Celery[.]exe | Triage

Resubmissions

10/07/2024, 20:02

240710-yr82yaxdkp 8

10/07/2024, 19:59

240710-yqnplsxcmq 4

Sharing

Copy URL Twitter E-mail

General

Target

Celery.exe
Size

17.2MB
MD5

48bd722864b66e3fe36f455ec82a1335
SHA1

48df9318b556327b996eb6115fb1134fc53ad904
SHA256

d6b616914d816df8eb8b4cb88dcdf823ebec0b144173c77f5bd9104767fd2da5
SHA512

03d7c4fa88719b92b4cfe555cfeb0cbb728bd613b304742c4a2e8bb14dfa3c721daa5f241cfc4894333eee4b6f745c1d0a137a0fa3b618f1e402e2e234e38639
SSDEEP

393216:3Ao57DdNAuyvw4wK/gsrlVwgqI59D8exrbwANXg5yH4LVvI:J1d2toVKrR5qI59woPXlOLm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Celery.exe

Files

Celery.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\stent\Desktop\Programming\C#\Celery\Celery\obj\Release\Celery.pdb

Sections

.text
Size: 17.2MB - Virtual size: 17.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