2e3df69c779df08163bdc0366f7dcb66b1a1c49e1dff33d21c98753a65abc089

Analysis

max time kernel
118s
max time network
137s
platform
windows7_x64
resource
win7-20231020-en
resource tags

arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
submitted
16/11/2023, 23:31

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

BlueStacks10Installer_10.4.70.1002_native_b91c48101bfc7a192845165c24b6b96c_MzsxNSwwOzUsMTsxNSw0OzE1.exe
Size

899KB
MD5

fed49c1d7213ed9907974d72af383d5b
SHA1

820c57f167ad2ec371a4a2b2435496395d77b578
SHA256

2e3df69c779df08163bdc0366f7dcb66b1a1c49e1dff33d21c98753a65abc089
SHA512

5446b84243d7a604cded3fcf7383d7ff0fdfba2bcf43c439f3edfe02ab3050b9cd612d93c61521696899c500d571d98dedde1eff6b076955c1fc6dfdf7e32026
SSDEEP

12288:livtCXQd0gjKX7zuqGKEFGPDy1xrqNFpMUFtlMx9T7FBZguJrwzncLuwng:livtCXWeGKEFGXFmUBOvhEzncL5ng

Score

4^/10

Malware Config

Signatures

Executes dropped EXE 3 IoCs

pid	Process
644	BlueStacksInstaller.exe
2228	HD-CheckCpu.exe
2560	HD-CheckCpu.exe

Loads dropped DLL 4 IoCs

pid	Process
1880	BlueStacks10Installer_10.4.70.1002_native_b91c48101bfc7a192845165c24b6b96c_MzsxNSwwOzUsMTsxNSw0OzE1.exe
1880	BlueStacks10Installer_10.4.70.1002_native_b91c48101bfc7a192845165c24b6b96c_MzsxNSwwOzUsMTsxNSw0OzE1.exe
1880	BlueStacks10Installer_10.4.70.1002_native_b91c48101bfc7a192845165c24b6b96c_MzsxNSwwOzUsMTsxNSw0OzE1.exe
1880	BlueStacks10Installer_10.4.70.1002_native_b91c48101bfc7a192845165c24b6b96c_MzsxNSwwOzUsMTsxNSw0OzE1.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Suspicious behavior: EnumeratesProcesses 5 IoCs

pid	Process
644	BlueStacksInstaller.exe
644	BlueStacksInstaller.exe
644	BlueStacksInstaller.exe
644	BlueStacksInstaller.exe
644	BlueStacksInstaller.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	644	BlueStacksInstaller.exe

Suspicious use of WriteProcessMemory 12 IoCs

description	pid	Process	procid_target
PID 1880 wrote to memory of 644	1880	BlueStacks10Installer_10.4.70.1002_native_b91c48101bfc7a192845165c24b6b96c_MzsxNSwwOzUsMTsxNSw0OzE1.exe	28
PID 1880 wrote to memory of 644	1880	BlueStacks10Installer_10.4.70.1002_native_b91c48101bfc7a192845165c24b6b96c_MzsxNSwwOzUsMTsxNSw0OzE1.exe	28
PID 1880 wrote to memory of 644	1880	BlueStacks10Installer_10.4.70.1002_native_b91c48101bfc7a192845165c24b6b96c_MzsxNSwwOzUsMTsxNSw0OzE1.exe	28
PID 1880 wrote to memory of 644	1880	BlueStacks10Installer_10.4.70.1002_native_b91c48101bfc7a192845165c24b6b96c_MzsxNSwwOzUsMTsxNSw0OzE1.exe	28
PID 644 wrote to memory of 2228	644	BlueStacksInstaller.exe	30
PID 644 wrote to memory of 2228	644	BlueStacksInstaller.exe	30
PID 644 wrote to memory of 2228	644	BlueStacksInstaller.exe	30
PID 644 wrote to memory of 2228	644	BlueStacksInstaller.exe	30
PID 644 wrote to memory of 2560	644	BlueStacksInstaller.exe	32
PID 644 wrote to memory of 2560	644	BlueStacksInstaller.exe	32
PID 644 wrote to memory of 2560	644	BlueStacksInstaller.exe	32
PID 644 wrote to memory of 2560	644	BlueStacksInstaller.exe	32

C:\Users\Admin\AppData\Local\Temp\BlueStacks10Installer_10.4.70.1002_native_b91c48101bfc7a192845165c24b6b96c_MzsxNSwwOzUsMTsxNSw0OzE1.exe
"C:\Users\Admin\AppData\Local\Temp\BlueStacks10Installer_10.4.70.1002_native_b91c48101bfc7a192845165c24b6b96c_MzsxNSwwOzUsMTsxNSw0OzE1.exe"
1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:1880
- C:\Users\Admin\AppData\Local\Temp\7zS8576AC76\BlueStacksInstaller.exe
  "C:\Users\Admin\AppData\Local\Temp\7zS8576AC76\BlueStacksInstaller.exe"
  2⤵
  - Executes dropped EXE
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of WriteProcessMemory
  PID:644
- - C:\Users\Admin\AppData\Local\Temp\7zS8576AC76\HD-CheckCpu.exe
    "C:\Users\Admin\AppData\Local\Temp\7zS8576AC76\HD-CheckCpu.exe" --cmd checkHypervEnabled
    3⤵
    - Executes dropped EXE
    PID:2228
- - C:\Users\Admin\AppData\Local\Temp\7zS8576AC76\HD-CheckCpu.exe
    "C:\Users\Admin\AppData\Local\Temp\7zS8576AC76\HD-CheckCpu.exe" --cmd checkSSE4
    3⤵
    - Executes dropped EXE
    PID:2560

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
62f26251668000af962a471d1660bddd

SHA1
efa120dce70a6c2704403d9c8425113d623c1a19

SHA256
60902f42a485502e7fb7a38e889976b3c52bb1712e5c067441f16fb12338fcd1

SHA512
4dc140733a84153aa9910347e19499a37871baf2e9f884e0ced45faf1f880b236d99e6bd70291e4e0422a853b0b4570ad15497364df45474c24150c25c882671

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
4f2881f5c757267aee53159ef4dc8352

SHA1
e4cc8084928c19ed89d3219ffe96fcf7b916c403

SHA256
8947d8b6b896bd5f7d83004cd3df9c59edb5a6d070df42ef94ea1e2b45c0432d

SHA512
dba173d5412690051180e1c4e347087afee85051e19c6fe00e2a2d5d83852a5bcd1aa864e757dc92b25c0c0d689a360cc628da2cbae7433200e72176f9f10578

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
3ff9a5bb3bd0392b6e6528e8f78b1035

SHA1
f63d7c10cdf5140966f0834efeefbd0c55dffd4e

SHA256
7251a6f1d1821ee0b358e6b75d0dd2b13cd52142c8f77b28f23bb0984317cb28

SHA512
0c84a6f6260dc4bb1cec85c3b464c73d90b20d13916df9c4ccd4e3af51642fe3f890ca55696b4e66fc7a4df475324316a81d02d23dade648f926bc5f99e04374

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
146687d9d90bf6784579c0ddbbbd3ca3

SHA1
2749cdd38f3bcb09479dc6449c08f37c372a29f9

SHA256
218f248bc2be9bedad0387daf0c29fee9a0bb2630bfc48e7a49c4b282d4bae32

SHA512
43e66de1bdc973d040f74cb816cd13a146f68ffb7b62e65dee70e2f2ffa7fcdf093defe779783313807fd41b7fc77848b29fbc11dc21781e3eb9852bafe16b70

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
0b3bf3944763a927eefc4ad26120729d

SHA1
f8a6b520a426d3732b93a590a0ebbf314c50a89d

SHA256
0cd7088568a38d8f6c6d2c4e0efc45993a821dd6fae99dc132b9703bcd0e17e9

SHA512
9951cdf4d13d4644d9b19748730c249d260c0cf20b6f032907e9b04dd0c32a406fd368a7ca8c5824fae54c0a82fcd5f5e95786e7395dea8e904a8e311726cf20

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
65c8176d0deccc871583b0d230167a8a

SHA1
a75d59283d2810aa222025d5b2069173eff41ba8

SHA256
1615936046c7984be20e18d5f2cd8a9bab6dda105c0e56e5ee469e012c1c022e

SHA512
a8c31b8070a8719eb23a0dea9f4c95356691ee96287864f4e91a2009a0caf2de8980fa58162d8e39297162f403444b799bb24038a7d220d86d90e8950bb7275d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
29e066af6ce17ff8e08025d1a6512e05

SHA1
734a27e2f11759b71e18b2e5d151319ed2ac3efc

SHA256
c55a99eb7fd6f9ca334463b5cdd69a924fba589205d412d42467ea3353904fcf

SHA512
0d48ad1efd8ed1589192368ca87fdb93ea6cdee56409d4dd792d36f355b5df9c6f55009ae6a874dc0da51951fc79a35ab735f0f5072172d040e3b983edf89b05

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
f0f8238fa8804d73ac178796ebe9737d

SHA1
5d7cbd0b7feb5fc9841aa80922ef1f8b43ef54d9

SHA256
c62029a60fc4ff48d46ad53143e90b63fe0f18e76f7d38c411172f1586bd7bf3

SHA512
a65567e9a24a7c7a9bf935c34c6ffdd08fbedc13f9c56c9d76a2a50d4d3ccbea567b771d7820663e45a62ce33b1086d0d9a3e885953ef55eb0c7faac417bf37d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
0eda5c2716195956963ac78a28810352

SHA1
ca88cbd5dd9873c46820fbbacbcd8c1e73318532

SHA256
d1c135bdf19ab1f23cc3a89c6f21691f9ebd988fdaf6de4ef32981dd1dfceaba

SHA512
c359d170bab33ba4b0c1c543da027280f035e6c31aa057351a04b24fa9519aa21fd3690903bc706db6ba70fe095d66f18ecde049bddd885f63f7b7b01a8c5b25

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
3334aadec5f240f49ecf25a1f188fc40

SHA1
30c8fe8b8fa78c8651b67eee3c2bfbb4b9c3b01a

SHA256
d6e8e951424b646f3c9ed2f1fe2759e3c9a88996ccaa4438ecd683f1bcec905b

SHA512
462a2f18b0722ef1b069f64c20527d7e5a824aeba931831b769f20a41c7882b1cf8f6a57c05f8dcb0668ccb536c959ef5bde9696a2d99e98c6b3a276e1d9db2c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
94adb4118f8f64caca655bf42ba7846f

SHA1
4601fa38b728bc17865a4f3ae849ec6b969e9569

SHA256
69c3be53791454b9dc4d10e5ec3fbc82af83d4caa4e0b53840a44fac95766f84

SHA512
25178088ecc9ac1d8b4b134baf019836833b1cd1a822e9267248665be408aa64931f497264455d91c9bb50f4f61b2fd170fa64fffef827c6ab836089d4245c68

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
6e64d875c52552214f705c1cef7ac38c

SHA1
a1f30f44851a9fc2d32e1a4669a77704b45544ec

SHA256
bd4f156e8428338d273b040c5f3c9a3d3407f8b1f86efca4c9eb24b96df59cce

SHA512
3c011b7c67ea2c5dfbc14bc38cd2fff589270fd563f7d7704309f8d2daf9bb7a4e87a0a11057e8e1bf16b95a3e8d3da0d820dfe65355bfe0ef3337aa6c242807

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
0548ebd106b02a3a789546f09e2ec1ad

SHA1
45cbad02514044d62a7850233e40066fce9a1796

SHA256
9cbd8d529cc1bc13afd7bcbaa78680a6afd35f2b6f4a5e1d0495ab55d9dd4a32

SHA512
5419dd5e14fbe4c225bfa7a42dd4333cad08d4461c466cb7e43aa601433020165bb0200188cc18464684ca6831260d9379a925d0e1540692c87755746a8a26f1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
26c74be89fe56f5581829fc90cb359ab

SHA1
03b316a24aac542e35d59623328730cc1e6bcb27

SHA256
7ed60b8fb84519bb542e28af77d1a17aa378940958d20b4b709b8246c3922e56

SHA512
c18f0920e90ea579642fd7b263f8da8a7c613001bebec736bb89a76ccdc5dc298e0a7dae2cc0762bb8f6790367e9e4ef6638000672e9fdb859ded35f0153e908

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
c130e779538a2b986892c12e1b4e0600

SHA1
2bf7fb909b0c80705ebd44f37678e94e5308fd2e

SHA256
59afe0ca93b7e655755260d7405a277b0b89d803d8bfaa8b90e10bbb7a92245f

SHA512
a5c78fb3d4c0d54c1cf61d215a0dadc3f9b5baf476f36f3a28bd72696420ebd8e2dad88193ea5ef1038dd3b416c00c7c2815bc367c39293be66695da95b91450

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
2524e8fd883618bd676279c052f91f83

SHA1
961b14445f0ebe50fd64c735c6506811272ffbf6

SHA256
079abddf1fc9c5d73b70778883344fe92ac9b42c80d1f16700446a59039be73d

SHA512
f5e7bd38f4bcf6baa9fe6766b1beab0b3c67fa8ba7c83270e38e86ef336fc36d6794c1a089c011c57197d42fbc77a74277c2e1be1ac05ecc26095dadb28c2b01

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
77831a23902d8219958c437a861426c1

SHA1
674b9c7da31c3fcc1f2520643908c0c024feb178

SHA256
49511370a40cbbadee4d1133e57fd9101a6242a4938b83dd4bd98773eec14e5f

SHA512
e6185e1b506213c2e9c58f14f00deb16955854fd0c9a407c8a5a4a7c99f9cee4758b615fd2beaad243dd3c5aa1ac487be963e3ea2e911ae4162a33da40789792

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
d295b2510cf0de8033d17a473a43f575

SHA1
b24047f05e17f6c392f9ed370a9477ed8e498b92

SHA256
6091ce1146d6fbcb487f9f72d4e692f517aa932d2c66dafad025d2d2bea6deda

SHA512
f05708d089fded10ccba4dcd13966352526c0f51c9b8a007ade6fdf4c4e9ff97e2a30d5c4da4a1f4098ebbc054747ea7572967855566121bea63e0fe6f27c3be

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
3477f9f75e3906ebdab950a76d6b8548

SHA1
d016e60d00cd3950010cad16ac3c8b776f5c17fa

SHA256
b03655a8dfd48e58f2db8e617ad021fba06afeefb7f6c9bbc3652af881cab7bf

SHA512
e3fccdf18b7e20f571d0c646ccbc379d4a0a55a7c3ce8e6eff4d1ac5e76cbd06cec69d2b584aa850f54091081cdc216361f39853cc1c0d4866aa10e7f6e3f73a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
79ec09a1d757346729197b01be5dd563

SHA1
55a58e3f0d53744084523445713256eaf68132ec

SHA256
338b232f4cd926620ab0042d2c86fe4d8a5048d703043af3a18a4043f030bad5

SHA512
ed17ee99d8c2c72860149651b35bfd05878cfcac185eab98d4b470f2d2dfd5672be48c6ff383c228ce12452c2a95a3f73b590dd0ae19575c2c22f7be0c89f9e1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
b1b30ec22ba312e6f2c7ef16825e00cc

SHA1
4c3a2db8d30b78a2884f4b2177db03b3b6d1a23a

SHA256
dfb6d832173f4aa5319836e2685611ce4560cf7f4579ba239a93bde54880153a

SHA512
7895e1a271a9f0c723498d6614bc8aedeb4425e44f9c9de2280559b18c1d74ef8249d8250578bb75de208504b9e69ca91dd13cd85b809787daede3c9c7555324

