Overview
overview
3Static
static
3CeleryIn.dll
windows7-x64
1CeleryIn.dll
windows10-2004-x64
1CeleryInject.exe
windows7-x64
1CeleryInject.exe
windows10-2004-x64
1NiggaSploit.dll
windows7-x64
1NiggaSploit.dll
windows10-2004-x64
1RoSploit.exe
windows7-x64
1RoSploit.exe
windows10-2004-x64
1RoSploit.exe
windows7-x64
1RoSploit.exe
windows10-2004-x64
1Analysis
-
max time kernel
150s -
max time network
122s -
platform
windows10-2004_x64 -
resource
win10v2004-20240704-en -
resource tags
arch:x64arch:x86image:win10v2004-20240704-enlocale:en-usos:windows10-2004-x64system -
submitted
04-07-2024 22:23
Static task
static1
Behavioral task
behavioral1
Sample
CeleryIn.dll
Resource
win7-20240704-en
windows7-x64
Behavioral task
behavioral2
Sample
CeleryIn.dll
Resource
win10v2004-20240704-en
windows10-2004-x64
Behavioral task
behavioral3
Sample
CeleryInject.exe
Resource
win7-20240704-en
windows7-x64
Behavioral task
behavioral4
Sample
CeleryInject.exe
Resource
win10v2004-20240704-en
windows10-2004-x64
Behavioral task
behavioral5
Sample
NiggaSploit.dll
Resource
win7-20240704-en
windows7-x64
Behavioral task
behavioral6
Sample
NiggaSploit.dll
Resource
win10v2004-20240704-en
windows10-2004-x64
Behavioral task
behavioral7
Sample
RoSploit.exe
Resource
win7-20240611-en
windows7-x64
Behavioral task
behavioral8
Sample
RoSploit.exe
Resource
win10v2004-20240704-en
windows10-2004-x64
Behavioral task
behavioral9
Sample
RoSploit.exe
Resource
win7-20240220-en
windows7-x64
Behavioral task
behavioral10
Sample
RoSploit.exe
Resource
win10v2004-20240704-en
windows10-2004-x64
General
-
Target
CeleryInject.exe
-
Size
3.2MB
-
MD5
b377734e92c27995715957f8d4c83189
-
SHA1
1647d894ddf9c0e579eb459f09987bdef84576ce
-
SHA256
873312f41195180840e7e1711e1bfde66d5fc805169454ce3a755d0a28cc7314
-
SHA512
f0ab58a404603e55a8e0a4d2bc0fd6370423ccb071de459b88a7d664f296feaf5fca8eeee362f7eda2e0913f429e95a25e2d7d6dcaa6babdad0bdabb1dc81c5d
-
SSDEEP
24576:m3J15YpXSZeqjdyEpvDK8PSyFaSBSFjiSQOazFcDGjaNYcpEGp3f8+pET3lTCxy2:m3hWSQqj8LSwfQuDGjaNlpxp3fUlTC
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 64 IoCs
pid Process 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe 5084 CeleryInject.exe