08d9cc9df0f3b1467038fc2921c6629998a5ee54e93f45687deedd4acdbbb73b

Submit
Reports

Overview

overview

Static

static

Android.Im...32.zip

windows7-x64

Android.Im...32.zip

windows10-2004-x64

Android Im...ck.exe

windows7-x64

Android Im...ck.exe

windows10-2004-x64

Android Im...ck.exe

windows7-x64

Android Im...ck.exe

windows10-2004-x64

Android Im...er.jar

windows7-x64

Android Im...er.jar

windows10-2004-x64

Android Im...p2.exe

windows7-x64

Android Im...p2.exe

windows10-2004-x64

Android Im...at.exe

windows7-x64

Android Im...at.exe

windows10-2004-x64

Android Im...od.exe

windows7-x64

Android Im...od.exe

windows10-2004-x64

Android Im.../empty

windows7-x64

Android Im.../empty

windows10-2004-x64

Android Im...yblock

windows7-x64

Android Im...yblock

windows10-2004-x64

Android Im...bprivk

windows7-x64

Android Im...bprivk

windows10-2004-x64

Android Im...io.exe

windows7-x64

Android Im...io.exe

windows10-2004-x64

Android Im...ut.exe

windows7-x64

Android Im...ut.exe

windows10-2004-x64

Android Im...-1.dll

windows7-x64

Android Im...-1.dll

windows10-2004-x64

Android Im....1.dll

windows7-x64

Android Im....1.dll

windows10-2004-x64

Android Im...-1.dll

windows7-x64

Android Im...-1.dll

windows10-2004-x64

Android Im...-2.dll

windows7-x64

Android Im...-2.dll

windows10-2004-x64

Analysis

max time kernel
28s
max time network
33s
platform
windows7_x64
resource
win7-20230220-en
resource tags

arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
submitted
09-05-2023 00:39

Sharing

Copy URL

Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Android.Image.Kitchen.v3.8-Win32.zip

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

Android.Image.Kitchen.v3.8-Win32.zip

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

Android Image Kitchen/android_win_tools/blobpack.exe

Resource

win7-20230220-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral4

Sample

Android Image Kitchen/android_win_tools/blobpack.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral5

Sample

Android Image Kitchen/android_win_tools/blobunpack.exe

Resource

win7-20230220-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral6

Sample

Android Image Kitchen/android_win_tools/blobunpack.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral7

Sample

Android Image Kitchen/android_win_tools/boot_signer.jar

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

Android Image Kitchen/android_win_tools/boot_signer.jar

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

Android Image Kitchen/android_win_tools/bzip2.exe

Resource

win7-20230220-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral10

Sample

Android Image Kitchen/android_win_tools/bzip2.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral11

Sample

Android Image Kitchen/android_win_tools/cat.exe

Resource

win7-20230220-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral12

Sample

Android Image Kitchen/android_win_tools/cat.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral13

Sample

Android Image Kitchen/android_win_tools/chmod.exe

Resource

win7-20230220-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral14

Sample

Android Image Kitchen/android_win_tools/chmod.exe

Resource

win10v2004-20230221-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral15

Sample

Android Image Kitchen/android_win_tools/chromeos/empty

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

Android Image Kitchen/android_win_tools/chromeos/empty

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

Android Image Kitchen/android_win_tools/chromeos/kernel.keyblock

Resource

win7-20230220-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral18

Sample

Android Image Kitchen/android_win_tools/chromeos/kernel.keyblock

Resource

win10v2004-20230220-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral19

Sample

Android Image Kitchen/android_win_tools/chromeos/kernel_data_key.vbprivk

Resource

win7-20230220-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral20

Sample

Android Image Kitchen/android_win_tools/chromeos/kernel_data_key.vbprivk

Resource

win10v2004-20230220-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral21

Sample

Android Image Kitchen/android_win_tools/cpio.exe

Resource

win7-20230220-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral22

Sample

Android Image Kitchen/android_win_tools/cpio.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral23

Sample

Android Image Kitchen/android_win_tools/cut.exe

Resource

win7-20230220-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral24

Sample

Android Image Kitchen/android_win_tools/cut.exe

Resource

win10v2004-20230221-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral25

Sample

Android Image Kitchen/android_win_tools/cygbz2-1.dll

Resource

win7-20230220-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral26

Sample

Android Image Kitchen/android_win_tools/cygbz2-1.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral27

Sample

Android Image Kitchen/android_win_tools/cygcrypto-1.1.dll

Resource

win7-20230220-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral28

Sample

Android Image Kitchen/android_win_tools/cygcrypto-1.1.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral29

Sample

Android Image Kitchen/android_win_tools/cyggcc_s-1.dll

Resource

win7-20230220-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral30

Sample

Android Image Kitchen/android_win_tools/cyggcc_s-1.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral31

Sample

Android Image Kitchen/android_win_tools/cygiconv-2.dll

Resource

win7-20230220-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral32

Sample

Android Image Kitchen/android_win_tools/cygiconv-2.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

2 signatures

150 seconds

Report Analysis Logs

General

Target

Android Image Kitchen/android_win_tools/blobpack.exe
Size

9KB
MD5

0bb5e2d447af1c12a55c87963713a8e7
SHA1

93243f611f706c18d36ecf6e0d0a2c9fa8d42dc4
SHA256

bd97d3dd6f0d416d44fda5136f030c4bfacebfb661e0c5df078b32360d6aca9e
SHA512

7bb48baa024d2f8e3edf0726189c7cc3bd84edbc020005a0bd3a4915ac53c6657967081337f1f024e2a79909405c025bad5ff0ea191737d0f9450d5ff7747a6c
SSDEEP

96:c3lfymxn0op2WHIpoNMtMwseckK7E7/rKk2Yb5uHHtN/ewVXvY7llfKRqzXJu:6xn0oMNCNSMGAceJYNSWwVXvsCszg

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 3 IoCs

Processes:

blobpack.exe

description pid process

Token: SeRestorePrivilege 1424 blobpack.exe
Token: SeBackupPrivilege 1424 blobpack.exe
Token: SeDebugPrivilege 1424 blobpack.exe

description	pid	process
Token: SeRestorePrivilege	1424	blobpack.exe
Token: SeBackupPrivilege	1424	blobpack.exe
Token: SeDebugPrivilege	1424	blobpack.exe

Processes

C:\Users\Admin\AppData\Local\Temp\Android Image Kitchen\android_win_tools\blobpack.exe
"C:\Users\Admin\AppData\Local\Temp\Android Image Kitchen\android_win_tools\blobpack.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:1424

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1424-54-0x0000000000400000-0x000000000040A000-memory.dmp

Filesize
40KB

Download
memory/1424-56-0x0000000061000000-0x00000000614F0000-memory.dmp

Filesize
4.9MB

Download