3e708816fbbc73b2b3de8b8fdad8d0e5328e55d8f91f6acf6673d0c517a5a732

Resubmissions

23/02/2024, 21:48

240223-1nvq9aae3z 5

23/02/2024, 21:44

240223-1lzx7ahe79 5

Analysis

max time kernel
1566s
max time network
1750s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
23/02/2024, 21:48

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

BlueStacks10Installer_10.10.7.1004_native_ce7831f0822d7ceda4024b72f1ac8b5b_MDs1LDM7MTUsMTsxNSw0OzE1.exe
Size

910KB
MD5

137ba5b3972ec34519a73c9ce33fa437
SHA1

dd9dc2d0fb7e9554d24bb023fbf198dcaae1591e
SHA256

3e708816fbbc73b2b3de8b8fdad8d0e5328e55d8f91f6acf6673d0c517a5a732
SHA512

1614b37628cdb2112617bf5f65adfe63675285303db00f9ed36ea5f48fcef687e7462c452d01219b684ed21623353000796128e43e76dcdba69322f0d743b465
SSDEEP

24576:ZivtCXWeGKk9Txt9OkcfOT5+3S8L24ier33laL:EtCXWPtvz5cfid81iI1aL

Score

4^/10

Malware Config

Signatures

Executes dropped EXE 2 IoCs

pid	Process
764	BlueStacksInstaller.exe
1288	HD-CheckCpu.exe

Loads dropped DLL 4 IoCs

pid	Process
2720	BlueStacks10Installer_10.10.7.1004_native_ce7831f0822d7ceda4024b72f1ac8b5b_MDs1LDM7MTUsMTsxNSw0OzE1.exe
2720	BlueStacks10Installer_10.10.7.1004_native_ce7831f0822d7ceda4024b72f1ac8b5b_MDs1LDM7MTUsMTsxNSw0OzE1.exe
2720	BlueStacks10Installer_10.10.7.1004_native_ce7831f0822d7ceda4024b72f1ac8b5b_MDs1LDM7MTUsMTsxNSw0OzE1.exe
2720	BlueStacks10Installer_10.10.7.1004_native_ce7831f0822d7ceda4024b72f1ac8b5b_MDs1LDM7MTUsMTsxNSw0OzE1.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Suspicious behavior: EnumeratesProcesses 5 IoCs

pid	Process
764	BlueStacksInstaller.exe
764	BlueStacksInstaller.exe
764	BlueStacksInstaller.exe
764	BlueStacksInstaller.exe
764	BlueStacksInstaller.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	764	BlueStacksInstaller.exe

Suspicious use of WriteProcessMemory 8 IoCs

description	pid	Process	procid_target
PID 2720 wrote to memory of 764	2720	BlueStacks10Installer_10.10.7.1004_native_ce7831f0822d7ceda4024b72f1ac8b5b_MDs1LDM7MTUsMTsxNSw0OzE1.exe	28
PID 2720 wrote to memory of 764	2720	BlueStacks10Installer_10.10.7.1004_native_ce7831f0822d7ceda4024b72f1ac8b5b_MDs1LDM7MTUsMTsxNSw0OzE1.exe	28
PID 2720 wrote to memory of 764	2720	BlueStacks10Installer_10.10.7.1004_native_ce7831f0822d7ceda4024b72f1ac8b5b_MDs1LDM7MTUsMTsxNSw0OzE1.exe	28
PID 2720 wrote to memory of 764	2720	BlueStacks10Installer_10.10.7.1004_native_ce7831f0822d7ceda4024b72f1ac8b5b_MDs1LDM7MTUsMTsxNSw0OzE1.exe	28
PID 764 wrote to memory of 1288	764	BlueStacksInstaller.exe	30
PID 764 wrote to memory of 1288	764	BlueStacksInstaller.exe	30
PID 764 wrote to memory of 1288	764	BlueStacksInstaller.exe	30
PID 764 wrote to memory of 1288	764	BlueStacksInstaller.exe	30

