General
-
Target
BluestacksInstaller.exe
-
Size
80KB
-
MD5
7a8057b88626b927138a6ac40016ff6d
-
SHA1
beda666793500c73af8e4a73bf31d4831bda1a89
-
SHA256
234d2f0fab4f2399ae1c4387e9dc58a19a3ea863d82c67ab1d90378b29e7748e
-
SHA512
facc80950e636c0ef6b5bf703e9d19316d616735a7b6100c5a86897f0ee1d67668623eed5fed12a1086b85ceaadf9f8cfaddb0d2d0702b385e7a0ca5a0c5ce0b
-
SSDEEP
768:YifC8qTvhE50tEIDPiKuukR7L1ptTfFWPt9e26cOMhFaB2hBC:YiTqTvhOYEIbiKuumnBFe9e26cOMX9A
Score
10/10
Malware Config
Extracted
Family
xworm
Version
5.0
C2
19.ip.gl.ply.gg:14513
Mutex
333EKK7TuWsNmMLK
Attributes
-
Install_directory
%AppData%
-
install_file
svchost.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
BluestacksInstaller.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections