3de43ae3db6b73cab9c9e0eae4df075e053a86f6a1ded79e175557fab7e0f0d8

Sharing

Copy URL

Twitter E-mail

General

Target

Release.zip
Size

25.7MB
Sample

240513-x57klabf39
MD5

adde79aa105d73da1f5f5979ba649bad
SHA1

94144af67ded629b16348656df8fbbcde27956ce
SHA256

3de43ae3db6b73cab9c9e0eae4df075e053a86f6a1ded79e175557fab7e0f0d8
SHA512

efd98d4750c48c951cfd99d55e2220fb5d3b2fe61717b5b84325035448b4c91e02cb3795882f6632fb313106009c74b88f07fe82784c806cbf48223adda38fa8
SSDEEP

393216:8jrZQ+19IuYLeHOj3BPLHyUHwfZxxh0cjWI+7V2woVdMYs+QIZboUnG5sJvU:yL1CB39LSUHwfZxxBjKAXs+1RoUnGL

Score

3^/10

Malware Config

Targets

- Target
  
  Release/BetterFolderBrowser.dll
- Size
  
  12KB
- MD5
  
  fff67e7d52b58a11d456a1d5cd2ba294
- SHA1
  
  6dea84a0a060c39c93b1e3f404270c039d3dbfdd
- SHA256
  
  5334c9c4eb567a89e4644df868d7fb6e242a3ea422b2ce9283843970ec756372
- SHA512
  
  fc8cc5fbc624559e03e70c48bd4e6e4595b1784fdf2c258b33ddb3410bdd93dcf26f3b5db4e4d0d8f133e8df93fe95ab93a703efa92a0a4133f57f48ebd6ea74
- SSDEEP
  
  192:2ZPVABalnP/VYkWdcHIp3RgzK/RGLHdnKuWGIBC0p++kVX805N9:2ABk1W4Ip3ez4RoF2+bR805N9
Score

1^/10
behavioral1
- Target
  
  Release/BetterFolderBrowser.xml
- Size
  
  15KB
- MD5
  
  29a297bcd05bf0a970869ec75f9794b7
- SHA1
  
  090f9868d21b2f36c11f75d08d6ebdf28bcef059
- SHA256
  
  96f0967cbbf9be567e3dfdf5fef669591133ff7868cf19914f3026efd4580a96
- SHA512
  
  e9160376dff6b40c89b4ddb3ab61de1afc165a09b51b1c4c4c659fedf2e57ed08d4b37f3b0b01dc6196314c88ac1112d095960addbeca64be2da3399d17b45e0
- SSDEEP
  
  192:hfWuaVqHMZAtMKA5K0j6DfwUrbfxrbfWtcpDhUBcqPwkvcWD4:hfTH66GGDf9bf1bfWSDhUBcq4
Score

1^/10
behavioral2
- Target
  
  Release/CeleryApp.exe
- Size
  
  8.7MB
- MD5
  
  6228e8d07dc983c0afb22323bf704fd9
- SHA1
  
  1903fb4bbfd545db6a67263ebcbbca47e6d35251
- SHA256
  
  ee662c7bc46baa480b0fa76be9b4bf1db70977b570e41405a26bfe430cdc7e8d
- SHA512
  
  3564cf8f5503e55d587cc21dc25d80b71eef1b1baaf187af4a8f8b4da89d8ddcb37cd4063aa4ffdd824f9c48a1bc1bae7259b7a02033a5c4423680172c0b0fee
- SSDEEP
  
  98304:qKWgLIRfyC7egWJ3PJzdjf4fwraOWcD9XdMPABIw/t6KHDicVwzUsba:qKWguhega4fJOWs9XNBZ16M2cuU
Score

1^/10
behavioral3
- Target
  
  Release/CeleryIn.bin
- Size
  
  44KB
- MD5
  
  adeaadf2945efc515199e48671681e38
- SHA1
  
  ca45600234f7bb97da9eb06d4d00b25bcdc0de71
- SHA256
  
  c8b7fe6d96ceb69af4919cc7d7b8ba98807576b0f9188885bbc4e319a2f29b20
- SHA512
  
  5bf49413290bd7fcbb0de64080a5d239e702cab8a623f905d9ab56dc585c9cfd64a4c3ffd6db8efdc0d3c274c13f8b9fbc1c9167099b0684ffd0f7cd1963062a
- SSDEEP
  
  768:DYaSXackllaGbo7C2m9NKKIg62OkfIMZ:DYaEjcgGcvg62OkHZ
Score

1^/10
behavioral4
- Target
  
  Release/CeleryInject.exe
- Size
  
  3.1MB
- MD5
  
  66e53760e7696b7499b96a833cf95b5b
- SHA1
  
  894ad4c70c5ac238aa9197457dded6480e6c5bb4
- SHA256
  
  ae1cef5a183c95cbd22d169f67ff066a362ed4a460b581eaf03fcf70b803cbf0
- SHA512
  
  32b167c46e1ce35dbfd3571a1fcdc332c3cfa7a875dbeb4c6d412615feef4a29dd3c4944dd89542889ab4dfa922d802a690219092113ab7e75d452b11d2abaa4
- SSDEEP
  
  24576:fDitqK9+8di9xpry900xpUthUTGhZczfAQQpDtPDGjP8YcRhpp3fGGQ2AuGYP8:fWtr7i/Q903HDhZPhDGjP8lRDp3fNAu
Score

1^/10
behavioral5
- Target
  
  Release/CeleryLauncher.dll
- Size
  
  46KB
- MD5
  
  2957c345a62b5dfbf92527393cc4c282
- SHA1
  
  6f5c96bf0c3cb95d35c8d96374959f6f53db24c8
- SHA256
  
  23c35dc5b6615c3180e8bcac6e2a80a080c622f58f56864441d9a8cbd0bc6135
- SHA512
  
  eadff1fe092aed7b50d46b4c2182ab07968a328723dcb9097380dbcea7d3a7f8d889a889a49957669a852bad9ac8fa760667d0c8576bb6a33000336ea61fa211
- SSDEEP
  
  768:83CUyTrBEBjGbYllllSllloh5jLT9Ekn2t3hjcGshoERGvgttOPtgjgAIDTQMTh:8SUyujcYllllSlllCP72t3OhoEOgtsPn
Score

1^/10
behavioral6
- Target
  
  Release/CeleryLauncher.exe
- Size
  
  149KB
- MD5
  
  584aa4415390f5f07564e41992e25352
- SHA1
  
  aa3ac49f91095fba6a3eeb5593eed2640ddcdfcb
- SHA256
  
  f8153b6baa3b9c981e8f2c98405ab25db17cb42e09a8cd1c5518a65cac197771
- SHA512
  
  4c08a8e86c8c0cdebad829d571501e17896abad6561d98669999dcc287b25a1633539773d1d249c3aa314ff750ab57e5251676b10a010c5be35d9f894ad35bb4
- SSDEEP
  
  3072:D8vbzyQ6Y1YXrbNK+3FNxacPEMk65RQAYTW3:DszAXNK+3FVFRQnTW
Score

1^/10
behavioral7
- Target
  
  Release/CeleryLauncher.runtimeconfig.json
- Size
  
  372B
- MD5
  
  d94cf983fba9ab1bb8a6cb3ad4a48f50
- SHA1
  
  04855d8b7a76b7ec74633043ef9986d4500ca63c
- SHA256
  
  1eca0f0c70070aa83bb609e4b749b26dcb4409784326032726394722224a098a
- SHA512
  
  09a9667d4f4622817116c8bc27d3d481d5d160380a2e19b8944bdd1271a83f718415ce5e6d66e82e36819e575ec1b55f19c45213e0013b877b8d61e6feb9d998
Score

3^/10
behavioral8
- Target
  
  Release/CeleryLogo.ico
- Size
  
  4KB
- MD5
  
  3246befa41923904f2963da9b19c2dd7
- SHA1
  
  fdfec504286148eb258e87298df30fac0e1cb606
- SHA256
  
  eabe2efbb4f11ff62c0fd16f8aa5e932a52d8f0603226b8b8320e00335bda70b
- SHA512
  
  7e234fb730c67e233cac775feb793376fcd9a9548025867ffbf9420398fccc72287bc39162cdacfba6b43613fa54695a1c0b8a14b45f6a381959d3e4cb728185
- SSDEEP
  
