Overview

overview

10

Static

static

9

by Cel3ry V2.2.1.zip

windows10-2004-x64

1

Celery.rar

windows10-2004-x64

3

Celery/Celery V2.exe

windows10-2004-x64

10

$INTERNET_...essive

windows10-2004-x64

1

$INTERNET_CACHE/Autos

windows10-2004-x64

1

$INTERNET_...rettes

windows10-2004-x64

1

$INTERNET_...lexity

windows10-2004-x64

1

$INTERNET_CACHE/Even

windows10-2004-x64

1

$INTERNET_...Harold

windows10-2004-x64

1

$INTERNET_CACHE/He

windows10-2004-x64

1

$INTERNET_CACHE/Herb

windows10-2004-x64

1

$INTERNET_...ndiana

windows10-2004-x64

1

$INTERNET_CACHE/Kent

windows10-2004-x64

1

$INTERNET_...Option

windows10-2004-x64

1

$INTERNET_...anizer

windows10-2004-x64

1

$INTERNET_...Outlet

windows10-2004-x64

1

$INTERNET_...minder

windows10-2004-x64

1

$INTERNET_...quests

windows10-2004-x64

1

$INTERNET_...mebody

windows10-2004-x64

1

$INTERNET_...Suited

windows10-2004-x64

1

$INTERNET_...Temple

windows10-2004-x64

1

$INTERNET_...lletin

windows10-2004-x64

1

Celery/dll...32.dll

windows10-2004-x64

1

Celery/dll...32.lib

windows10-2004-x64

3

Celery/dll...SE.txt

windows10-2004-x64

1

Celery/dll...wp.dll

windows10-2004-x64

1

Celery/dll...uwpver

windows10-2004-x64

1

Celery/dll/uwpoff.bin

windows10-2004-x64

3

Celery/dll/uwpoffver

windows10-2004-x64

1

Celery/dll...on.txt

windows10-2004-x64

1

Celery/scr...ts.dll

windows10-2004-x64

1

README.txt

windows10-2004-x64

1

Analysis

  • max time kernel
    1741s
  • max time network
    1177s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240412-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20-04-2024 18:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Celery/dll/VMProtectSDK32.dll

  • Size

    98KB

  • MD5

    7ff7f1e0cc2bb5a6eac9c21762ee66b2

  • SHA1

    8e8b1e55c1ae4c6d07c79d120182acd3a5db64d5

  • SHA256

    ac25bf2734049c16094a1b0d5c1749d11f10f2655d59fa6cfe923e12956f2074

  • SHA512

    f29c814f327f379a72823bbae55d0fd3df792f7d4f21cd8939f7fab266d3cb8e075c05938da667d4d674b30d61ff088f2c9b55cf822471f65cd2ae3a52ababe9

  • SSDEEP

    1536:rT33kLmdI52QC2mCYKw2cr2RhXbZ9qu/nDw2a1+YRroJQusWMIcdw/0YXowGF:lhQC2mCYK3RhrZ9dPk2Q9yMJw/0YRG

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\Celery\dll\VMProtectSDK32.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4904
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\Celery\dll\VMProtectSDK32.dll,#1
      2⤵
        PID:3556

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads