Overview

overview

7

Static

static

7

Celestial Rat.zip

windows7-x64

1

Celestial Rat.zip

windows10-2004-x64

1

Celestial ...al.exe

windows7-x64

7

Celestial ...al.exe

windows10-2004-x64

7

Celestial ...er.exe

windows7-x64

7

Celestial ...er.exe

windows10-2004-x64

7

Celestial ...or.dll

windows7-x64

1

Celestial ...or.dll

windows10-2004-x64

1

Celestial ...pf.dll

windows7-x64

1

Celestial ...pf.dll

windows10-2004-x64

1

Celestial ...ib.dll

windows7-x64

1

Celestial ...ib.dll

windows10-2004-x64

1

Celestial ...et.dll

windows7-x64

1

Celestial ...et.dll

windows10-2004-x64

1

Celestial ...6c.dll

windows7-x64

1

Celestial ...6c.dll

windows10-2004-x64

1

Celestial ...8c.dll

windows7-x64

1

Celestial ...8c.dll

windows10-2004-x64

1

Celestial ...RT.bin

windows7-x64

3

Celestial ...RT.bin

windows10-2004-x64

3

Celestial ...TS.bin

windows7-x64

3

Celestial ...TS.bin

windows10-2004-x64

3

Celestial ...sm.exe

windows7-x64

1

Celestial ...sm.exe

windows10-2004-x64

1

Celestial .../d.exe

windows7-x64

Celestial .../d.exe

windows10-2004-x64

Celestial ...or.bin

windows7-x64

3

Celestial ...or.bin

windows10-2004-x64

3

Celestial ...ow.dll

windows7-x64

1

Celestial ...ow.dll

windows10-2004-x64

1

Celestial ...eo.dll

windows7-x64

1

Celestial ...eo.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    Celestial Rat.zip

  • Size

    13.5MB

  • MD5

    74ea9aa9afb49c488f6daee0049ac4a9

  • SHA1

    73f0eef28eb180b93c6ea2e2203893465ecee99a

  • SHA256

    d8a3063feb738c2e30220bced5d1c9081630ccb7cba4738ca452edf0f6b70c5f

  • SHA512

    bf7bb962f148cd123abcdec031a8a9e0fc561e03a152caeba255075f7da62fcec77ba5ba0b5c03c90bb7034281b0c50993972f06824c9d4ba10cd884c0a1d460

  • SSDEEP

    393216:Jp1zCla5NRijpvd3h5U/06RZGMk9I2Eoak0GOz8w:Jp1QkN4j3/0bZGrIxJLIw

Score
7/10
themida

Malware Config

Signatures

  • Themida packer 1 IoCs

    Detects Themida, an advanced Windows software protection system.

    themida
  • Unsigned PE 18 IoCs

    Checks for missing Authenticode signature.

Files

  • Celestial Rat.zip
    .zip
  • Celestial Rat/Celestial.exe
    .exe windows:4 windows x64 arch:x64


    Headers

    Sections

  • Celestial Rat/CelestialPatcher.exe
    .exe windows:6 windows x64 arch:x64

    d341ecf5263ee0002cca002652f0c62c


    Headers

    Imports

    Exports

    Sections

  • Celestial Rat/IconExtractor.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Celestial Rat/Notifications.Wpf.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Celestial Rat/Vestris.ResourceLib.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Celestial Rat/WinMM.Net.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Celestial Rat/data/6c.dll
  • Celestial Rat/data/8c.dll
  • Celestial Rat/data/RT.bin
  • Celestial Rat/data/RTS.bin
  • Celestial Rat/data/asm.exe
    .exe windows:4 windows x64 arch:x64

    245fd5847db29ac01003e87f2fc0fe30


    Headers

    Imports

    Sections

  • Celestial Rat/data/d.exe
  • Celestial Rat/data/injector.bin
  • Celestial Rat/data/libs/AForge.Video.DirectShow.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Celestial Rat/data/libs/AForge.Video.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Celestial Rat/data/libs/DotNetZip.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Celestial Rat/data/libs/SharpDX.DXGI.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Celestial Rat/data/libs/SharpDX.Direct3D11.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Celestial Rat/data/libs/SharpDX.Direct3D9.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Celestial Rat/data/libs/SharpDX.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Celestial Rat/data/payload/m.exe
    .exe windows:4 windows x86 arch:x86

    51e7ef6b1d43d0d05d7109dee9789560


    Headers

    Imports

    Sections

  • Celestial Rat/data/payload/sig.py
  • Celestial Rat/data/stub.bin
  • Celestial Rat/dnlib.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Celestial Rat/log.txt
  • Celestial Rat/scripts/ClipperLib.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Celestial Rat/server/Server.deps.json
  • Celestial Rat/server/Server.dll
    .exe windows:4 windows x64 arch:x64


    Headers

    Sections

  • Celestial Rat/server/Server.runtimeconfig.json
  • Celestial Rat/server/net8 linux install.txt
  • Celestial Rat/server/start.bat
  • Celestial Rat/server/start.sh
  • Celestial Rat/sound.wav