6fb5b5f3c98740730b1586998e139edb2663dd412840e1abf56e6efdfb7a9ec9 | Triage

Sharing

General

Target

BlueStacksInstaller_5.21.150.1024_native_b5d758d6571811d18e53bdfe55b20f8e_MDs1LDM7MTUsMTsxNSw0OzE1.exe
Size

910KB
Sample

240418-j6nl8ahb5v
MD5

a79a5198e121abce4acf2ae9b6d11999
SHA1

0cbf9d8b85d17112cf5555862d13d2ed1ab75718
SHA256

6fb5b5f3c98740730b1586998e139edb2663dd412840e1abf56e6efdfb7a9ec9
SHA512

3fb62bec31d66bcfd08adfe140f5dc60e741a02cf4d159b1142894495533f73f0d2d66de3df31cf477d3c5e7e886731a864563c10189148a42969ceb9f8c1f49
SSDEEP

12288:BivtCXQd0gjKX7zuqGKhD779TxgE98I17YpNgc8gJ68Va02CGTdeeflae1PcuBYW:BivtCXWeGK59Txt9OkcR8fQeaSz2BYaQ

Score

6^/10

discovery evasion

Malware Config

Targets

- Target
  
  BlueStacksInstaller_5.21.150.1024_native_b5d758d6571811d18e53bdfe55b20f8e_MDs1LDM7MTUsMTsxNSw0OzE1.exe
- Size
  
  910KB
- MD5
  
  a79a5198e121abce4acf2ae9b6d11999
- SHA1
  
  0cbf9d8b85d17112cf5555862d13d2ed1ab75718
- SHA256
  
  6fb5b5f3c98740730b1586998e139edb2663dd412840e1abf56e6efdfb7a9ec9
- SHA512
  
  3fb62bec31d66bcfd08adfe140f5dc60e741a02cf4d159b1142894495533f73f0d2d66de3df31cf477d3c5e7e886731a864563c10189148a42969ceb9f8c1f49
- SSDEEP
  
  12288:BivtCXQd0gjKX7zuqGKhD779TxgE98I17YpNgc8gJ68Va02CGTdeeflae1PcuBYW:BivtCXWeGK59Txt9OkcR8fQeaSz2BYaQ
Score

6^/10

discovery evasion
- Downloads MZ/PE file
- Modifies Windows Firewall
  evasion
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasion