5d79aad701b5c001bd3c13ef78d2283df57623ccb4dfb06226b6ee21e41c6ff5 | Triage

Sharing

General

Target

BlueStacksInstaller_5.13.200.1028_native_e68402dc987f8612711b06421795c22d_MzsxNSwwOzUsMTsxNSw0OzE1.exe
Size

899KB
Sample

231015-nm5tlsfb4z
MD5

f6711d97e0ff42ecd4e1f0ad3754e29a
SHA1

200089c6dbfe9489b20c55071e6738d523afc0c9
SHA256

5d79aad701b5c001bd3c13ef78d2283df57623ccb4dfb06226b6ee21e41c6ff5
SHA512

257431a3784d2b53e381c0a6354f568f9db28dcb8246f810d18f1aedc4ae5d79b29fb2cf3266734d5aad136e1fa7c231fc76efc7baeb3dbbe90d182babaad7f4
SSDEEP

24576:4ivtCXWeGKVFGXFmUQlEk41/iOvJ4icghvMM:9tCXWP0c1mzlEHRi64icghkM

Score

8^/10

discovery evasion

Malware Config

Targets

- Target
  
  BlueStacksInstaller_5.13.200.1028_native_e68402dc987f8612711b06421795c22d_MzsxNSwwOzUsMTsxNSw0OzE1.exe
- Size
  
  899KB
- MD5
  
  f6711d97e0ff42ecd4e1f0ad3754e29a
- SHA1
  
  200089c6dbfe9489b20c55071e6738d523afc0c9
- SHA256
  
  5d79aad701b5c001bd3c13ef78d2283df57623ccb4dfb06226b6ee21e41c6ff5
- SHA512
  
  257431a3784d2b53e381c0a6354f568f9db28dcb8246f810d18f1aedc4ae5d79b29fb2cf3266734d5aad136e1fa7c231fc76efc7baeb3dbbe90d182babaad7f4
- SSDEEP
  
  24576:4ivtCXWeGKVFGXFmUQlEk41/iOvJ4icghvMM:9tCXWP0c1mzlEHRi64icghkM
Score

8^/10

discovery evasion
- Downloads MZ/PE file
- Modifies Windows Firewall
  evasion
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Credential Access

Discovery

Process Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasion