Overview

overview

10

Static

static

9

Celery/Cel...er.exe

windows7-x64

10

Celery/Cel...er.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Celery.rar

  • Size

    10.0MB

  • Sample

    240418-twdz5she52

  • MD5

    73faee0a21e60120a2b839cc35c29263

  • SHA1

    b12d8ae01e6e031dc2a7e740dfc66e4622ba0345

  • SHA256

    9e8a95a7453aae2e6ba52928cf4daf92957c7c85d3f256302182c37749e131e2

  • SHA512

    dcc06d97cabe304af934e697930ebae22d10f358e496f5a5b58924cef7fca4973c17b46440672120f5a47e915e3e45e6914d9ffbf5a2a75f88b0b464ed1a77f7

  • SSDEEP

    196608:j/6R3rd4ewR5Ilnucyvsdg/KsjmIA1dO1zi8B2/HsIVtjcZa0Ji3O:Do3rz6KubUsKEFA1Mzi8B2/HsOtjN4i+

Score
10/10
riseprocryptonepackerstealer

Malware Config

Targets

    • Target

      Celery/Celery Launcher.exe

    • Size

      287.0MB

    • MD5

      feaef80a175e24dbf45cb0f3561f4891

    • SHA1

      dd8652d5623aec0e0de66f50df8d75c3cb54e050

    • SHA256

      6b5c7a2136f31631e64960abe17dea5a4eccf9f40943f0f492bc397c8189d5a3

    • SHA512

      218c01e342aead4a1094ee57344d29ecde0fbe8216d270ba376344790e0202eaea161be52e183c5442a45b55c657cf8340b6f027288ceaf790069f111994101d

    • SSDEEP

      49152:Ght9sTkCObgYD//RcCHEDIpPmChB2iqUL7h5IGn:Ght9bCOblJcqIIJtMq5H

    Score
    10/10
    riseprostealer

    • RisePro

      RisePro stealer is an infostealer distributed by PrivateLoader.

      stealerrisepro

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Process Discovery

1
T1057

Remote System Discovery

1
T1018

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks