General

  • Target

    Celestial Crack.zip

  • Size

    18.3MB

  • MD5

    3c002d22691e03979237c9b2e59b68fe

  • SHA1

    4eb08de136c65c39ac50cce1eb933f0ebdb32a58

  • SHA256

    3d5c1e8b26ab2596b9109d465b2edaaecea6e19b1a976a102b2a855249d70915

  • SHA512

    b8a40611097d6875e47c76cfa8c8429bf457a6d240f9bc4e4d95a696acfaf87092e9cf29f03131b515c30e5aa03ffe210ae53f788fdcc2906972e963ebeab84f

  • SSDEEP

    393216:7bXvrdREdINeW/FJxcd6CZMczYrjpJViNyfBJNPrTZAHd5s:fBREdIfdG6C9YHNHfB3PROdu

Score
10/10

Malware Config

Signatures

  • DCRat payload 2 IoCs

    Detects payload of DCRat, commonly dropped by NSIS installers.

  • Dcrat family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 14 IoCs

    Checks for missing Authenticode signature.

Files

  • Celestial Crack.zip
    .zip
  • Celestial Crack/Loader.exe
    .exe windows:5 windows x86 arch:x86

    fcf1390e9ce472c7270447fc5c61a0c1


    Headers

    Imports

    Sections

  • Celestial Crack/Read Me.txt
  • Celestial Crack/Start.bat
    .exe windows:5 windows x86 arch:x86

    fcf1390e9ce472c7270447fc5c61a0c1


    Headers

    Imports

    Sections

  • Celestial Crack/config.cson
  • Celestial Crack/data/7zxa.dll
    .dll windows:4 windows x86 arch:x86

    b56c6d8dc50f73376215a3b3ddce91c0


    Headers

    Imports

    Exports

    Sections

  • Celestial Crack/data/DCRAC.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • Celestial Crack/data/DCRCC.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • Celestial Crack/data/Default.SFX
    .exe windows:5 windows x86 arch:x86

    fcf1390e9ce472c7270447fc5c61a0c1


    Headers

    Imports

    Sections

  • Celestial Crack/data/NCC2.dll
    .dll windows:5 windows x86 arch:x86

    f4d8783cad3f11045aa4e2ccd348ec7b


    Headers

    Imports

    Exports

    Sections

  • Celestial Crack/data/NCC3.dll
    .dll windows:5 windows x86 arch:x86

    7520e044195b1728541d87932e3d3d25


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Celestial Crack/data/NCCheck.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • Celestial Crack/data/Rar.exe
    .exe windows:5 windows x86 arch:x86

    44d2677e8e5bfc0b36e493c644c96d3e


    Code Sign

    Headers

    Imports

    Sections

  • Celestial Crack/data/RarExt.dll
    .dll windows:5 windows x86 arch:x86

    0b0d2ebfb28acfbe9b3d782dfbd69718


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Celestial Crack/data/RarExt64.dll
    .dll windows:5 windows x64 arch:x64

    4757bf030e54b5b102bfa36ff111af95


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Celestial Crack/data/WinCon.SFX
    .exe windows:5 windows x86 arch:x86

    6be7eb2c55cb5cc119c0ff80a16fbc82


    Headers

    Imports

    Sections

  • Celestial Crack/data/Zip.SFX
    .exe windows:5 windows x86 arch:x86

    ae9f6a32bb8b03dce37903edbc855ba1


    Headers

    Imports

    Sections

  • Celestial Crack/data/dnlib.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Celestial Crack/data/dotNET_Reactor.Console.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • Celestial Crack/data/dotNET_Reactor.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • Celestial Crack/data/enc.vbe
    .vbe .jse
  • Celestial Crack/data/kll.temp
  • Celestial Crack/data/upx.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • Celestial Crack/data/wRar.exe
    .exe windows:5 windows x86 arch:x86

    76b13065110dab2258940c9960d7d4ce


    Code Sign

    Headers

    Imports

    Sections

  • Celestial Crack/lib/L1nc0In 1.jar
    .jar
  • Celestial Crack/lib/L1nc0In 10.jar
    .jar
  • Celestial Crack/lib/L1nc0In 11.jar
    .jar
  • Celestial Crack/lib/L1nc0In 12.jar
    .jar
  • Celestial Crack/lib/L1nc0In 13.jar
    .jar
  • Celestial Crack/lib/L1nc0In 14.jar
    .jar
  • Celestial Crack/lib/L1nc0In 2.jar
    .jar
  • Celestial Crack/lib/L1nc0In 3.jar
    .jar
  • Celestial Crack/lib/L1nc0In 4.jar
    .jar
  • Celestial Crack/lib/L1nc0In 5.jar
    .jar
  • Celestial Crack/lib/L1nc0In 6.jar
    .jar
  • Celestial Crack/lib/L1nc0In 7.jar
    .jar
  • Celestial Crack/lib/L1nc0In 8.jar
    .jar
  • Celestial Crack/lib/L1nc0In 9.jar
    .jar