Overview

overview

3

Static

static

3

CeleryApp.exe

windows10-2004-x64

1

CeleryApp.exe

windows11-21h2-x64

1

Analysis

  • max time kernel
    20s
  • max time network
    20s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19/07/2024, 00:43

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    CeleryApp.exe

  • Size

    8.8MB

  • MD5

    53fc925e94ca8b8d29442fd0e96fd3ab

  • SHA1

    6221229aaaa65c546d34ce3447bb095a8487c6f0

  • SHA256

    b3a82719f573800205de6e9b00b9b32e31cad75a58efb3b1b1cbacc1918bc37f

  • SHA512

    810ca1928483a8578c70b1e857a96224d6b10add119cbbd5e540e8bfe692588491d8a48ec3ac4a5dae300b214c35a6e63cd7cf27109a8b2591fca2989d9478ac

  • SSDEEP

    98304:QegLIRfyC7egWJ3iJzdjf4fwraOWcD9XdMPABIw/t6KHDicVwzUs7q:QeguhegD4fJOWs9XNBZ16M2cuU

Score
1/10

Malware Config

Signatures

  • Checks SCSI registry key(s) 3 TTPs 3 IoCs

    SCSI information is often read in order to detect sandboxing environments.

  • Suspicious behavior: EnumeratesProcesses 11 IoCs
  • Suspicious use of AdjustPrivilegeToken 3 IoCs
  • Suspicious use of FindShellTrayWindow 23 IoCs
  • Suspicious use of SendNotifyMessage 22 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\CeleryApp.exe
    "C:\Users\Admin\AppData\Local\Temp\CeleryApp.exe"
    1⤵
      PID:4684
    • C:\Windows\system32\taskmgr.exe
      "C:\Windows\system32\taskmgr.exe" /7
      1⤵
      • Checks SCSI registry key(s)
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SendNotifyMessage
      PID:3980

    Network

          MITRE ATT&CK Enterprise v15

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/3980-13-0x000001BFCF310000-0x000001BFCF311000-memory.dmp

            Filesize

            4KB

            Download

          • memory/3980-19-0x000001BFCF310000-0x000001BFCF311000-memory.dmp

            Filesize

            4KB

            Download

          • memory/3980-20-0x000001BFCF310000-0x000001BFCF311000-memory.dmp

            Filesize

            4KB

            Download

          • memory/3980-21-0x000001BFCF310000-0x000001BFCF311000-memory.dmp

            Filesize

            4KB

            Download

          • memory/3980-22-0x000001BFCF310000-0x000001BFCF311000-memory.dmp

            Filesize

            4KB

            Download

          • memory/3980-23-0x000001BFCF310000-0x000001BFCF311000-memory.dmp

            Filesize

            4KB

            Download

          • memory/3980-24-0x000001BFCF310000-0x000001BFCF311000-memory.dmp

            Filesize

            4KB

            Download

          • memory/3980-25-0x000001BFCF310000-0x000001BFCF311000-memory.dmp

            Filesize

            4KB

            Download

          • memory/3980-14-0x000001BFCF310000-0x000001BFCF311000-memory.dmp

            Filesize

            4KB

            Download

          • memory/3980-15-0x000001BFCF310000-0x000001BFCF311000-memory.dmp

            Filesize

            4KB

            Download

          • memory/4684-5-0x0000026F4DFD0000-0x0000026F4E8EE000-memory.dmp

            Filesize

            9.1MB

            Download

          • memory/4684-9-0x0000026F4C830000-0x0000026F4C838000-memory.dmp

            Filesize

            32KB

            Download

          • memory/4684-12-0x00007FF807C80000-0x00007FF808741000-memory.dmp

            Filesize

            10.8MB

            Download

          • memory/4684-10-0x0000026F4EEE0000-0x0000026F4EF18000-memory.dmp

            Filesize

            224KB

            Download

          • memory/4684-11-0x0000026F4C840000-0x0000026F4C84E000-memory.dmp

            Filesize

            56KB

            Download

          • memory/4684-8-0x0000026F4EB20000-0x0000026F4EB94000-memory.dmp

            Filesize

            464KB

            Download

          • memory/4684-7-0x0000026F32680000-0x0000026F3268E000-memory.dmp

            Filesize

            56KB

            Download

          • memory/4684-6-0x0000026F4EBE0000-0x0000026F4EC9A000-memory.dmp

            Filesize

            744KB

            Download

          • memory/4684-0-0x00007FF807C83000-0x00007FF807C85000-memory.dmp

            Filesize

            8KB

            Download

          • memory/4684-4-0x00007FF807C80000-0x00007FF808741000-memory.dmp

            Filesize

            10.8MB

            Download

          • memory/4684-3-0x0000026F4DF80000-0x0000026F4DFD0000-memory.dmp

            Filesize

            320KB

            Download

          • memory/4684-2-0x0000026F326A0000-0x0000026F326E0000-memory.dmp

            Filesize

            256KB

            Download

          • memory/4684-1-0x0000026F319F0000-0x0000026F322B8000-memory.dmp

            Filesize

            8.8MB

            Download