1abb0ea2f56ac08bc5e78449e9526f9ed0b3fba021ded9946ddbf9ddc82ba2d7

Analysis

max time kernel
119s
max time network
140s
platform
windows7_x64
resource
win7-20230712-en
resource tags

arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
submitted
31-08-2023 04:25

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

BlueStacksInstaller_5.13.0.1075_native_3bfa08e0441173a8522e8228f8631535_MzsxNSwwOzUsMTsxNSw0OzE1.exe
Size

899KB
MD5

aec913a97e40ebe42695e5dca2e52d43
SHA1

e2cbd829fa8d5f8ae6652b1594d7125ba910a72b
SHA256

1abb0ea2f56ac08bc5e78449e9526f9ed0b3fba021ded9946ddbf9ddc82ba2d7
SHA512

ac71ea6e4209f299e41b8d2d169108b2bd38f70156b0e78da7e8aa107c3953edb9d925f1c165f828b3e3f08059a50917316240aa940c1673e8e55ac75a7db09a
SSDEEP

12288:mivtCXQd0gjKX7zuqGKEFGPDy1xrqNFpMUF/QIwE3v7+DNOcAOYi7rhWvinZ2Hg:mivtCXWeGKEFGXFmUFRzLDCWqEg

Score

4^/10

Malware Config

Signatures

Executes dropped EXE 3 IoCs

pid	Process
2680	BlueStacksInstaller.exe
1732	HD-CheckCpu.exe
2920	HD-CheckCpu.exe

Loads dropped DLL 4 IoCs

pid	Process
2012	BlueStacksInstaller_5.13.0.1075_native_3bfa08e0441173a8522e8228f8631535_MzsxNSwwOzUsMTsxNSw0OzE1.exe
2012	BlueStacksInstaller_5.13.0.1075_native_3bfa08e0441173a8522e8228f8631535_MzsxNSwwOzUsMTsxNSw0OzE1.exe
2012	BlueStacksInstaller_5.13.0.1075_native_3bfa08e0441173a8522e8228f8631535_MzsxNSwwOzUsMTsxNSw0OzE1.exe
2012	BlueStacksInstaller_5.13.0.1075_native_3bfa08e0441173a8522e8228f8631535_MzsxNSwwOzUsMTsxNSw0OzE1.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Suspicious behavior: EnumeratesProcesses 5 IoCs

pid	Process
2680	BlueStacksInstaller.exe
2680	BlueStacksInstaller.exe
2680	BlueStacksInstaller.exe
2680	BlueStacksInstaller.exe
2680	BlueStacksInstaller.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	2680	BlueStacksInstaller.exe

Suspicious use of WriteProcessMemory 12 IoCs

description	pid	Process	procid_target
PID 2012 wrote to memory of 2680	2012	BlueStacksInstaller_5.13.0.1075_native_3bfa08e0441173a8522e8228f8631535_MzsxNSwwOzUsMTsxNSw0OzE1.exe	28
PID 2012 wrote to memory of 2680	2012	BlueStacksInstaller_5.13.0.1075_native_3bfa08e0441173a8522e8228f8631535_MzsxNSwwOzUsMTsxNSw0OzE1.exe	28
PID 2012 wrote to memory of 2680	2012	BlueStacksInstaller_5.13.0.1075_native_3bfa08e0441173a8522e8228f8631535_MzsxNSwwOzUsMTsxNSw0OzE1.exe	28
PID 2012 wrote to memory of 2680	2012	BlueStacksInstaller_5.13.0.1075_native_3bfa08e0441173a8522e8228f8631535_MzsxNSwwOzUsMTsxNSw0OzE1.exe	28
PID 2680 wrote to memory of 1732	2680	BlueStacksInstaller.exe	29
PID 2680 wrote to memory of 1732	2680	BlueStacksInstaller.exe	29
PID 2680 wrote to memory of 1732	2680	BlueStacksInstaller.exe	29
PID 2680 wrote to memory of 1732	2680	BlueStacksInstaller.exe	29
PID 2680 wrote to memory of 2920	2680	BlueStacksInstaller.exe	32
PID 2680 wrote to memory of 2920	2680	BlueStacksInstaller.exe	32
PID 2680 wrote to memory of 2920	2680	BlueStacksInstaller.exe	32
PID 2680 wrote to memory of 2920	2680	BlueStacksInstaller.exe	32

C:\Users\Admin\AppData\Local\Temp\BlueStacksInstaller_5.13.0.1075_native_3bfa08e0441173a8522e8228f8631535_MzsxNSwwOzUsMTsxNSw0OzE1.exe
"C:\Users\Admin\AppData\Local\Temp\BlueStacksInstaller_5.13.0.1075_native_3bfa08e0441173a8522e8228f8631535_MzsxNSwwOzUsMTsxNSw0OzE1.exe"
1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:2012
- C:\Users\Admin\AppData\Local\Temp\7zSCD7A2856\BlueStacksInstaller.exe
  "C:\Users\Admin\AppData\Local\Temp\7zSCD7A2856\BlueStacksInstaller.exe"
  2⤵
  - Executes dropped EXE
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of WriteProcessMemory
  PID:2680
- - C:\Users\Admin\AppData\Local\Temp\7zSCD7A2856\HD-CheckCpu.exe
    "C:\Users\Admin\AppData\Local\Temp\7zSCD7A2856\HD-CheckCpu.exe" --cmd checkHypervEnabled
    3⤵
    - Executes dropped EXE
    PID:1732
- - C:\Users\Admin\AppData\Local\Temp\7zSCD7A2856\HD-CheckCpu.exe
    "C:\Users\Admin\AppData\Local\Temp\7zSCD7A2856\HD-CheckCpu.exe" --cmd checkSSE4
    3⤵
    - Executes dropped EXE
    PID:2920

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

Filesize
61KB

MD5
f3441b8572aae8801c04f3060b550443

SHA1
4ef0a35436125d6821831ef36c28ffaf196cda15

SHA256
6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

SHA512
5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
56321b380b89d6158f5d891d4f3b5718

SHA1
cce5586dafba19eb6b875fd1ec02789ec0a979b5

SHA256
048938d3d3913732bbc6b1343a2a53ae33c3d80b37bbf83c40a48df536ff81fa

SHA512
c5638da7277282b4e897b9b37e1ca9599d0ed927629e91657f765708434908bdcbc6f6d64608f1355a24dbd33cb3442bbc3f8a540d5a49a31ebf828fb61147ea

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
1ba90db1c78200630909ab983fcab4aa

SHA1
0aef0d92894bdece71aab45060cddb9f126167bf

SHA256
61892cda7c76f90a4abc977b0f4c4c34c350a0e49f4ca4ad6c582868367dc338

SHA512
2fe3c456d3432ad484dd9dc1c2fc3b4dc1f74720191fae1d59429dfd8b2c2f080f5f59133b5ad6dd7080f786d7f1a3c261b1a2f216a6ca38413b4767fc4ebe27

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
8b05ba71c843f25810fd10168f4854be

SHA1
2c1a40647e1ada086b659caea2b647b4238575d6

SHA256
c089649fb975e739c342f7f160b03b0cfd4d564050305128c49d3e5c5c50b6c5

SHA512
4c9b0da9d3710307d29712294a8e5c0f709e7e0cd353ba997aa15ad597569b224013875694422875a8e2c439c56e300e53f6c9ae8e663590aed8b635ecfcd1f7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
2655bd02a0b68dbf9893845ec622f854

SHA1
b97c1351c39a9792dd80eaff20ae9f09ceaf050d

SHA256
a05ffaa10209b9cae7feec655b0efb5aabe460ada8d4361a5b2326165889416c

SHA512
61b1cad26fcafe3657076fc9cec22184488f20285c325592dbfc4d18925051b99f33fb418c0a11e07d65b4312678026e77561be51c60e88ac33ddec18b9e1f8b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
eba53d5bcf62364f02aa2ed4d8791785

SHA1
2ff14f464cca2737fc1b8d565ec7fd771cb29797

SHA256
c7947451c33c6b5d7fd21f36cd832c5333e860aff0cbf80f1d52224b92648cc6

SHA512
472aef545cbe8296faa0a4d434b55ae147b084e398f9ed68116a8f657e5dacf9cd89305e6062e4ec39c1c9264d4c4c37f03d809335ad0934c0e01fca3cad1f48

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
63f0deccc9837fc930c9c8aec1fca5fb

SHA1
74396dcb55f52156f6d8369b89d48c60ad0142b1

SHA256
450561692f79d8004ece9e1f7dc3f5fd88c3bdf5bc29009bd74df127c5d26805

SHA512
b060e20f4f18e73ad5bc35cfaff100562fbbe59e6cf00cceb36958aee33c66cc6363bf09fd93f202eb40b67512850e31bfeabdf91d8ec7c5c264572e12c1d4a3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
e1a21f5608a453c62223db86aa89e5c8