C:\Users\Admin\AppData\Local\Temp\BlueStacks10Installer_10.10.7.1004_native_ce7831f0822d7ceda4024b72f1ac8b5b_MDs1LDM7MTUsMTsxNSw0OzE1.exe
"C:\Users\Admin\AppData\Local\Temp\BlueStacks10Installer_10.10.7.1004_native_ce7831f0822d7ceda4024b72f1ac8b5b_MDs1LDM7MTUsMTsxNSw0OzE1.exe"
1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:2720
- C:\Users\Admin\AppData\Local\Temp\7zS0AA06986\BlueStacksInstaller.exe
  "C:\Users\Admin\AppData\Local\Temp\7zS0AA06986\BlueStacksInstaller.exe"
  2⤵
  - Executes dropped EXE
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of WriteProcessMemory
  PID:764
- - C:\Users\Admin\AppData\Local\Temp\7zS0AA06986\HD-CheckCpu.exe
    "C:\Users\Admin\AppData\Local\Temp\7zS0AA06986\HD-CheckCpu.exe" --cmd checkHypervEnabled
    3⤵
    - Executes dropped EXE
    PID:1288

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
f0a48de8e7247c6bcaa4285b96d28782

SHA1
9d8b5f4f380015bbb0b037a12a94e5bc0477530d

SHA256
ad390853a78ab9c31657953211f006c21c538d86a258acbd66c96157c70be386

SHA512
78b994143740e7feda32260f9c50942bc13f29ae1b176b5d815479fd1604d1ea0edcd9fe6b584638cc9048ae8cf0d6d151a2d2b689dc675bf620446735110e63

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
c860997b917300f1f41ffbfdd3432b28

SHA1
51bc792498cc6e40c965c85d6d19ceca02f9d765

SHA256
4ea20ea5c087bc5ff118ea4484c8b2e68b7048e5ec3858b1cc62cce9140f2ba4

SHA512
27eb3c022f2fad2146af0c0a2102a1476ad47c34dcd04a44d21ad16d9083f56a5914ceaaef0809e253444233471eec66379fe17159ec3f1d9c690fc77d2dd0c0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
e042fdc7cb21d1e2c44371844979e0ed

SHA1
484b54e37abdd0ce42730233117e9c70d41664c7

SHA256
2d40276c04ac6f849745310850d7b0da2c3ee3652ce9023ac58ce3d2b7a578f7

SHA512
cda69e3e1f99a279d7e9bdacf6eeaaaf1c331b876efa83adcdf642d386264b5a26077bf291f8420ef8ad61bdcfbd62a0e40f298940c987a19d4b3060c07c4c09

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
38a4e97bf2b1b6e6ab2704753079a66a

SHA1
d2c062a0c2ad544553d6977dcf742f4f6182c94f

SHA256
d230dd58871f81e79525f6cb8b9d02bf83781b832889dea202deffac704a619b

SHA512
c03727e2036a26596e272bab28323e6ef35a26dd58ccdb595d00239d854f1f083b05641c5dd04d139e06555b2e53994b5e3fc782bfb504bc501fba36220da83a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ce0ba2b7d45ba084724dca80baddf550

SHA1
70b69ffb1d35f0d9f2518ae112552ca595464279

SHA256
2b2aa5d63bbd2dbb9355c366e67585b7036ad9b1b940bce30b9e426c47e97c48

SHA512
9ca192cb2f329dd2ca1d35ab22b7af06f9a1a582cd6b3388b768ec1d122bb9b24c2ca87d605921b71c13d480e800590b906a8103f0f7f0b8ad26e736cd8634ae

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
4c311d8393a78a819ef03eac15fcab16

SHA1
65a82cc05ff81f1772e7a4f14ebab018f3a11d76

SHA256
c879092f642ccf99f803938df46d6301071c5efd0747692c37f5d5b31311a7f8

SHA512
aaf2fe12d0000b3472bc6bbfc1598dc16bea0d88a2a2e980dc9d182204c8d3e437d18c7562d2b2ae2f1bfee836845e33bbde70b474accec6bf81d4fde76b6fac

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
605a23424332db79a2bd0c13056ecace

SHA1
75f10af270c7f71aad53643fa83fa3ebd7be9c21

SHA256
55aeecc28ae99a82b19637920c847155ec19cb0d306fb19a8da4b3ee65ab9ec4

SHA512
408f7d976139ad866e1a21d67a63260a565b6a4ec820495dd820a022ec1d7ab9d5a7a6998b62b6759e09d20fda30b933f9a2d07cfb808c2d6ebe3d3e940f578c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
0d7a0cd8a0b3d43d70f3d2eaa8533072

SHA1
de037e93a5723297ca479b503172b4e7a93b5040

SHA256
d43a4844f87fdec00094b7e8ba090d1c865dd7686f66a25b4861cf3d5017371a

SHA512
0114dda62695cf479dd0a2ab1ada6ef778e2d2268da095e36ca5e9bdf60e6b415292b57fcf32f2d47656615e3fbc84febb17ac0e09903cf22c511dd33e163f0f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
3af76cc176a8544dfc4baf8fbaf6b686

