Celeus[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Celeus.exe
Size

15KB
MD5

48c76674d2201c19910c037fbbcfcbf4
SHA1

1cebfab81f2378fda6a1c69416de0c391d6245e4
SHA256

8407e0beeb2146e8ba55018185f144712fe87a8ad720a9f58552fde01c876961
SHA512

35b3d2785cd73b565505a2b305723d7e454b759557053413b7ff96f771054dea67641a8312ae79ef33d8c99025dab90010b8d4c744d6b4c39bd9db1722d02024
SSDEEP

384:txlIPMRMwyLIPed8X3hEjhiOA9lrHS1fU/OgdC6A0ivlrHSXAw:txC6Mhb1fWhdC6A0iMR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Celeus.exe

Files

Celeus.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\easto\Desktop\Celeus\Celeus\obj\Debug\Celeus.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