SHA1
7ab0538ecda583bb69fb3b1b6d4c5cef07b11523

SHA256
f2535a83720d9042d54a76b4975459168125c4a4d5557c0eddf6421d1a25a225

SHA512
971eb6de65befa6104db529e8bf556275bbdfabf0dcb0b43b93dd67659753a67c63b13db86100345b0ca3d132957d7697da075626a2b8516a22f20da4f8850b6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
e47b443490d6a0747ba0947708a9a1ac

SHA1
e39ac1327bd8dc68510d7d537a03c4afcce52d33

SHA256
0d9d45793041b7126d1e86ca00af0f369a4e98687a00e5c3d2e63cf962d777bd

SHA512
81023c816524cf43a865203ddda9fbf72c155cec0cbba8c8f2cddcf80907e3233de93381e3183eb1f616014cd461cd5dd5a4ad2e3ce0640804a6f26aa8e474db

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
e66caa224e83bd0ad1ff49b89ef293eb

SHA1
daab5cb0dfd14a4860206eef92ebd7f50f925131

SHA256
1b5b36384fdcbf0bf28d2c005f45542db2ddd4f1b15d4cbb54abb60baccae6f4

SHA512
e591e7456887f05e0f95da0ed515c2e2ec632668c6770679232e5c2df12cd75271c6e090e27f12a9f1f316f94a60ba4837ce9abc97df12e8bc7cb3e9610397ae

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
54a38cdc80f55010b78f0c8c01b3bbf4

SHA1
98805d54b00237379841bde53bdf34e3da5e1e67

SHA256
51e93a6eb1ca9ffd75d8c9a472e2c2cb3df165b455491b9c3800a577c8343b9c

SHA512
41506878d63bf0059cb8a352d3f5cfebe0510f96f52ffe01abd9b443fe4261606feecf7ddf49d83b02822191e2e7e6fe64d2f6239ef4f048034ef356c2cb23e6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
b64f912690313adaef90e5b691c488b0

SHA1
511adeb16087de7f57fd2d409fbf12c6ed18840b

SHA256
6124aa0f812c4f2b598eaa471d1206d026948250f668e08dbd5569f690200263

SHA512
aabe85edb260370443bb97bc942e7e322b06fc37c2bec44c21eec7fcb6cf842d727b7f74387ebadb3f9c3f124e1612bcfb94d59ed48386ff4fcc1df447340beb

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
8b45247b73c6f36d7c5779a56b4b6d10

SHA1
03913f5c16c977d27c4c148be24a557dddbce119

SHA256
2152ceada705a33968d437a7dc6cec012087ec7f8870b780aad3cbe6d081853a

SHA512
be9d4cabadbf48a422a20e1f8bfc2357a3f6dd63db77b27ab7f2f7febaacbd1b57bd435a10f15e5ba3380ad6ff8a81ccbb22277d69c913c836e8cc555da394b5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
80a0af5861fc6ae72be4c86a241e7c04

SHA1
1d0e4b0c06570d2a400be5c2f317f0adaa835be7

SHA256
863a8382d5fd296ed52e838d038ab0cb0942b2a57813844f30a68a03de08cff7

SHA512
53ac67c2149017171168e3365e80755f144daf16b5b85f8b6406426c2ad151d7584585e158b512b108ed3d031e6971af59848c43975784b2c8eb28e21cd6e843

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
eeb2d4b0ff63baaecae73fb39138c432

SHA1
d35bb0e434411e879c363d0f1cb7585736b06332

SHA256
528abe0350e739cb49e06a128641f4bf320519138f05cc8d6e814cd972620969

SHA512
59efcfa463834e4d6e00d366530d5e48ab852da440562f87bd157fb7f6865e09def11a84fb71b455fc3d612578768cf6b371059f9cfe6940f72fb3d58bff4dca

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
363b44b2e8257408631d113196a3e147

SHA1
0715c3f0727b14bd21c586df2081eb61ac61990e

SHA256
45ecb325329cfa9763efbe0b80177dc3023d3a0ed724b4c583f5340f65afe74b

SHA512
238c3044accf692317659345064a147607fea0826a7294868f476df2e7718d55bba53e4a687b17a101abee16b118f210bac7a3419fd30e3400eca6d34964e021

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
8a96ddea208169e7b0d149567418dd09

SHA1
1c69447e133ebffe04fd3ea80089c3def3474c55

SHA256
bbd3a387d7e39b644903bcbc08a3b661b8c2aa5005d798635cbaeca65fc72910

SHA512
952611b2528c6d3ea003d01e0af38f6f0661d46b9fba1a10ef6a8afd0cd12c77355040d7b4fe271b12d8827aa093b2d70b169c7aefa51b44f6457b25553678c3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
4a8e6fe64016cdf0bc2467d3fcf86247

SHA1
fe18877f494bd0edad669d996f4a581c0612b426

SHA256
09b1e3bb25a6d9080b3686849350018123c7cdf259a2abfc45d20f196f009dca

SHA512
8a1646d5fb56b9f84edb7e7f51735e8ff44c3211b7b5933294e16ab8ccc0bd8c24dacf58c781cfdd855628a21cf3c09ed53a45d735d898c6d07c75c231058156

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
297a5f9388e830f2d8a5c34b2e495829

SHA1
7dd35c6009b9384f86f0fa896cdfd286b2266659

SHA256
5fb3923cc4f9905d0ef066629d1331993be4eae353e62d78960cd8e840201564

SHA512
0949eeb03dcd4fad683536e773735e849bda40f7a76a0b39d9635ad9b7a3ac0875e79a19f1fff789213e1f6f34802afe795eed46ccd440aea95bf64c2dadd1b3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
bc642aee9b6327615972a6247b1b8393

SHA1
bf1ffffe445229090fd5a05b3a191d58b264b0b0

SHA256
166b03c5538c4baa60b09e393046e4f9fa2c262804a1e22bdf9f069fadf1c4f9

SHA512
9fb3bd8117c0f8d0cade75f1e5d2a99d4f687f30eec3cc16ceadda3bbade1a0a81c0300d8bc2d9a82be14c90d0a51421711ca40fc8dfaf89b0eb7f472a982f5d

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zSCD7A2856\Assets\exit_close.png

Filesize
670B

MD5
26eb04b9e0105a7b121ea9c6601bbf2a

SHA1
efc08370d90c8173df8d8c4b122d2bb64c07ccd8

SHA256
7aaef329ba9fa052791d1a09f127551289641ea743baba171de55faa30ec1157

SHA512
9df3c723314d11a6b4ce0577eb61488061f2f96a9746a944eb6a4ee8c0c4d29131231a1b20988ef5454b79f9475b43d62c710839ecc0a9c98324f977cab6db68

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zSCD7A2856\Assets\loader.png

Filesize
279B

MD5
03903fd42ed2ee3cb014f0f3b410bcb4

SHA1
762a95240607fe8a304867a46bc2d677f494f5c2

SHA256
076263cc65f9824f4f82eb6beaa594d1df90218a2ee21664cf209181557e04b1

SHA512
8b0e717268590e5287c07598a06d89220c5e9a33cd1c29c55f8720321f4b3efc869d20c61fcc892e13188d77f0fdc4c73a2ee6dece174bf876fcc3a6c5683857

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zSCD7A2856\Assets\minimize_progress.png

Filesize
212B

MD5
1504b80f2a6f2d3fefc305da54a2a6c2

SHA1
432a9d89ebc2f693836d3c2f0743ea5d2077848d

SHA256
2f62d4e8c643051093f907058dddc78cc525147d9c4f4a0d78b4d0e5c90979f6

SHA512
675db04baf3199c8d94af30a1f1c252830a56a90f633c3a72aa9841738b04242902a5e7c56dd792626338e8b7eabc1f359514bb3a2e62bc36c16919e196cfd94

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zSCD7A2856\BlueStacksInstaller.exe

Filesize
604KB

MD5
71e50fd39f4b7fa12a54c953ff160f62

SHA1
487de6a5648abb060f07d43d3c6eac1cb9d8af7d

SHA256
e92e6832c64a0494e584839b5382eaa895831cb9d607b19e042722c5e7adfbbd

SHA512
0e600968b897bcc7bead6a75eb589d3c6ddb7903a286b2012ed0c78026e2921d6d4ebcb8649d713911a9829c04b373485e480eb04ed66be17c6282b01c34e719

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zSCD7A2856\BlueStacksInstaller.exe

Filesize
604KB

MD5
71e50fd39f4b7fa12a54c953ff160f62

SHA1
487de6a5648abb060f07d43d3c6eac1cb9d8af7d

SHA256
e92e6832c64a0494e584839b5382eaa895831cb9d607b19e042722c5e7adfbbd

SHA512
0e600968b897bcc7bead6a75eb589d3c6ddb7903a286b2012ed0c78026e2921d6d4ebcb8649d713911a9829c04b373485e480eb04ed66be17c6282b01c34e719