SHA1
b01910653326d89ef92d9d533e679f1a018cb000

SHA256
39b01e62b7c842c26cbf0e8769296d89acb9b53947be488228106872c3b51c3d

SHA512
0d50d50583671d27ae053f090fa12d9b6966f686029d33d9d3d5b2af34e21742ca540a1b3d4f288e436821c07d9659d15e8ee721c1f3f5b61d36bfdbd5182dda

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
a6565d0f70814e125d8d764ef8d579b3

SHA1
de8b46d67fd89205ab5bad5242cd3fd9727911c5

SHA256
24fcb1616c761e897ca5ec2aca15c1551fcc26e9045c94c6cbc19327bd66b790

SHA512
31122e257090246758be89a831b931cb02ab814de0737660f354ec0a73ca5d99f04910fe07af5a15414759ae1955e8fcdf804d6a40486bc2f0a613c0ed34a6b9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
5ffc2293c69c9f416c012e95945847d9

SHA1
a158122a8b72e58ced1cd127c466454fdf3df83b

SHA256
73dd26ec73d89e6ba3b50fea63a425080b176c8849d48ea7222ba95c2e1ac976

SHA512
97886e1c14c3f7bec6483a1c8958f560adafdc08c31cc406b0f74e511710f5edbf3a8550d3f15f88acb68e78195371d29a5aec5d92a5e0a4e7501187a1bdc8f6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
5b69cba59e3732ddd2889795c52ddc83

SHA1
36647bd37a55576a117e56c29850bf7cc19da4cd

SHA256
be915e04c9a7383112e14cbfc56aa5b2435344861e6fa3f5ccd3157eb524d00b

SHA512
acffc037a375d7320c2a11f33331a2538921adf12c27360e6f39020a3db9bc4d9bfcefde80a86774c08a638c23d8fd230ffc2344690df31c790b1f7b91331a62

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
0c4639d5c91f4c11783eb0c868df7b6e

SHA1
71cb0ecd75d91e8022b8821ff5de6d04aaa975c6

SHA256
bf5f0a817e036367c6d84e0ff383238e97f5260c15d2359cc189a4a6b0489de4

SHA512
ac46535d1efb657a7fa055ff190ef4b4de7aaac9b6c22c4d9e9c49cecd6696998a05770f559eb3333d660e25988a44a05935eee587ffd2d4c38a8505a1a725d3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ad6bb8ec9beeb1bb152b97d8bea627ff

SHA1
f5f0a07c82ec59684f0554ada3ed97d2eefa9a4a

SHA256
2bf142b035c31fda189c71f749d6e2464d822cae94ea0c0337012d75c6e97810

SHA512
75e116021e9dc3cc87331f104b08827f50876de2b87239c4b5b259a958edd5f6356f24fe2ca9437c6fe34fc05fb78b78840b34f8fe5609cd749b836a77980454

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
b6b2e28f46df4b1374f5932e009e064b

SHA1
fc765863a146c98b49974f7611ac141b1a16eacf

SHA256
dd8b9a6ad9a5109e45318775a64838ce01439c8dfd98da549e499d01dfb63459

SHA512
9d641c79a146c2db37eb2b318435a8862ade33609fbe163d043576eae4cfee79da7bad102c6d4a78cb75a80c82d11696b8b77557ae1dbcaa5c526d1d5e0b4010

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
7d3e843165901f15a4f14a7229843b61

SHA1
4c602944ae5440174c1900ae98beff4431d961ea

SHA256
3079112865bc9d5816674bfcffebfd1c028a6e7cc0f18cac3be9b61ac8a4601d

SHA512
b403fb07964df3b0ddd0f56ccc3ce4d0a4fea8e0b27a8007a98a933ee78c9b2d495802639e90d65bf980d1f0426cb4dfe14b706baf3b18f914064ad90268d069

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
a44c4573049de789f668cb7da5b20451

SHA1
32fb5028f154ff91a799a87873eebac7b46b32e8

SHA256
aa6c711726b116df637663d91bbe63b0a13ba7327ddbeaa766ad02101b2c9320

SHA512
518a148d5110f5cba9bdbe0ce0162fed421daab0eea50f55e1f86e091b23cb486ad75cade1527c6795e7643565d1125271c81388dd0689a1c22ba605a2fdc36e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
7cc3c7be2a13d499168c5a4a05f2f341

SHA1
f3e9f0d49e1a0e172e772f68559531756d53d9f3

SHA256
f3c610b2ff3f81f17867cde4c6e66c786e6776d494ac9ac5cc3cc23dab730ab1

SHA512
de0d433f925a6a74243332f0df12b506b2a543977bc0d79b097c70b9556c8f9f32771d2adcef902f4baed1b2fe319a334f06d531d79705925792c74b730f404f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
2a8b72600f81a3121305ec01a5d7e7db

SHA1
878692b520014c6e2cc7a49087675455f86bbf45

SHA256
40ab89ec5c3c345edde3e5c1b1f056160fb18598c6076c463039790085f02576

SHA512
b5b8b217962727f2180d2a555328cf6da76863d1275ee6098248092f669e7024c27536d11d11695392839ac66624c952bb7465ecaed2eb234a5fcb25ccc7fcef

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS0AA06986\Assets\error_icon_72.png

Filesize
1KB

MD5
4aaf83d2b3fd56ad806708e60474df39

SHA1
144777a265879b69fadea3eb3ac6939458918578

SHA256
84e59d14d9433e6c3d92daeb8c443063b5e3be6c0b297f0403dbde473a05cb3f

SHA512
3b8485f054fe6ed2374bc81cb1786f09741219fbfcb22503707b11cf5db1ab262ba4349633597d5d9ddabc3415b170fa8eebc932f58d211d7092b8fb96fa1304

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS0AA06986\Assets\exit_close.png

Filesize
670B

MD5
26eb04b9e0105a7b121ea9c6601bbf2a

SHA1
efc08370d90c8173df8d8c4b122d2bb64c07ccd8

SHA256
7aaef329ba9fa052791d1a09f127551289641ea743baba171de55faa30ec1157

SHA512
9df3c723314d11a6b4ce0577eb61488061f2f96a9746a944eb6a4ee8c0c4d29131231a1b20988ef5454b79f9475b43d62c710839ecc0a9c98324f977cab6db68

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS0AA06986\Assets\link.png

Filesize
306B

MD5
ae2c73ee43d722c327c7fb6fdbee905c

SHA1
96f238bf53ac80f5b7a9ad6ef2531e8e3f274628

SHA256
28c0abc6bfe7a155815104883a37a53dd783d142300471064c95eddf3cae0eaf

SHA512
5a1e341f727cf1cb4832cced8e96c5a74971451629603c48bfb91ceb4561d0122ab9ae701f8b34681d5f13115a384467d430ccb8282494b40f4577ebc3ad825b

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS0AA06986\Assets\loader.png

Filesize
279B

MD5
03903fd42ed2ee3cb014f0f3b410bcb4

SHA1
762a95240607fe8a304867a46bc2d677f494f5c2

SHA256
076263cc65f9824f4f82eb6beaa594d1df90218a2ee21664cf209181557e04b1

SHA512
8b0e717268590e5287c07598a06d89220c5e9a33cd1c29c55f8720321f4b3efc869d20c61fcc892e13188d77f0fdc4c73a2ee6dece174bf876fcc3a6c5683857

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS0AA06986\Assets\minimize_progress.png

Filesize
212B

MD5
1504b80f2a6f2d3fefc305da54a2a6c2

SHA1
432a9d89ebc2f693836d3c2f0743ea5d2077848d

SHA256
2f62d4e8c643051093f907058dddc78cc525147d9c4f4a0d78b4d0e5c90979f6

SHA512
675db04baf3199c8d94af30a1f1c252830a56a90f633c3a72aa9841738b04242902a5e7c56dd792626338e8b7eabc1f359514bb3a2e62bc36c16919e196cfd94

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS0AA06986\BlueStacksInstaller.exe

Filesize
93KB

MD5
0631d018c1fea339e0a0dc2e1b5e1d40

SHA1
356930ae0b870b87bb18d94fb0912c38b13e1a7a

SHA256
42e94c345ec6bad4f1a7706c0fc024307a81f650e49f20c959094fd41af206f4

SHA512
d35d36292a321ca6810d48cc2209b1d84ca9a9de3f6fd33cba316ecdf5f1f92250869230ce9aafcb190c51bc4295f19eca20f90561ea9c34e904f9c7df456724

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS0AA06986\BlueStacksInstaller.exe

