Celery Bootstrapper[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Celery Bootstrapper.exe
Size

223KB
MD5

f7f4e47abe75ec71219f9a21c697a313
SHA1

7c5c310ee0c84eae34c78cf1443fb307f23738ea
SHA256

0d45c02ee37be22025a22dc6703420a480612ec814abfe727d7a92fefad20540
SHA512

ad52c188a2feda596ea374111831426fb95a5dc50f16bd22a2ec53ff37039572a36078bcdae49e3ad78c77f94c40b372979f830c02fbc707e804225b7abd4f63
SSDEEP

3072:8Q2x3H257IzzCc2AHpQI2Z+Kin9A04wWhu2RuAGxB4:8Q2x3NWx4t2Z+Ki9x4wv2E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Celery Bootstrapper.exe

Files

Celery Bootstrapper.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 127KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