General
-
Target
celestial.exe
-
Size
77.2MB
-
Sample
230930-aqymtagh44
-
MD5
b91e8ea9ea0bc528dc4f2dbb2a968c07
-
SHA1
daa397e6d7af01af5f689a86e9ccee7b67ee8539
-
SHA256
0c1257509bdb422b3ae395820418a06e8c3e89fc13597774f253cd888d4e81ca
-
SHA512
da558095bad30b493ac425b2c26b02c0e882ce1b08404d26f1dfad40bcc4f0bfbb8eff6069d3028963790e8287f4c1847a556a7681e4558c64211fcc2d2575fb
-
SSDEEP
1572864:F2MTiQYHJidKSk8IpG7V+VPhqoHEE7lftaHp5tWWlXxTa9k4VTWMaUEBjIYg:FZTixpQKSkB05awoHQJjl3Ty9VTzaUEs
Behavioral task
behavioral1
Sample
celestial.exe
Resource
win10v2004-20230915-en
Malware Config
Targets
-
-
Target
celestial.exe
-
Size
77.2MB
-
MD5
b91e8ea9ea0bc528dc4f2dbb2a968c07
-
SHA1
daa397e6d7af01af5f689a86e9ccee7b67ee8539
-
SHA256
0c1257509bdb422b3ae395820418a06e8c3e89fc13597774f253cd888d4e81ca
-
SHA512
da558095bad30b493ac425b2c26b02c0e882ce1b08404d26f1dfad40bcc4f0bfbb8eff6069d3028963790e8287f4c1847a556a7681e4558c64211fcc2d2575fb
-
SSDEEP
1572864:F2MTiQYHJidKSk8IpG7V+VPhqoHEE7lftaHp5tWWlXxTa9k4VTWMaUEBjIYg:FZTixpQKSkB05awoHQJjl3Ty9VTzaUEs
Score9/10-
Enumerates VirtualBox DLL files
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-