194f0e652f991394872e5b6413754bbd80ff6712b2923f1ad87169bfde7ccde9 | Triage

Sharing

General

Target

BlueStacks10Installer_10.10.1.1001_native_e102f155e72119eb701f5777ef98fbbe_MDs1LDM7MTUsMTsxNSw0OzE1.exe
Size

910KB
Sample

240123-qqmtbaagcj
MD5

94f20d2390faa0459452a717aedf5b73
SHA1

da9bf054847414bc8f2ff334529d5e18c1c40bb2
SHA256

194f0e652f991394872e5b6413754bbd80ff6712b2923f1ad87169bfde7ccde9
SHA512

988fc2a6827469f064bc855bf8ecef292c427f7b6375b929a8eec5fa353ef2b3109ddabc3ca50ca715369e6a51c979cb56d1a9bc3cffda8d39c55183fdb73284
SSDEEP

12288:SivtCXQd0gjKX7zuqGK4D779TxgE98I9Le3/m7nmJg8zpTHpNF2uqED4228vs8s:SivtCXWeGKw9Txt9pLePMmTP2uqEt2gs

Score

8^/10

discovery evasion

Malware Config

Targets

- Target
  
  BlueStacks10Installer_10.10.1.1001_native_e102f155e72119eb701f5777ef98fbbe_MDs1LDM7MTUsMTsxNSw0OzE1.exe
- Size
  
  910KB
- MD5
  
  94f20d2390faa0459452a717aedf5b73
- SHA1
  
  da9bf054847414bc8f2ff334529d5e18c1c40bb2
- SHA256
  
  194f0e652f991394872e5b6413754bbd80ff6712b2923f1ad87169bfde7ccde9
- SHA512
  
  988fc2a6827469f064bc855bf8ecef292c427f7b6375b929a8eec5fa353ef2b3109ddabc3ca50ca715369e6a51c979cb56d1a9bc3cffda8d39c55183fdb73284
- SSDEEP
  
  12288:SivtCXQd0gjKX7zuqGK4D779TxgE98I9Le3/m7nmJg8zpTHpNF2uqED4228vs8s:SivtCXWeGKw9Txt9pLePMmTP2uqEt2gs
Score

8^/10

discovery evasion
- Modifies Windows Firewall
  evasion
- Downloads MZ/PE file
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Credential Access

Discovery

Process Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasion