General
-
Target
BlueStacks10Installer_10.41.218.1001_native_4193c2c7c9ecd6086f79e1b24a2d3501_MDs1LDM7MTUsMTsxNSw0OzE1LA==.exe
-
Size
911KB
-
Sample
240710-wmzxcsvakh
-
MD5
05cd50890a8efa95d686384d2d96c530
-
SHA1
ad496d950142315aa8662edb002549e84d3de424
-
SHA256
6d996f70f6b9f99e4ae0aad1f28d224c84c22194551ca4e21f56127eb563faea
-
SHA512
6dc050e3c6577299ba4bcc306d1866ddea3eb2499f75f1de96e435d03f03b0ccf4021602be0eb6c816d7a0e81ce29590de247a084d67e88a64fa6ced4043bcf3
-
SSDEEP
24576:bivtCXWeGKM8WolR74uEFQWa3GZllJCGt3:+tCXWPIWofUuCQWa25JN3
Malware Config
Targets
-
-
Target
BlueStacks10Installer_10.41.218.1001_native_4193c2c7c9ecd6086f79e1b24a2d3501_MDs1LDM7MTUsMTsxNSw0OzE1LA==.exe
-
Size
911KB
-
MD5
05cd50890a8efa95d686384d2d96c530
-
SHA1
ad496d950142315aa8662edb002549e84d3de424
-
SHA256
6d996f70f6b9f99e4ae0aad1f28d224c84c22194551ca4e21f56127eb563faea
-
SHA512
6dc050e3c6577299ba4bcc306d1866ddea3eb2499f75f1de96e435d03f03b0ccf4021602be0eb6c816d7a0e81ce29590de247a084d67e88a64fa6ced4043bcf3
-
SSDEEP
24576:bivtCXWeGKM8WolR74uEFQWa3GZllJCGt3:+tCXWPIWofUuCQWa25JN3
Score6/10-
Downloads MZ/PE file
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1