Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
BlueStacksInstaller_5.13.220.1001_native_2bfcec35496fac01d35f2efd2b58195a_MzsxNSwwOzUsMTsxNSw0OzE1.exe
-
Size
899KB
-
Sample
231104-xmnd1adb3z
-
MD5
9193390ffd1ee47e585750079c2d61b4
-
SHA1
49887df7b513c4cdeec369a38b0917af0024c5b9
-
SHA256
831d7190c4b86d6b8993de26780c212ab692e0f37886a324331c69ed4748b2f5
-
SHA512
499c5a78e139ebfae40c9860325fa2dfc0dc5f8040e91d95a46b2d1497e653923b975482a051eb6d36952164a004fff8dcc9b1d75b037d8da3070c1114d83cdd
-
SSDEEP
24576:LivtCXWeGKhFGXFmUbAq/gGpBPbvNKPAz:utCXWPEc1mIAq/ggTVhz
Malware Config
Targets
-
-
Target
BlueStacksInstaller_5.13.220.1001_native_2bfcec35496fac01d35f2efd2b58195a_MzsxNSwwOzUsMTsxNSw0OzE1.exe
-
Size
899KB
-
MD5
9193390ffd1ee47e585750079c2d61b4
-
SHA1
49887df7b513c4cdeec369a38b0917af0024c5b9
-
SHA256
831d7190c4b86d6b8993de26780c212ab692e0f37886a324331c69ed4748b2f5
-
SHA512
499c5a78e139ebfae40c9860325fa2dfc0dc5f8040e91d95a46b2d1497e653923b975482a051eb6d36952164a004fff8dcc9b1d75b037d8da3070c1114d83cdd
-
SSDEEP
24576:LivtCXWeGKhFGXFmUbAq/gGpBPbvNKPAz:utCXWPEc1mIAq/ggTVhz
Score8/10-
Downloads MZ/PE file
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1