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zSCD7A2856\BlueStacksInstaller.exe

Filesize
604KB

MD5
71e50fd39f4b7fa12a54c953ff160f62

SHA1
487de6a5648abb060f07d43d3c6eac1cb9d8af7d

SHA256
e92e6832c64a0494e584839b5382eaa895831cb9d607b19e042722c5e7adfbbd

SHA512
0e600968b897bcc7bead6a75eb589d3c6ddb7903a286b2012ed0c78026e2921d6d4ebcb8649d713911a9829c04b373485e480eb04ed66be17c6282b01c34e719

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zSCD7A2856\BlueStacksInstaller.exe.config

Filesize
324B

MD5
1b456d88546e29f4f007cd0bf1025703

SHA1
e5c444fcfe5baf2ef71c1813afc3f2c1100cab86

SHA256
d6d316584b63bb0d670a42f88b8f84e0de0db4275f1a342084dc383ebeb278eb

SHA512
c545e416c841b8786e4589fc9ca2b732b16cdd759813ec03f558332f2436f165ec1ad2fbc65012b5709fa19ff1e8396639c17bfad150cabeb51328a39ea556e6

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zSCD7A2856\HD-CheckCpu.exe

Filesize
200KB

MD5
81234fd9895897b8d1f5e6772a1b38d0

SHA1
80b2fec4a85ed90c4db2f09b63bd8f37038db0d3

SHA256
2e14887f3432b4a313442247fc669f891dbdad7ef1a2d371466a2afa88074a4c

SHA512
4c924d6524dc2c7d834bfc1a0d98b21753a7bf1e94b1c2c6650f755e6f265512d3a963bc7bc745351f79f547add57c37e29ba9270707edbf62b60df3a541bc16

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zSCD7A2856\HD-CheckCpu.exe

Filesize
200KB

MD5
81234fd9895897b8d1f5e6772a1b38d0

SHA1
80b2fec4a85ed90c4db2f09b63bd8f37038db0d3

SHA256
2e14887f3432b4a313442247fc669f891dbdad7ef1a2d371466a2afa88074a4c

SHA512
4c924d6524dc2c7d834bfc1a0d98b21753a7bf1e94b1c2c6650f755e6f265512d3a963bc7bc745351f79f547add57c37e29ba9270707edbf62b60df3a541bc16

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zSCD7A2856\HD-CheckCpu.exe

Filesize
200KB

MD5
81234fd9895897b8d1f5e6772a1b38d0

SHA1
80b2fec4a85ed90c4db2f09b63bd8f37038db0d3

SHA256
2e14887f3432b4a313442247fc669f891dbdad7ef1a2d371466a2afa88074a4c

SHA512
4c924d6524dc2c7d834bfc1a0d98b21753a7bf1e94b1c2c6650f755e6f265512d3a963bc7bc745351f79f547add57c37e29ba9270707edbf62b60df3a541bc16

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zSCD7A2856\JSON.dll

Filesize
411KB

MD5
f5fd966e29f5c359f78cb61a571d1be4

SHA1
a55e7ed593b4bc7a77586da0f1223cfd9d51a233

SHA256
d2c8d26f95f55431e632c8581154db7c19547b656380e051194a9d2583dd2156

SHA512
d99e6fe250bb106257f86135938635f6e7ad689b2c11a96bb274f4c4c5e9a85cfacba40122dbc953f77b5d33d886c6af30bff821f10945e15b21a24b66f6c8be

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zSCD7A2856\Locales\i18n.en-US.txt

Filesize
18KB

MD5
34405af4ef073eebfaa23df0ba5555c0

SHA1
2024caf7834505097673287739f881d64f79e9b1

SHA256
f0c241cbc4175898b7bd568fc69ec02323c12faeeb752e8e43355fadcd05dd5f

SHA512
e7fc8cb7380ea15f366f867679a52f21ea1c14373f1042061e6d42ef64f8db61f110b9ba61c08e6ac6811621f3b26679e7c2778008ddc39b51956034a738fa10

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zSCD7A2856\ThemeFile

Filesize
80KB

MD5
c3e6bab4f92ee40b9453821136878993

SHA1
94493a6b3dfb3135e5775b7d3be227659856fbc4

SHA256
de1a2e6b560e036da5ea6b042e29e81a5bfcf67dde89670c332fc5199e811ba6

SHA512
a64b6b06b3a0f3591892b60e59699682700f4018b898efe55d6bd5fb417965a55027671c58092d1eb7e21c2dbac42bc68dfb8c70468d98bed45a8cff0e945895

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar8DB6.tmp

Filesize
163KB

MD5
9441737383d21192400eca82fda910ec

SHA1
725e0d606a4fc9ba44aa8ffde65bed15e65367e4

SHA256
bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

SHA512
7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

Download Submit
\Users\Admin\AppData\Local\Temp\7zSCD7A2856\BlueStacksInstaller.exe

Filesize
604KB

MD5
71e50fd39f4b7fa12a54c953ff160f62

SHA1
487de6a5648abb060f07d43d3c6eac1cb9d8af7d

SHA256
e92e6832c64a0494e584839b5382eaa895831cb9d607b19e042722c5e7adfbbd

SHA512
0e600968b897bcc7bead6a75eb589d3c6ddb7903a286b2012ed0c78026e2921d6d4ebcb8649d713911a9829c04b373485e480eb04ed66be17c6282b01c34e719

Download Submit
\Users\Admin\AppData\Local\Temp\7zSCD7A2856\BlueStacksInstaller.exe

Filesize
604KB

MD5
71e50fd39f4b7fa12a54c953ff160f62

SHA1
487de6a5648abb060f07d43d3c6eac1cb9d8af7d

SHA256
e92e6832c64a0494e584839b5382eaa895831cb9d607b19e042722c5e7adfbbd

SHA512
0e600968b897bcc7bead6a75eb589d3c6ddb7903a286b2012ed0c78026e2921d6d4ebcb8649d713911a9829c04b373485e480eb04ed66be17c6282b01c34e719

Download Submit
\Users\Admin\AppData\Local\Temp\7zSCD7A2856\BlueStacksInstaller.exe

Filesize
604KB

MD5
71e50fd39f4b7fa12a54c953ff160f62

SHA1
487de6a5648abb060f07d43d3c6eac1cb9d8af7d

SHA256
e92e6832c64a0494e584839b5382eaa895831cb9d607b19e042722c5e7adfbbd

SHA512
0e600968b897bcc7bead6a75eb589d3c6ddb7903a286b2012ed0c78026e2921d6d4ebcb8649d713911a9829c04b373485e480eb04ed66be17c6282b01c34e719

Download Submit
\Users\Admin\AppData\Local\Temp\7zSCD7A2856\BlueStacksInstaller.exe

Filesize
604KB

MD5
71e50fd39f4b7fa12a54c953ff160f62

SHA1
487de6a5648abb060f07d43d3c6eac1cb9d8af7d

SHA256
e92e6832c64a0494e584839b5382eaa895831cb9d607b19e042722c5e7adfbbd

SHA512
0e600968b897bcc7bead6a75eb589d3c6ddb7903a286b2012ed0c78026e2921d6d4ebcb8649d713911a9829c04b373485e480eb04ed66be17c6282b01c34e719

Download Submit
memory/2680-122-0x00000000004C0000-0x0000000000528000-memory.dmp

Filesize
416KB

Download
memory/2680-792-0x000000001AF70000-0x000000001AFF0000-memory.dmp

Filesize
512KB

Download
memory/2680-120-0x000000001AF70000-0x000000001AFF0000-memory.dmp

Filesize
512KB

Download
memory/2680-186-0x0000000000B80000-0x0000000000B8A000-memory.dmp

Filesize
40KB

Download
memory/2680-183-0x000000001AF70000-0x000000001AFF0000-memory.dmp

Filesize
512KB

Download
memory/2680-119-0x000007FEF56D0000-0x000007FEF60BC000-memory.dmp

Filesize
9.9MB

Download
memory/2680-118-0x0000000000ED0000-0x0000000000F6A000-memory.dmp

Filesize
616KB

Download
memory/2680-1154-0x000000001AF70000-0x000000001AFF0000-memory.dmp

Filesize
512KB

Download
memory/2680-1215-0x0000000000B80000-0x0000000000B8A000-memory.dmp

Filesize
40KB

Download
memory/2680-409-0x000000001AA90000-0x000000001AA91000-memory.dmp

Filesize
4KB

Download
memory/2680-408-0x000007FEF56D0000-0x000007FEF60BC000-memory.dmp

Filesize
9.9MB

Download