Filesize
50KB

MD5
e7fd8bd9cf31d733fda8b46f90495f55

SHA1
e7b9d61138f09147ddd39b2ec910093889afd422

SHA256
029bc8bafb9d4a04d077ec442c743061ec316aa2f35caf23bbdb2d80a8567445

SHA512
500ece32134a819862ce4254df890c899e6ef970c3734e5b6c7e98a9614beacd33c0fe3c0c3b97354468571f8e41b30039624ef8daddd35a7107ae1f99b9a0bd

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS0AA06986\BlueStacksInstaller.exe

Filesize
131KB

MD5
68efde9d9128ad8cd41b53f31514a469

SHA1
8e224d292380ffae77be7f6d4056bae50f464828

SHA256
3a57710fbf7ec00ef95bc9ae771f6033394a86eae2334b39fce2f441f29bcdd9

SHA512
dec5b175db40cbcbf33a265df1175424a1c6341456db59cedc62884e42a5cfe089f3225207480f446339c30aeda276b43c3d12eb2835cf6182ecab0f68661ff4

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS0AA06986\BlueStacksInstaller.exe.config

Filesize
324B

MD5
1b456d88546e29f4f007cd0bf1025703

SHA1
e5c444fcfe5baf2ef71c1813afc3f2c1100cab86

SHA256
d6d316584b63bb0d670a42f88b8f84e0de0db4275f1a342084dc383ebeb278eb

SHA512
c545e416c841b8786e4589fc9ca2b732b16cdd759813ec03f558332f2436f165ec1ad2fbc65012b5709fa19ff1e8396639c17bfad150cabeb51328a39ea556e6

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS0AA06986\HD-CheckCpu.exe

Filesize
3KB

MD5
5b7f8f25cf5363c452316d4fa92f884e

SHA1
a23ef0b6cb31043dff5ef7880550e62ebdbf49a0

SHA256
031bbf70e4c09bb03b148fbc0b22e24789cbd6e8db28e17eee3996bde66f9a16

SHA512
abe34b7f224b0729d56d968a4e007ed47833f39f14485eaf31999257497830abab1fdf77030bd5846723d657f8f07a5e755a81aa357789fb7eebde8d1bd6b626

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS0AA06986\HD-CheckCpu.exe

Filesize
36KB

MD5
2e6c42dff0665f508be7c0c625cb4dcc

SHA1
d04161d522bef7ec46fee74c8d24f5c158c34767

SHA256
25e59db7e852e10646110a7c6db8fc2a06e1b44f6b983b2a0e170c51fed7aa43

SHA512
4a80e7b02d622316b69df4d23a7332d5f60345ca7f3f684462f5607fbdd7c7ff76005143d4475d46345ce730df9c51d1f7e6be9002b39ddb29b2957699cfaefe

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS0AA06986\JSON.dll

Filesize
79KB

MD5
29241723b37c8c06b6434ee230bab379

SHA1
2ef9ed65bc8a864bc9a1b0d1bcb2af2cc9a7c43f

SHA256
a42f96369a0a44fccfa754b4924a9f19bd77cbbe74b639e67b5b77e04ec8418c

SHA512
30b488455988df52d45c5df86136ed865bf4c9b18b12823b71b1cd134db95a802de83294a519aa26fb26dd0c4b450e158b36a45b55784a2e2ca43b7ded5c6a96

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS0AA06986\Locales\i18n.en-US.txt

Filesize
19KB

MD5
206562eed57e938afe21fc6942fa8e59

SHA1
779e90fec866c0fd2f47da020651db71c89ec3dd

SHA256
27d611a71edf36307a7ed0651f6c5910292ac7e2b68074a7e33d306b3d93ec45

SHA512
275c3192a7aee28fad31beb521cf5e7c66010e7562ce244ba9fc4de352f35b4ab63180ed12a56ea0b1458c185e076e2d07ba6d8797467177d3c5b2ac14371b26

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS0AA06986\ThemeFile

Filesize
46KB

MD5
1bbd0e8d3b244961d63594be0e4f2dd8

SHA1
d8f1a855024a819767748e552ed232e05f9e57ba

SHA256
281ddba724b20f2e6558e7a364c18da13e0f1c98f0b29cdb5cf08431b4889413

SHA512
093c3a063cec40edeb90d7a9bc7d589c161ea5a6bbce09d7870429aeb104ea1f4353321d1941bf6eed319226bc4253e8d88bcbc772a3d4662a76d118e8cc016d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab9E83.tmp