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS8576AC76\Assets\exit_close.png

Filesize
670B

MD5
26eb04b9e0105a7b121ea9c6601bbf2a

SHA1
efc08370d90c8173df8d8c4b122d2bb64c07ccd8

SHA256
7aaef329ba9fa052791d1a09f127551289641ea743baba171de55faa30ec1157

SHA512
9df3c723314d11a6b4ce0577eb61488061f2f96a9746a944eb6a4ee8c0c4d29131231a1b20988ef5454b79f9475b43d62c710839ecc0a9c98324f977cab6db68

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS8576AC76\Assets\loader.png

Filesize
279B

MD5
03903fd42ed2ee3cb014f0f3b410bcb4

SHA1
762a95240607fe8a304867a46bc2d677f494f5c2

SHA256
076263cc65f9824f4f82eb6beaa594d1df90218a2ee21664cf209181557e04b1

SHA512
8b0e717268590e5287c07598a06d89220c5e9a33cd1c29c55f8720321f4b3efc869d20c61fcc892e13188d77f0fdc4c73a2ee6dece174bf876fcc3a6c5683857

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS8576AC76\Assets\minimize_progress.png

Filesize
212B

MD5
1504b80f2a6f2d3fefc305da54a2a6c2

SHA1
432a9d89ebc2f693836d3c2f0743ea5d2077848d

SHA256
2f62d4e8c643051093f907058dddc78cc525147d9c4f4a0d78b4d0e5c90979f6

SHA512
675db04baf3199c8d94af30a1f1c252830a56a90f633c3a72aa9841738b04242902a5e7c56dd792626338e8b7eabc1f359514bb3a2e62bc36c16919e196cfd94

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS8576AC76\BlueStacksInstaller.exe

Filesize
604KB

MD5
2d7144b1538c8970bea65e27028f672d

SHA1
68e6ee91057ccd47bcff91f68d1cd55abe401bb1

SHA256
5df7d4c65e7a01c48560401dce8d309abb71e026d1602edc2e61940edf67d21f

SHA512
03efa3050c59b5a5941181b7aa02b5180d0ce68f4545e13cb9a41f795ea1ea3c1dc48020454440d4e7bfc0d8f5b10494f18d3fae33af568e974c9624f76611f7

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS8576AC76\BlueStacksInstaller.exe

Filesize
604KB

MD5
2d7144b1538c8970bea65e27028f672d

SHA1
68e6ee91057ccd47bcff91f68d1cd55abe401bb1

SHA256
5df7d4c65e7a01c48560401dce8d309abb71e026d1602edc2e61940edf67d21f

SHA512
03efa3050c59b5a5941181b7aa02b5180d0ce68f4545e13cb9a41f795ea1ea3c1dc48020454440d4e7bfc0d8f5b10494f18d3fae33af568e974c9624f76611f7

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS8576AC76\BlueStacksInstaller.exe

Filesize
604KB

MD5
2d7144b1538c8970bea65e27028f672d

SHA1
68e6ee91057ccd47bcff91f68d1cd55abe401bb1

SHA256
5df7d4c65e7a01c48560401dce8d309abb71e026d1602edc2e61940edf67d21f

SHA512
03efa3050c59b5a5941181b7aa02b5180d0ce68f4545e13cb9a41f795ea1ea3c1dc48020454440d4e7bfc0d8f5b10494f18d3fae33af568e974c9624f76611f7

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS8576AC76\BlueStacksInstaller.exe.config

Filesize
324B

MD5
1b456d88546e29f4f007cd0bf1025703

SHA1
e5c444fcfe5baf2ef71c1813afc3f2c1100cab86

SHA256
d6d316584b63bb0d670a42f88b8f84e0de0db4275f1a342084dc383ebeb278eb

SHA512
c545e416c841b8786e4589fc9ca2b732b16cdd759813ec03f558332f2436f165ec1ad2fbc65012b5709fa19ff1e8396639c17bfad150cabeb51328a39ea556e6

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS8576AC76\HD-CheckCpu.exe

Filesize
200KB

MD5
81234fd9895897b8d1f5e6772a1b38d0

SHA1
80b2fec4a85ed90c4db2f09b63bd8f37038db0d3

SHA256
2e14887f3432b4a313442247fc669f891dbdad7ef1a2d371466a2afa88074a4c

SHA512
4c924d6524dc2c7d834bfc1a0d98b21753a7bf1e94b1c2c6650f755e6f265512d3a963bc7bc745351f79f547add57c37e29ba9270707edbf62b60df3a541bc16

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS8576AC76\HD-CheckCpu.exe

Filesize
200KB

MD5
81234fd9895897b8d1f5e6772a1b38d0

SHA1
80b2fec4a85ed90c4db2f09b63bd8f37038db0d3

SHA256
2e14887f3432b4a313442247fc669f891dbdad7ef1a2d371466a2afa88074a4c

SHA512
4c924d6524dc2c7d834bfc1a0d98b21753a7bf1e94b1c2c6650f755e6f265512d3a963bc7bc745351f79f547add57c37e29ba9270707edbf62b60df3a541bc16

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS8576AC76\HD-CheckCpu.exe

Filesize
200KB

MD5
81234fd9895897b8d1f5e6772a1b38d0

SHA1
80b2fec4a85ed90c4db2f09b63bd8f37038db0d3

SHA256
2e14887f3432b4a313442247fc669f891dbdad7ef1a2d371466a2afa88074a4c

SHA512
4c924d6524dc2c7d834bfc1a0d98b21753a7bf1e94b1c2c6650f755e6f265512d3a963bc7bc745351f79f547add57c37e29ba9270707edbf62b60df3a541bc16

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS8576AC76\JSON.dll

Filesize
411KB

MD5
f5fd966e29f5c359f78cb61a571d1be4

SHA1
a55e7ed593b4bc7a77586da0f1223cfd9d51a233

SHA256
d2c8d26f95f55431e632c8581154db7c19547b656380e051194a9d2583dd2156

SHA512
d99e6fe250bb106257f86135938635f6e7ad689b2c11a96bb274f4c4c5e9a85cfacba40122dbc953f77b5d33d886c6af30bff821f10945e15b21a24b66f6c8be

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS8576AC76\Locales\i18n.en-US.txt

Filesize
18KB

MD5
34405af4ef073eebfaa23df0ba5555c0

SHA1
2024caf7834505097673287739f881d64f79e9b1

SHA256
f0c241cbc4175898b7bd568fc69ec02323c12faeeb752e8e43355fadcd05dd5f

SHA512
e7fc8cb7380ea15f366f867679a52f21ea1c14373f1042061e6d42ef64f8db61f110b9ba61c08e6ac6811621f3b26679e7c2778008ddc39b51956034a738fa10

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS8576AC76\ThemeFile

Filesize
80KB

MD5
c3e6bab4f92ee40b9453821136878993

SHA1
94493a6b3dfb3135e5775b7d3be227659856fbc4

SHA256
de1a2e6b560e036da5ea6b042e29e81a5bfcf67dde89670c332fc5199e811ba6

SHA512
a64b6b06b3a0f3591892b60e59699682700f4018b898efe55d6bd5fb417965a55027671c58092d1eb7e21c2dbac42bc68dfb8c70468d98bed45a8cff0e945895

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab734E.tmp

Filesize
61KB

MD5
f3441b8572aae8801c04f3060b550443

SHA1
4ef0a35436125d6821831ef36c28ffaf196cda15

SHA256
6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

SHA512
5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar7370.tmp

Filesize
163KB

MD5
9441737383d21192400eca82fda910ec

SHA1
725e0d606a4fc9ba44aa8ffde65bed15e65367e4

SHA256
bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

SHA512
7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

Download Submit
\Users\Admin\AppData\Local\Temp\7zS8576AC76\BlueStacksInstaller.exe

Filesize
604KB

MD5
2d7144b1538c8970bea65e27028f672d

SHA1
68e6ee91057ccd47bcff91f68d1cd55abe401bb1

SHA256
5df7d4c65e7a01c48560401dce8d309abb71e026d1602edc2e61940edf67d21f

SHA512
03efa3050c59b5a5941181b7aa02b5180d0ce68f4545e13cb9a41f795ea1ea3c1dc48020454440d4e7bfc0d8f5b10494f18d3fae33af568e974c9624f76611f7

Download Submit
\Users\Admin\AppData\Local\Temp\7zS8576AC76\BlueStacksInstaller.exe

Filesize
604KB

MD5
2d7144b1538c8970bea65e27028f672d

SHA1
68e6ee91057ccd47bcff91f68d1cd55abe401bb1

SHA256
5df7d4c65e7a01c48560401dce8d309abb71e026d1602edc2e61940edf67d21f

SHA512
03efa3050c59b5a5941181b7aa02b5180d0ce68f4545e13cb9a41f795ea1ea3c1dc48020454440d4e7bfc0d8f5b10494f18d3fae33af568e974c9624f76611f7

Download Submit
\Users\Admin\AppData\Local\Temp\7zS8576AC76\BlueStacksInstaller.exe

Filesize
604KB

MD5
2d7144b1538c8970bea65e27028f672d

SHA1
68e6ee91057ccd47bcff91f68d1cd55abe401bb1

SHA256
5df7d4c65e7a01c48560401dce8d309abb71e026d1602edc2e61940edf67d21f

SHA512
03efa3050c59b5a5941181b7aa02b5180d0ce68f4545e13cb9a41f795ea1ea3c1dc48020454440d4e7bfc0d8f5b10494f18d3fae33af568e974c9624f76611f7

Download Submit
\Users\Admin\AppData\Local\Temp\7zS8576AC76\BlueStacksInstaller.exe

Filesize
604KB

MD5
2d7144b1538c8970bea65e27028f672d

SHA1
68e6ee91057ccd47bcff91f68d1cd55abe401bb1

SHA256
5df7d4c65e7a01c48560401dce8d309abb71e026d1602edc2e61940edf67d21f

SHA512
03efa3050c59b5a5941181b7aa02b5180d0ce68f4545e13cb9a41f795ea1ea3c1dc48020454440d4e7bfc0d8f5b10494f18d3fae33af568e974c9624f76611f7

Download Submit
memory/644-429-0x0000000000D30000-0x0000000000D31000-memory.dmp

Filesize
4KB

Download
memory/644-122-0x0000000000C90000-0x0000000000CF8000-memory.dmp

Filesize
416KB

Download
memory/644-118-0x0000000001180000-0x000000000121A000-memory.dmp

Filesize
616KB

Download
memory/644-181-0x0000000000430000-0x000000000043A000-memory.dmp

Filesize
40KB

Download
memory/644-182-0x0000000000430000-0x000000000043A000-memory.dmp

Filesize
40KB

Download
memory/644-178-0x000000001B160000-0x000000001B1E0000-memory.dmp

Filesize
512KB

Download
memory/644-1052-0x000007FEF5690000-0x000007FEF607C000-memory.dmp

Filesize
9.9MB

Download
memory/644-1053-0x000000001B160000-0x000000001B1E0000-memory.dmp

Filesize
512KB

Download
memory/644-1108-0x000000001B160000-0x000000001B1E0000-memory.dmp

Filesize
512KB

Download
memory/644-119-0x000007FEF5690000-0x000007FEF607C000-memory.dmp

Filesize
9.9MB

Download
memory/644-120-0x000000001B160000-0x000000001B1E0000-memory.dmp

Filesize
512KB

Download
memory/644-1165-0x0000000000430000-0x000000000043A000-memory.dmp

Filesize
40KB

Download