General
-
Target
BlueStacksInstaller_5.21.580.1017_native_a9cf918def6c19508b40724c15e0ef39_MzsxNSwwOzUsMTsxNSw0OzE1LA==.exe
-
Size
913KB
-
Sample
240927-sr454ayekn
-
MD5
f1bb3d158ae71c6e53bd8b57561cf884
-
SHA1
aaed1e9200eac90a1bb7bb2faef792bdc1f9f8a6
-
SHA256
d96d4767376191859f5738ced9e0c65e85497f34949d3e598bb34b98e04c9542
-
SHA512
4f7270869e2f62d9b521c0c8330f577c5654ca0799e4a73efe13ebf8f5cf56bfd23e7a05698acac53721c4ec830cc928d046b6c6d4fb84a75d257751199390ee
-
SSDEEP
12288:QivtCXQd0gjKX7zuqGKk5Ha3z1cNoaMOKfXpFK0BZxJrk/ttoD7/S4uuJ5Bz9rzZ:QivtCXWeGKk8kKvrLBZfk1+PrJ5Bz9fZ
Malware Config
Targets
-
-
Target
BlueStacksInstaller_5.21.580.1017_native_a9cf918def6c19508b40724c15e0ef39_MzsxNSwwOzUsMTsxNSw0OzE1LA==.exe
-
Size
913KB
-
MD5
f1bb3d158ae71c6e53bd8b57561cf884
-
SHA1
aaed1e9200eac90a1bb7bb2faef792bdc1f9f8a6
-
SHA256
d96d4767376191859f5738ced9e0c65e85497f34949d3e598bb34b98e04c9542
-
SHA512
4f7270869e2f62d9b521c0c8330f577c5654ca0799e4a73efe13ebf8f5cf56bfd23e7a05698acac53721c4ec830cc928d046b6c6d4fb84a75d257751199390ee
-
SSDEEP
12288:QivtCXQd0gjKX7zuqGKk5Ha3z1cNoaMOKfXpFK0BZxJrk/ttoD7/S4uuJ5Bz9rzZ:QivtCXWeGKk8kKvrLBZfk1+PrJ5Bz9fZ
Score8/10-
Path Permission
Adversaries may modify directory permissions/attributes to evade access control lists (ACLs) and access protected files.
-
Gatekeeper Bypass
Adversaries may modify file attributes and subvert Gatekeeper functionality to evade user prompts and execute untrusted programs. Gatekeeper is a set of technologies that act as layer of Apples security model to ensure only trusted applications are executed on a host.
-
File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity. Malware, tools, or other non-native files dropped or created on a system by an adversary (ex: Ingress Tool Transfer) may leave traces to indicate to what was done within a network and how. Removal of these files can occur.
-