  48:4MR4sNF78zZHhU2fjhzoivJxBx9thQPvsFwz10C6u4N2y+AIXanZ2xuxh+7P:HmM8/WijFtYaQ0juXj/y56P
Score

3^/10
behavioral9
- Target
  
  Release/CeleryLogo.png
- Size
  
  14KB
- MD5
  
  bac9347d28295cb29b8be12e770fadec
- SHA1
  
  b2c6c46fea41e95e983dde4c4a215ea9ed2f447c
- SHA256
  
  bdaaba382b0884c9e3416fd5d0d3d6024e3a8f8ecc89e218aa36bc914ebe9114
- SHA512
  
  2726fe9f8d6b406aac086ac0c38c613413d648f0501fcaf14a9d97d8804e0089ac38f7c53b5077c287ddcd71043c4b2fb9fd8266c27bb0b51bccdcf7f9e495fc
- SSDEEP
  
  384:Z44yCiwSneFfrIOKB2nFg7+c52PkjTtKsDgtE8NIHRAe:x6Cf/KUF45PjEsS6ye
Score

3^/10
behavioral10
- Target
  
  Release/Costura.dll
- Size
  
  4KB
- MD5
  
  501981c7fc457d59238eb99780efb615
- SHA1
  
  f1f25c01f6acf33bdd62c4f82d3ef078e76f0906
- SHA256
  
  41bb464ac7c0d192641077e44a59d7d89860c3c620a59961f2fc4a4be47deae3
- SHA512
  
  5921d0662add6c8aa075106878cc56335ccbf059d8bc7f359fe9e02a52ec657c3e5df1c718929564c09f205e4bd299b086f3e7424141f5e55ed0d756f65ee1e8
- SSDEEP
  
  48:6F+lni2qJfjVRPGwzCo4MhTN0KDdilETrVsH4/QWk1qyFVT2IbG:7g7KedGEiYIWM2
Score

1^/10
behavioral11
- Target
  
  Release/Costura.xml
- Size
  
  671B
- MD5
  
  fd011713c0a2dbc1d90507a54e9c7b3b
- SHA1
  
  edd14b69941c44e8914f23cda1fddf9ee617c5db
- SHA256
  
  22026564fc951d60816c6689dd4b1825f07fb3c8c4495041b52056f397468297
- SHA512
  
  8b7504f19f0b304d9d513d8138aa92aa6421a26c505f7ec7e9cd39d867d9cbd57ee1063a4b5e770234834d2351a6343537e9898135b4f9f603e43cda4a3f9c93
Score

1^/10
behavioral12
- Target
  
  Release/Dragablz.dll
- Size
  
  233KB
- MD5
  
  5a9583a7bed76b2e94091f9b74716f68
- SHA1
  
  60552dc4ed629b32a7c0e7b31406a21829bdc38e
- SHA256
  
  6c5724efe19f5945143626a8270c9c3a188d4886eeaca083c57c742a985c7338
- SHA512
  
  8ab70fd60a27a80e43a270a401e8772833ad0a11ade1ea13483b37b1a02dbb70679bbe200fceca632ee1ba8df66a95a51a2fe65671eb3ae596682d3e1ee1c0d5
- SSDEEP
  
  6144:fTuK/5J3BPYcKHJv8ahfgfkMMafGfCfDf2fE:fKKhP+Dhfgf7fGfCfDf2f
Score

1^/10
behavioral13
- Target
  
  Release/Dragablz.xml
- Size
  
  46KB
- MD5
  
  8b1698bf1b9c2d46c516b1343fc567b4
- SHA1
  
  003674b60adb9c4baacd4074c346329d1acac159
- SHA256
  
  28a94777a099c5d9507fc5ac93b96a0280024d472e2411a503b3132d4cd8bb8b
- SHA512
  
  dcd4c55051eb321cd8e128f592f0e4f842dd0c3909be19b55f34c08a694759ac3d49943fe6c07abc7cce2cd281e20a3912c594e79f377ff44e6769664cd30c4e
- SSDEEP
  
  768:KEEcjsycbQH1/7/stYOCI6VwHru3YNrYs1bjtKOO38W9z:zEcjsy0QH170K+6VMu3YmatLK8W9z
Score

1^/10
behavioral14
- Target
  
  Release/MaterialDesignColors.dll
- Size
  
  295KB
- MD5
  
  d2207fccbdd6caa91c43776559ce401f
- SHA1
  
  4f78f282a238b21ad1f995f154d624865d08a38a
- SHA256
  
  1966082c8efa5ecddac7fd8b3e3b86a63599602d18bdff17e7c366d49603aaf0
- SHA512
  
  d4984e3a6d82e7ebe11c2f7ea07092e60ef1396849921c6c0a463dd9b38836c5f6799e79f932bddc62b89d7a9896b5e5ba931c3c8cbfedff51076a41796a8c0e
- SSDEEP
  
  1536:1r1In+fq1fDfDemxD0EsXpGX0EOAyzU7fKoVxbzQXT:B1WB1PerAjOAL7fKoVxb2T
Score

1^/10
behavioral15
- Target
  
  Release/MaterialDesignExtensions.dll
- Size
  
  349KB
- MD5
  
  6da7ae89f1eac96f143dc5200031d8b8
- SHA1
  
  d9dc3936bc9a288a727cb2295c3d05899adcc9c8
- SHA256
  
  c5b93560fa74b9a05959aae5116da59495d36782d2e17e45f0efcc06ad36ed6a
- SHA512
  
  3929f7092a5acb5ae3333e7e0a9ac2a403b78c8c8ad35a17ece25e6688a61a0f7e4b701691b02ad2941c6e15d2262c6f8ae76413af93dc92aa422e1738147e94
- SSDEEP
  
  6144:OM2EyV6zxDNFOzaFkpXeRk7ecDfE0MHOZB0zSvo1UvEGK262:nGVcxHOzxpuRk7emfE0MHOZB0zSvo1UJ
Score

1^/10
behavioral16
- Target
  
  Release/MaterialDesignThemes.Wpf.dll
- Size
  
  9.1MB
- MD5
  
  dd614b113b0fd72554a55eda5dbfcc10
- SHA1
  
  0144a3f8c52dd932bfaca7d7f147f694b5511551
- SHA256
  
  f2cb7b4de690abc21780bbab0f0b39273b6538ab04ef47fbe099126a43b62864
- SHA512
  
  974eaf9906a798c723436b9ab1abae282757596c350e48a6697d84c1bdd50715415d3a70c9a081d4b996f3abbbdc4b26d3c3f9139f8b685cb54bf01376512c51
- SSDEEP
  
  98304:vVDXJDntBksKY+ND3WyA4+TLVei10vMzPv8/4C8B5XVS49Xzy83IiEcJMrCR2fS0:PnJ45/9iD54+V11bFv4z
Score

1^/10
behavioral17
- Target
  
  Release/Microsoft.Web.WebView2.Core.dll
- Size
  
  445KB
- MD5
  
  c4b4a5f4f28d47239eb4e37cb3cc8046
- SHA1
  
  ed86941cf065f91758d536d8e13cc2542cc38922
- SHA256
  
  c2441011ec290b3408391f32072379f677ab3fa4507c4304167cd82fad6593c1
- SHA512
  
  440ee33d5a830d9c59d96367f2a43d4a4113f6fe0924a691e682a2e9251a8615e52177dcb9af225dba538a8a3893ac85be79e9c1aa687034e3da6c95191dc645
- SSDEEP
  
  12288:EB7Md7DkbrB3kPo+iKvRFNLe1+imQ9pRFZNIEJdIElxPrEIvLcglxMwCepM1STUH:EeFP7
Score

1^/10
behavioral18
- Target
  
  Release/Microsoft.Web.WebView2.WinForms.dll
- Size
  
  37KB
- MD5
  
  e6f424ee6036ee7d58283780b705be8c
- SHA1
  
  c17fc397711fb2e0c400007620c76e70c956dd9c
- SHA256
  
  c9eeff2dd13109f41447a92763d31aaa07369c58a570c18bbb851824a77da98a
- SHA512
  
  1d255265115a4a2238a21e3ade35101babcbf9d5de58521365666b9564681119c4b7f20ed6a6c16fb6120ab19106fa40f25421da938b7fee7b8a5e7758f2c22f
- SSDEEP
  
  768:ejIHFTA42CL9tcZDgcEST3p4Jjrjh2jJFSgyauYv1JKia5/Zi/WGQKVu6bL7RSOX:AIS3C5tcZDgcEST3p4JjrjaJFSgyau0H
Score

1^/10
behavioral19
- Target
  
  Release/Microsoft.Web.WebView2.Wpf.dll
- Size
  
  43KB
- MD5
  
  0241e0a42b292e0c9b585470c613ec78
- SHA1
  
  74e4ab7e37bff177a394617923baddfcf087c0e1
- SHA256
  
  15bcd610a80632ef59d911a8447b11127cdeafbf147c844f1b740735efdf338a
- SHA512
  
  bd083301c6f93a1852c76686797919787f439c65ea11d430701257fa4d3791a4eff892b6ceea1c534d832bfbc0b0ecca3f671e3a9c50f34089f919e3756882f0
- SSDEEP
  
  768:k2TI5VoCjJ4Jd7U2zkQ+Z8cDP/ryEH0yBy4JjrD1h2jVh3URGvkz7FKKa5/Bi/xm:VE5tjJ4Y2zf+Z8cDP/ryEH0yBy4JjrDC
Score

1^/10
behavioral20
- Target
  
  Release/Microsoft.Xaml.Behaviors.dll
- Size
  
  141KB
- MD5
  
  ec5a1abee150abe698689211b07cd1ec
- SHA1
  
  affc3cb47da8fe76986d271cdc3e7ea345cc04e5
- SHA256
  
  b864da9d88414877cea9b1a016146265a5fb9d0e12f4dbb1dccc0cc998119a54
- SHA512
  
  a2b55b4ffc3f11546ed8d3457e98b986c089e25229bd687da35d45d63e4860722e8b13826d3a3daa1be843cf3a4ae3da4cf9b6fdcb5d1a4948648537e683789f
- SSDEEP
  
  3072:UAyazS96IT0O6gAf+LwCMe1u051dXcr9/soMEs5r/j9:tyhYIT0O65cwCMyE
Score

1^/10
behavioral21
- Target
  
  Release/System.Diagnostics.DiagnosticSource.dll
- Size
  
  34KB
- MD5
  
  8d9df432109f1cfdd86723b5f171e3d7
- SHA1
  
  85dc92edd4b0049ed9049e075c4def8a3d64e43b
- SHA256
  
  d22133818a30313e0becf010d78a556a56b34ea361dbd33588c9817631fed540
- SHA512
  
  5c83303934eecfa61c43a071d29c98e5804d37a5dc7f7b035772d6a168b0c5e65dfabef20b46214e65493c4bda44831cafee83615498fbe9e718c884f4650edf
- SSDEEP
  
  384:iQobG82oiaPaf/gn5LQ0+0zdQUv2CtyW8fiFISWbW9pWJbWivT1Nq0GftpBjAvnC:nA299fI5dxzL2CC11vimvnEBBNFT
Score

1^/10
behavioral22
- Target
  
  Release/appver
- Size
  
  5B
- MD5
  
  1e863568ac9a0b6c9297bc4104c52543
- SHA1
  
  3fb3c449aff44de53ce1e5301a184c4d00415d8f
- SHA256
  
  dcf82bef5de2e2542f832393508b0f4a6cc59f96825ce53ebd084edbfb3a78ae
- SHA512
  
  0f59a5a2f6b176583908d3e9d9f48e04693642ef0dff1ea7fcd519a13ef4a96f90f8e87aff208053c58648b8c9832947283258ed7094d2e904fe04164d7736a6
Score

1^/10
behavioral23
- Target
  
  Release/appversion.txt
- Size
  
  5B
- MD5
  
  f0016f1d09aea25afcb3fb5948acbb9f
- SHA1
  
  5151f95ad805265d9169fb020297c97b589a90cb
- SHA256
  
  cc1a4126ba1a738f56187a2a2a9df4f3d3f6baa8dc966feed9d0f6e09a5a486a
- SHA512
  
  da19cc04a0a6cc175f056ce4bb5091cb1f7a4efa922704ddedce2aa7dbfda8e53709a81206234744d8ef34c97fd1a31ea0f62ecd41ed7977064dc5ece36477ef
Score

3^/10
behavioral24

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24