Overview
overview
3Static
static
3Release/Be...er.dll
windows11-21h2-x64
1Release/Be...er.xml
windows11-21h2-x64
1Release/CeleryApp.exe
windows11-21h2-x64
1Release/CeleryIn.dll
windows11-21h2-x64
1Release/Ce...ct.exe
windows11-21h2-x64
1Release/Ce...er.exe
windows11-21h2-x64
1Release/Ce...er.exe
windows11-21h2-x64
1Release/Ce...g.json
windows11-21h2-x64
3Release/Ce...go.ico
windows11-21h2-x64
3Release/Ce...go.png
windows11-21h2-x64
3Release/Costura.dll
windows11-21h2-x64
1Release/Costura.xml
windows11-21h2-x64
1Release/Dragablz.dll
windows11-21h2-x64
1Release/Dragablz.xml
windows11-21h2-x64
1Release/Ma...rs.dll
windows11-21h2-x64
1Release/Ma...ns.dll
windows11-21h2-x64
1Release/Ma...pf.dll
windows11-21h2-x64
1Release/Mi...re.dll
windows11-21h2-x64
1Release/Mi...ms.dll
windows11-21h2-x64
1Release/Mi...pf.dll
windows11-21h2-x64
1Release/Mi...rs.dll
windows11-21h2-x64
1Release/Sy...ce.dll
windows11-21h2-x64
1Release/appver
windows11-21h2-x64
1Release/ap...on.txt
windows11-21h2-x64
3Analysis
-
max time kernel
1800s -
max time network
1502s -
platform
windows11-21h2_x64 -
resource
win11-20240508-en -
resource tags
arch:x64arch:x86image:win11-20240508-enlocale:en-usos:windows11-21h2-x64system -
submitted
13/05/2024, 19:27
Static task
static1
Behavioral task
behavioral1
Sample
Release/BetterFolderBrowser.dll
Resource
win11-20240426-en
windows11-21h2-x64
Behavioral task
behavioral2
Sample
Release/BetterFolderBrowser.xml
Resource
win11-20240426-en
windows11-21h2-x64
Behavioral task
behavioral3
Sample
Release/CeleryApp.exe
Resource
win11-20240426-en
windows11-21h2-x64
Behavioral task
behavioral4
Sample
Release/CeleryIn.dll
Resource
win11-20240426-en
windows11-21h2-x64
Behavioral task
behavioral5
Sample
Release/CeleryInject.exe
Resource
win11-20240508-en
windows11-21h2-x64
Behavioral task
behavioral6
Sample
Release/CeleryLauncher.exe
Resource
win11-20240426-en
windows11-21h2-x64
Behavioral task
behavioral7
Sample
Release/CeleryLauncher.exe
Resource
win11-20240426-en
windows11-21h2-x64
Behavioral task
behavioral8
Sample
Release/CeleryLauncher.runtimeconfig.json
Resource
win11-20240508-en
windows11-21h2-x64
Behavioral task
behavioral9
Sample
Release/CeleryLogo.ico
Resource
win11-20240508-en
windows11-21h2-x64
Behavioral task
behavioral10
Sample
Release/CeleryLogo.png
Resource
win11-20240426-en
windows11-21h2-x64
Behavioral task
behavioral11
Sample
Release/Costura.dll
Resource
win11-20240426-en
windows11-21h2-x64
Behavioral task
behavioral12
Sample
Release/Costura.xml
Resource
win11-20240508-en
windows11-21h2-x64
Behavioral task
behavioral13
Sample
Release/Dragablz.dll
Resource
win11-20240508-en
windows11-21h2-x64
Behavioral task
behavioral14
Sample
Release/Dragablz.xml
Resource
win11-20240508-en
windows11-21h2-x64
Behavioral task
behavioral15
Sample
Release/MaterialDesignColors.dll
Resource
win11-20240426-en
windows11-21h2-x64
Behavioral task
behavioral16
Sample
Release/MaterialDesignExtensions.dll
Resource
win11-20240426-en
windows11-21h2-x64
Behavioral task
behavioral17
Sample
Release/MaterialDesignThemes.Wpf.dll
Resource
win11-20240426-en
windows11-21h2-x64
Behavioral task
behavioral18
Sample
Release/Microsoft.Web.WebView2.Core.dll
Resource
win11-20240426-en
windows11-21h2-x64
Behavioral task
behavioral19
Sample
Release/Microsoft.Web.WebView2.WinForms.dll
Resource
win11-20240508-en
windows11-21h2-x64
Behavioral task
behavioral20
Sample
Release/Microsoft.Web.WebView2.Wpf.dll
Resource
win11-20240508-en
windows11-21h2-x64
Behavioral task
behavioral21
Sample
Release/Microsoft.Xaml.Behaviors.dll
Resource
win11-20240419-en
windows11-21h2-x64
Behavioral task
behavioral22
Sample
Release/System.Diagnostics.DiagnosticSource.dll
Resource
win11-20240419-en
windows11-21h2-x64
Behavioral task
behavioral23
Sample
Release/appver
Resource
win11-20240508-en
windows11-21h2-x64
Behavioral task
behavioral24
Sample
Release/appversion.txt
Resource
win11-20240508-en
windows11-21h2-x64
General
-
Target
Release/CeleryInject.exe
-
Size
3.1MB
-
MD5
66e53760e7696b7499b96a833cf95b5b
-
SHA1
894ad4c70c5ac238aa9197457dded6480e6c5bb4
-
SHA256
ae1cef5a183c95cbd22d169f67ff066a362ed4a460b581eaf03fcf70b803cbf0
-
SHA512
32b167c46e1ce35dbfd3571a1fcdc332c3cfa7a875dbeb4c6d412615feef4a29dd3c4944dd89542889ab4dfa922d802a690219092113ab7e75d452b11d2abaa4
-
SSDEEP
24576:fDitqK9+8di9xpry900xpUthUTGhZczfAQQpDtPDGjP8YcRhpp3fGGQ2AuGYP8:fWtr7i/Q903HDhZPhDGjP8lRDp3fNAu
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 64 IoCs
pid Process 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe 4632 CeleryInject.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
description pid Process Token: SeDebugPrivilege 4632 CeleryInject.exe