Filesize
27KB

MD5
4eb83a5f4f3525c65c83dc6a56e14c7d

SHA1
2fdccf7071dd767e50234050f8c04bb55311e8cb

SHA256
845dd7248dfd2d7a99f5a327ddfc2d53bac5182ff7b3ee9bc5f8620cb682b7c2

SHA512
544930702b39b668c30df2e800149f54fdbc1fdec04c0daccae0be8efa6eaacb1083d48bc2ca82bd1b6b252c0a3b82d1edaf83aa82bd3a616fddf77849a49d0c

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar9EA5.tmp

Filesize
74KB

MD5
2c790a748d625acc8f06b34b8090f6b9

SHA1
f92fb9ce425551a549ba0d7f7418e949d5b23b3b

SHA256
4402ec34ffe5a09656a99013d8494ca580340aab936d251c3835925a73ac137e

SHA512
80e050af3ed20aec8123e8f8234a718d91c14060a635ffda62ab68dcdaf9de0b4acd65be74464b22fa7cb842161d21970691910e120d2e73fea8737fb2fe0df5

Download Submit
\Users\Admin\AppData\Local\Temp\7zS0AA06986\BlueStacksInstaller.exe

Filesize
76KB

MD5
18cf8be4ad0a8f4b9b62d241e485a1e6

SHA1
59b8ccbb944a3a74018eaa1cb76bc7f483b1b175

SHA256
4bd6cfcc8e260955b59be839c9e431312d6247390b4474f050752d7f19f25f84

SHA512
47bdca7090d94099c0a79aaf4b87460a442112ef357ed2b8ce638d1a42d4b6b864f5fa9254f85cddd68feba213033f19c571eb2c2ff8b46c9651a4a3360875f1

Download Submit
\Users\Admin\AppData\Local\Temp\7zS0AA06986\BlueStacksInstaller.exe

Filesize
45KB

MD5
e329a06b44cd6522592f6d83b6fd4f5b

SHA1
89a930161b7daa6e598baebb1e72a124fc2fea84

SHA256
c5dc16372a0f8ff072df7acbc2e268c54bc0d1d7e2c5ba5a9d4a2f63d382af7d

SHA512
b1a17201252cb3da9790a6c8d52f2cd8704444c12febc610ed20449bce896a0cc697fcbaaaf0fbdb98f8a282731f2dc7c36eac687353b3f48b9ebb21e5125687

Download Submit
\Users\Admin\AppData\Local\Temp\7zS0AA06986\BlueStacksInstaller.exe

Filesize
16KB

MD5
8e76c7b74193320d42936fb74eff96f6

SHA1
0c45374ffb2117fe0b22694305cef28afd1c9ebf

SHA256
de697950c934c2d107e3bbed2a1e3698257107af5431dfad935d14819e49c29c

SHA512
1659795af87d59ce2c0f5c0790f5daca0349399bde8a91c6e9f57e3949a1e1da739ba9de1e3f5abe7b3f4b8db9d671de7f637269896a02c3ba68986c2b0e362c

Download Submit
\Users\Admin\AppData\Local\Temp\7zS0AA06986\BlueStacksInstaller.exe

Filesize
101KB

MD5
bbf66fac6bccf1feabcf822d450bf2a6

SHA1
96aa28ceae5bf77ae9e371d80f202aba846eef8c

SHA256
fa48fe0d01a1bcbe07aea829e66a5be238ad4b094b959b66cef621be23b78fd9

SHA512
1a5db88c406c3859e7ebddbeafcd0e8bdfd2252b52ef03d5f2a7d2de4a50c5a174bc08df52cedbb17062e6bc5dd8175540c0d68c80f2320c2eef7b8673ef123d

Download Submit
memory/764-126-0x0000000000280000-0x00000000002E8000-memory.dmp

Filesize
416KB

Download
memory/764-180-0x000000001B010000-0x000000001B090000-memory.dmp

Filesize
512KB

Download
memory/764-296-0x000000001AE00000-0x000000001AE01000-memory.dmp

Filesize
4KB

Download
memory/764-124-0x000000001B010000-0x000000001B090000-memory.dmp

Filesize
512KB

Download
memory/764-122-0x0000000001290000-0x000000000132E000-memory.dmp

Filesize
632KB

Download
memory/764-123-0x000007FEF6020000-0x000007FEF6A0C000-memory.dmp

Filesize
9.9MB

Download
memory/764-185-0x0000000000CD0000-0x0000000000CDA000-memory.dmp

Filesize
40KB

Download
memory/764-1004-0x000007FEF6020000-0x000007FEF6A0C000-memory.dmp

Filesize
9.9MB

Download
memory/764-1005-0x000000001B010000-0x000000001B090000-memory.dmp

Filesize
512KB

Download