1abb0ea2f56ac08bc5e78449e9526f9ed0b3fba021ded9946ddbf9ddc82ba2d7 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

1

BlueStacks...E1.exe

windows7-x64

4

BlueStacks...E1.exe

windows10-2004-x64

8

Sharing

General

Target

BlueStacksInstaller_5.13.0.1075_native_3bfa08e0441173a8522e8228f8631535_MzsxNSwwOzUsMTsxNSw0OzE1.exe
Size

899KB
Sample

230831-e1zebace71
MD5

aec913a97e40ebe42695e5dca2e52d43
SHA1

e2cbd829fa8d5f8ae6652b1594d7125ba910a72b
SHA256

1abb0ea2f56ac08bc5e78449e9526f9ed0b3fba021ded9946ddbf9ddc82ba2d7
SHA512

ac71ea6e4209f299e41b8d2d169108b2bd38f70156b0e78da7e8aa107c3953edb9d925f1c165f828b3e3f08059a50917316240aa940c1673e8e55ac75a7db09a
SSDEEP

12288:mivtCXQd0gjKX7zuqGKEFGPDy1xrqNFpMUF/QIwE3v7+DNOcAOYi7rhWvinZ2Hg:mivtCXWeGKEFGXFmUFRzLDCWqEg

Score

8^/10

discovery evasion

Static task

static1

Behavioral task

behavioral1

Sample

BlueStacksInstaller_5.13.0.1075_native_3bfa08e0441173a8522e8228f8631535_MzsxNSwwOzUsMTsxNSw0OzE1.exe

Resource

win7-20230712-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

BlueStacksInstaller_5.13.0.1075_native_3bfa08e0441173a8522e8228f8631535_MzsxNSwwOzUsMTsxNSw0OzE1.exe

Resource

win10v2004-20230703-en

discovery evasion

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  BlueStacksInstaller_5.13.0.1075_native_3bfa08e0441173a8522e8228f8631535_MzsxNSwwOzUsMTsxNSw0OzE1.exe
- Size
  
  899KB
- MD5
  
  aec913a97e40ebe42695e5dca2e52d43
- SHA1
  
  e2cbd829fa8d5f8ae6652b1594d7125ba910a72b
- SHA256
  
  1abb0ea2f56ac08bc5e78449e9526f9ed0b3fba021ded9946ddbf9ddc82ba2d7
- SHA512
  
  ac71ea6e4209f299e41b8d2d169108b2bd38f70156b0e78da7e8aa107c3953edb9d925f1c165f828b3e3f08059a50917316240aa940c1673e8e55ac75a7db09a
- SSDEEP
  
  12288:mivtCXQd0gjKX7zuqGKEFGPDy1xrqNFpMUF/QIwE3v7+DNOcAOYi7rhWvinZ2Hg:mivtCXWeGKEFGXFmUFRzLDCWqEg
Score

8^/10

discovery evasion
- Downloads MZ/PE file
- Modifies Windows Firewall
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Credential Access

Discovery

Process Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryevasion

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.