Overview

overview

7

Static

static

3

CeleryInstaller.exe

windows7-x64

6

CeleryInstaller.exe

windows10-2004-x64

7

Resubmissions

13/06/2023, 00:04

230613-acktssec23 7

13/06/2023, 00:00

230613-aaqx2aeg61 7

12/06/2023, 23:31

230612-3h3wsaeg2w 10

Sharing

Copy URL Twitter E-mail

General

  • Target

    CeleryInstaller.exe

  • Size

    10.1MB

  • Sample

    230613-aaqx2aeg61

  • MD5

    fd23d97b78d51034a86526de77ba47ca

  • SHA1

    bb83b7a2c1c86a3af35e08423cd5baf5bfed501d

  • SHA256

    39bc9e4b9ceb41eac7d35106aadf27e6565157f7dc5a3e7bef7bf11bfd08e8ce

  • SHA512

    9fe77b20854f39a6c3d920d2de0597e18127adfff1dc9fa5adb33d137cc12253e84b8091cf3e3ebe31d153f7b4641371872e4b2dd6a84b947cc174ad896e9e92

  • SSDEEP

    98304:AoTazw5obx71Iowg4i/bFqYTpGnVvd+0:bTazwIx71IowgTbFqepGV1+0

Score
7/10

Malware Config

Targets

    • Target

      CeleryInstaller.exe

    • Size

      10.1MB

    • MD5

      fd23d97b78d51034a86526de77ba47ca

    • SHA1

      bb83b7a2c1c86a3af35e08423cd5baf5bfed501d

    • SHA256

      39bc9e4b9ceb41eac7d35106aadf27e6565157f7dc5a3e7bef7bf11bfd08e8ce

    • SHA512

      9fe77b20854f39a6c3d920d2de0597e18127adfff1dc9fa5adb33d137cc12253e84b8091cf3e3ebe31d153f7b4641371872e4b2dd6a84b947cc174ad896e9e92

    • SSDEEP

      98304:AoTazw5obx71Iowg4i/bFqYTpGnVvd+0:bTazwIx71IowgTbFqepGV1+0

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks