da54a2a6c2

SHA1
432a9d89ebc2f693836d3c2f0743ea5d2077848d

SHA256
2f62d4e8c643051093f907058dddc78cc525147d9c4f4a0d78b4d0e5c90979f6

SHA512
675db04baf3199c8d94af30a1f1c252830a56a90f633c3a72aa9841738b04242902a5e7c56dd792626338e8b7eabc1f359514bb3a2e62bc36c16919e196cfd94

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS4B44E10D\BlueStacksInstaller.exe

Filesize
604KB

MD5
8fb32dffe84b6282e1e67296c4380510

SHA1
7dc43dbb76df9c681b4c9e331c0f1377505104bf

SHA256
c4fa55342169789e601314813369c8ad49c802d32d0ab9c7e343bdc4e13d8a63

SHA512
d1437fe1e459b7f84f40628b5d5c902ab9b7a86f517935f225a114dcc106ff9ebba82f5ef78fc249422a73a38ed7aefbacaefca31a613accd8c2a97c4754ca96

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS4B44E10D\BlueStacksInstaller.exe

Filesize
604KB

MD5
8fb32dffe84b6282e1e67296c4380510

SHA1
7dc43dbb76df9c681b4c9e331c0f1377505104bf

SHA256
c4fa55342169789e601314813369c8ad49c802d32d0ab9c7e343bdc4e13d8a63

SHA512
d1437fe1e459b7f84f40628b5d5c902ab9b7a86f517935f225a114dcc106ff9ebba82f5ef78fc249422a73a38ed7aefbacaefca31a613accd8c2a97c4754ca96

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS4B44E10D\BlueStacksInstaller.exe

Filesize
604KB

MD5
8fb32dffe84b6282e1e67296c4380510

SHA1
7dc43dbb76df9c681b4c9e331c0f1377505104bf

SHA256
c4fa55342169789e601314813369c8ad49c802d32d0ab9c7e343bdc4e13d8a63

SHA512
d1437fe1e459b7f84f40628b5d5c902ab9b7a86f517935f225a114dcc106ff9ebba82f5ef78fc249422a73a38ed7aefbacaefca31a613accd8c2a97c4754ca96

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS4B44E10D\BlueStacksInstaller.exe.config

Filesize
324B

MD5
1b456d88546e29f4f007cd0bf1025703

SHA1
e5c444fcfe5baf2ef71c1813afc3f2c1100cab86

SHA256
d6d316584b63bb0d670a42f88b8f84e0de0db4275f1a342084dc383ebeb278eb

SHA512
c545e416c841b8786e4589fc9ca2b732b16cdd759813ec03f558332f2436f165ec1ad2fbc65012b5709fa19ff1e8396639c17bfad150cabeb51328a39ea556e6

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS4B44E10D\HD-CheckCpu.exe

Filesize
200KB

MD5
81234fd9895897b8d1f5e6772a1b38d0

SHA1
80b2fec4a85ed90c4db2f09b63bd8f37038db0d3

SHA256
2e14887f3432b4a313442247fc669f891dbdad7ef1a2d371466a2afa88074a4c

SHA512
4c924d6524dc2c7d834bfc1a0d98b21753a7bf1e94b1c2c6650f755e6f265512d3a963bc7bc745351f79f547add57c37e29ba9270707edbf62b60df3a541bc16

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS4B44E10D\HD-CheckCpu.exe

Filesize
200KB

MD5
81234fd9895897b8d1f5e6772a1b38d0

SHA1
80b2fec4a85ed90c4db2f09b63bd8f37038db0d3

SHA256
2e14887f3432b4a313442247fc669f891dbdad7ef1a2d371466a2afa88074a4c

SHA512
4c924d6524dc2c7d834bfc1a0d98b21753a7bf1e94b1c2c6650f755e6f265512d3a963bc7bc745351f79f547add57c37e29ba9270707edbf62b60df3a541bc16

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS4B44E10D\HD-CheckCpu.exe

Filesize
200KB

MD5
81234fd9895897b8d1f5e6772a1b38d0

SHA1
80b2fec4a85ed90c4db2f09b63bd8f37038db0d3

SHA256
2e14887f3432b4a313442247fc669f891dbdad7ef1a2d371466a2afa88074a4c

SHA512
4c924d6524dc2c7d834bfc1a0d98b21753a7bf1e94b1c2c6650f755e6f265512d3a963bc7bc745351f79f547add57c37e29ba9270707edbf62b60df3a541bc16

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS4B44E10D\JSON.dll

Filesize
411KB

MD5
f5fd966e29f5c359f78cb61a571d1be4

SHA1
a55e7ed593b4bc7a77586da0f1223cfd9d51a233

SHA256
d2c8d26f95f55431e632c8581154db7c19547b656380e051194a9d2583dd2156

SHA512
d99e6fe250bb106257f86135938635f6e7ad689b2c11a96bb274f4c4c5e9a85cfacba40122dbc953f77b5d33d886c6af30bff821f10945e15b21a24b66f6c8be

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS4B44E10D\Locales\i18n.en-US.txt

Filesize
18KB

MD5
2e67781c074a702af42f2c2259a9e94d

SHA1
c40ec186835abd9e8cd1976b0005e57e17c672f2

SHA256
858f09be7e462198c0e77b2b84de544158789f53eff200be78eab70a6acadd1a

SHA512
4adbf7cb6f1621ed1d3904beaad55eb5229475c9007c7ba41720d9dcc9b3f63c849b9a5cd9aaf86c5a063693b80c1b39fdf41eb2b026f35cd15a5d92d5ce843a

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS4B44E10D\ThemeFile

Filesize
80KB

MD5
c3e6bab4f92ee40b9453821136878993

SHA1
94493a6b3dfb3135e5775b7d3be227659856fbc4

SHA256
de1a2e6b560e036da5ea6b042e29e81a5bfcf67dde89670c332fc5199e811ba6

SHA512
a64b6b06b3a0f3591892b60e59699682700f4018b898efe55d6bd5fb417965a55027671c58092d1eb7e21c2dbac42bc68dfb8c70468d98bed45a8cff0e945895

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab4260.tmp

Filesize
62KB

MD5
3ac860860707baaf32469fa7cc7c0192

SHA1
c33c2acdaba0e6fa41fd2f00f186804722477639

SHA256
d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

SHA512
d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar42D0.tmp

Filesize
164KB

MD5
4ff65ad929cd9a367680e0e5b1c08166

SHA1
c0af0d4396bd1f15c45f39d3b849ba444233b3a2

SHA256
c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

SHA512
f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

Download Submit
\Users\Admin\AppData\Local\Temp\7zS4B44E10D\BlueStacksInstaller.exe

Filesize
604KB

MD5
8fb32dffe84b6282e1e67296c4380510

SHA1
7dc43dbb76df9c681b4c9e331c0f1377505104bf

SHA256
c4fa55342169789e601314813369c8ad49c802d32d0ab9c7e343bdc4e13d8a63

SHA512
d1437fe1e459b7f84f40628b5d5c902ab9b7a86f517935f225a114dcc106ff9ebba82f5ef78fc249422a73a38ed7aefbacaefca31a613accd8c2a97c4754ca96

Download Submit
\Users\Admin\AppData\Local\Temp\7zS4B44E10D\BlueStacksInstaller.exe

Filesize
604KB

MD5
8fb32dffe84b6282e1e67296c4380510

SHA1
7dc43dbb76df9c681b4c9e331c0f1377505104bf

SHA256
c4fa55342169789e601314813369c8ad49c802d32d0ab9c7e343bdc4e13d8a63

SHA512
d1437fe1e459b7f84f40628b5d5c902ab9b7a86f517935f225a114dcc106ff9ebba82f5ef78fc249422a73a38ed7aefbacaefca31a613accd8c2a97c4754ca96

Download Submit
\Users\Admin\AppData\Local\Temp\7zS4B44E10D\BlueStacksInstaller.exe

Filesize
604KB

MD5
8fb32dffe84b6282e1e67296c4380510

SHA1
7dc43dbb76df9c681b4c9e331c0f1377505104bf

SHA256
c4fa55342169789e601314813369c8ad49c802d32d0ab9c7e343bdc4e13d8a63

SHA512
d1437fe1e459b7f84f40628b5d5c902ab9b7a86f517935f225a114dcc106ff9ebba82f5ef78fc249422a73a38ed7aefbacaefca31a613accd8c2a97c4754ca96

Download Submit
\Users\Admin\AppData\Local\Temp\7zS4B44E10D\BlueStacksInstaller.exe

Filesize
604KB

MD5
8fb32dffe84b6282e1e67296c4380510

SHA1
7dc43dbb76df9c681b4c9e331c0f1377505104bf

SHA256
c4fa55342169789e601314813369c8ad49c802d32d0ab9c7e343bdc4e13d8a63

SHA512
d1437fe1e459b7f84f40628b5d5c902ab9b7a86f517935f225a114dcc106ff9ebba82f5ef78fc249422a73a38ed7aefbacaefca31a613accd8c2a97c4754ca96

Download Submit
memory/2124-174-0x0000000000250000-0x00000000002B8000-memory.dmp

Filesize
416KB

Download
memory/2124-718-0x00000000022D0000-0x00000000022D1000-memory.dmp

Filesize
4KB

Download
memory/2124-450-0x00000000004B0000-0x00000000004BA000-memory.dmp

Filesize
40KB

Download
memory/2124-441-0x000000001B0C0000-0x000000001B140000-memory.dmp

Filesize
512KB

Download
memory/2124-1158-0x000000001B0C0000-0x000000001B140000-memory.dmp

Filesize
512KB

Download
memory/2124-172-0x0000000000C60000-0x0000000000CFA000-memory.dmp

Filesize
616KB

Download
memory/2124-175-0x000000001B0C0000-0x000000001B140000-memory.dmp

Filesize
512KB

Download
memory/2124-1215-0x000000001B0C0000-0x000000001B140000-memory.dmp

Filesize
512KB

Download