Analysis
-
max time kernel
0s -
max time network
0s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
05-05-2024 15:02
Behavioral task
behavioral1
Sample
celexloader.exe
Resource
win7-20240221-en
General
-
Target
celexloader.exe
-
Size
20.3MB
-
MD5
f9fcee41e19b5c2adbdc2e697a0d2fc4
-
SHA1
265d8835c00e6436fd694c21bb01d2563639da02
-
SHA256
3d7baa7abcea273272972b5fd43a9dfa664052a81200e593cc6a5d9dc5d61f29
-
SHA512
4253d98c5f3f61db5cea6a09c00ecddb668a60635f13bfc233347d7666a1e0cbeafbdc180d763e0bd4cfc0aaacba27fa224107e2265336e119a0d425181fec6c
-
SSDEEP
393216:WEkZQtsut4P8AxYDX1+TtIiFqCuARuAQsFXmbBrk4jZ60bTM31vnC:WhQtsczX71QtI1CuAgs8BA4V3bTm1vC
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
pid Process 2752 celexloader.exe -
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 1712 wrote to memory of 2752 1712 celexloader.exe 29 PID 1712 wrote to memory of 2752 1712 celexloader.exe 29 PID 1712 wrote to memory of 2752 1712 celexloader.exe 29
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
5.5MB
MD5387bb2c1e40bde1517f06b46313766be
SHA1601f83ef61c7699652dec17edd5a45d6c20786c4
SHA2560817a2a657a24c0d5fbb60df56960f42fc66b3039d522ec952dab83e2d869364
SHA512521cde6eaa5d4a2e0ef6bbfdea50b00750ae022c1c7bd66b20654c035552b49c9d2fac18ef503bbd136a7a307bdeb97f759d45c25228a0bf0c37739b6e897bad