General

  • Target

    celestial.exe

  • Size

    77.2MB

  • Sample

    230930-aqymtagh44

  • MD5

    b91e8ea9ea0bc528dc4f2dbb2a968c07

  • SHA1

    daa397e6d7af01af5f689a86e9ccee7b67ee8539

  • SHA256

    0c1257509bdb422b3ae395820418a06e8c3e89fc13597774f253cd888d4e81ca

  • SHA512

    da558095bad30b493ac425b2c26b02c0e882ce1b08404d26f1dfad40bcc4f0bfbb8eff6069d3028963790e8287f4c1847a556a7681e4558c64211fcc2d2575fb

  • SSDEEP

    1572864:F2MTiQYHJidKSk8IpG7V+VPhqoHEE7lftaHp5tWWlXxTa9k4VTWMaUEBjIYg:FZTixpQKSkB05awoHQJjl3Ty9VTzaUEs

Malware Config

Targets

    • Target

      celestial.exe

    • Size

      77.2MB

    • MD5

      b91e8ea9ea0bc528dc4f2dbb2a968c07

    • SHA1

      daa397e6d7af01af5f689a86e9ccee7b67ee8539

    • SHA256

      0c1257509bdb422b3ae395820418a06e8c3e89fc13597774f253cd888d4e81ca

    • SHA512

      da558095bad30b493ac425b2c26b02c0e882ce1b08404d26f1dfad40bcc4f0bfbb8eff6069d3028963790e8287f4c1847a556a7681e4558c64211fcc2d2575fb

    • SSDEEP

      1572864:F2MTiQYHJidKSk8IpG7V+VPhqoHEE7lftaHp5tWWlXxTa9k4VTWMaUEBjIYg:FZTixpQKSkB05awoHQJjl3Ty9VTzaUEs

    Score
    9/10
    • Enumerates VirtualBox DLL files

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks