Overview

overview

3

Static

static

3

CeleryApp.exe

windows7-x64

1

CeleryApp.exe

windows10-2004-x64

1

CeleryApp.exe

windows11-21h2-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    14-05-2024 19:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    CeleryApp.exe

  • Size

    8.7MB

  • MD5

    6228e8d07dc983c0afb22323bf704fd9

  • SHA1

    1903fb4bbfd545db6a67263ebcbbca47e6d35251

  • SHA256

    ee662c7bc46baa480b0fa76be9b4bf1db70977b570e41405a26bfe430cdc7e8d

  • SHA512

    3564cf8f5503e55d587cc21dc25d80b71eef1b1baaf187af4a8f8b4da89d8ddcb37cd4063aa4ffdd824f9c48a1bc1bae7259b7a02033a5c4423680172c0b0fee

  • SSDEEP

    98304:qKWgLIRfyC7egWJ3PJzdjf4fwraOWcD9XdMPABIw/t6KHDicVwzUsba:qKWguhega4fJOWs9XNBZ16M2cuU

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\CeleryApp.exe
    "C:\Users\Admin\AppData\Local\Temp\CeleryApp.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2312
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 2312 -s 872
      2⤵
        PID:2464

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2312-0-0x000007FEF5F83000-0x000007FEF5F84000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2312-1-0x0000000000830000-0x00000000010EA000-memory.dmp

      Filesize

      8.7MB

      Download

    • memory/2312-2-0x000007FEF5F80000-0x000007FEF696C000-memory.dmp

      Filesize

      9.9MB

      Download

    • memory/2312-3-0x00000000006C0000-0x0000000000700000-memory.dmp

      Filesize

      256KB

      Download

    • memory/2312-4-0x00000000010F0000-0x0000000001140000-memory.dmp

      Filesize

      320KB

      Download

    • memory/2312-5-0x000000001CB90000-0x000000001D4AE000-memory.dmp

      Filesize

      9.1MB

      Download

    • memory/2312-6-0x00000000012C0000-0x00000000012CA000-memory.dmp

      Filesize

      40KB

      Download

    • memory/2312-7-0x00000000012C0000-0x00000000012CA000-memory.dmp

      Filesize

      40KB

      Download

    • memory/2312-8-0x00000000012C0000-0x00000000012CE000-memory.dmp

      Filesize

      56KB

      Download

    • memory/2312-9-0x000000001BD00000-0x000000001BD74000-memory.dmp

      Filesize

      464KB

      Download

    • memory/2312-10-0x000007FEF5F83000-0x000007FEF5F84000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2312-11-0x000007FEF5F80000-0x000007FEF696C000-memory.dmp

      Filesize

      9.9MB

      Download

    • memory/2312-12-0x00000000012C0000-0x00000000012CA000-memory.dmp

      Filesize

      40KB

      Download