Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
BlueStacks10Installer_10.10.7.1001_native_acf5835b6aa1685d2c972ec5ddafd575_MDs1LDM7MTUsMTsxNSw0OzE1.exe
-
Size
910KB
-
Sample
240211-wdh79aac3w
-
MD5
8a3a29b33fe8ba5232b90d95f8f78f50
-
SHA1
844a8db998948ba835d66174bd93174a68a7aeeb
-
SHA256
81cb7e6ec706cc389628e30765ef8b578afef21c550a3576987b4c4ae21415e5
-
SHA512
6f5c1e1bcce0460b302d7af268a5315f2e1c94b7e9119fd1c0f4742c5d826b04815b7b55624e17a03ff4a1ead1c2bad028a09ce419692208b0bb450494837bc6
-
SSDEEP
12288:SivtCXQd0gjKX7zuqGKFD779TxgE98I17YpNgc8gJ6N/Ya6yfP/3uhq/UUBPXtVh:SivtCXWeGKF9Txt9OkcoPvuhqcUB5u8n
Malware Config
Targets
-
-
Target
BlueStacks10Installer_10.10.7.1001_native_acf5835b6aa1685d2c972ec5ddafd575_MDs1LDM7MTUsMTsxNSw0OzE1.exe
-
Size
910KB
-
MD5
8a3a29b33fe8ba5232b90d95f8f78f50
-
SHA1
844a8db998948ba835d66174bd93174a68a7aeeb
-
SHA256
81cb7e6ec706cc389628e30765ef8b578afef21c550a3576987b4c4ae21415e5
-
SHA512
6f5c1e1bcce0460b302d7af268a5315f2e1c94b7e9119fd1c0f4742c5d826b04815b7b55624e17a03ff4a1ead1c2bad028a09ce419692208b0bb450494837bc6
-
SSDEEP
12288:SivtCXQd0gjKX7zuqGKFD779TxgE98I17YpNgc8gJ6N/Ya6yfP/3uhq/UUBPXtVh:SivtCXWeGKF9Txt9OkcoPvuhqcUB5u8n
Score6/10-
Adds Run key to start application
-
Downloads MZ/PE file
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1