ea0a7d2a8597c2d3c98bf48518075ffd9cca35144d9a85cf2d5c6e5b736151ba

Analysis

max time kernel
155s
max time network
164s
platform
windows10-2004_x64
resource
win10v2004-20240412-en
resource tags

arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
submitted
22-04-2024 16:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

CeleryX/Celery X.exe
Size

852.0MB
MD5

d628f8810e66912a850e33fd64845946
SHA1

0d5e42e3aeffe8b790f0cc0a6a25c417e0fc779a
SHA256

62c4009f76be3201b81d215e99d255196c7e0e4d926cc3cb8215e97b1db4f3d0
SHA512

eede6f0a2a514a2dd53377f2dd354efc5ccacb66dcdeced6344fd68f26630ce8cadc34af7191f8598f0124169098a41b3c243e6d2d1437dee83f6189b7f19430
SSDEEP

6144:glkR8eJ4F0MpFgkN2swVLq0pKG/ZdVj8bXqv0MBN7EzWcKq3jXycUsn8b:gfj2zVq6KG/HVTsMb/4icUP

Score

6^/10

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs

Web Service
T1102

Processes:

flow ioc

59 bitbucket.org
61 bitbucket.org

flow	ioc
59	bitbucket.org
61	bitbucket.org

Suspicious use of WriteProcessMemory 3 IoCs

Processes:

Celery X.exe

description	pid	process	target process
PID 2268 wrote to memory of 1628	2268	Celery X.exe	RegAsm.exe
PID 2268 wrote to memory of 1628	2268	Celery X.exe	RegAsm.exe
PID 2268 wrote to memory of 1628	2268	Celery X.exe	RegAsm.exe

C:\Users\Admin\AppData\Local\Temp\CeleryX\Celery X.exe
"C:\Users\Admin\AppData\Local\Temp\CeleryX\Celery X.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2268

C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
2⤵
PID:1628

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

T1102

Impact

Resource Development

Reconnaissance

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads