Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Overview
overview
3Static
static
3Bunifu_UI_v1.5.3.dll
windows7-x64
1Bunifu_UI_v1.5.3.dll
windows10-2004-x64
1CeleryCracked.dll
windows7-x64
1CeleryCracked.dll
windows10-2004-x64
1CeleryIn.dll
windows7-x64
1CeleryIn.dll
windows10-2004-x64
1CeleryInject.exe
windows7-x64
1CeleryInject.exe
windows10-2004-x64
1Microsoft....re.dll
windows7-x64
1Microsoft....re.dll
windows10-2004-x64
1Microsoft....ms.dll
windows7-x64
1Microsoft....ms.dll
windows10-2004-x64
1Microsoft....pf.dll
windows7-x64
1Microsoft....pf.dll
windows10-2004-x64
1Monaco/Monaco.html
windows7-x64
1Monaco/Monaco.html
windows10-2004-x64
1Monaco/vs/...ain.js
windows7-x64
3Monaco/vs/...ain.js
windows10-2004-x64
3Monaco/vs/...bat.js
windows7-x64
3Monaco/vs/...bat.js
windows10-2004-x64
3Monaco/vs/...fee.js
windows7-x64
3Monaco/vs/...fee.js
windows10-2004-x64
3Monaco/vs/...cpp.js
windows7-x64
3Monaco/vs/...cpp.js
windows10-2004-x64
3Monaco/vs/...arp.js
windows7-x64
3Monaco/vs/...arp.js
windows10-2004-x64
3Monaco/vs/...csp.js
windows7-x64
3Monaco/vs/...csp.js
windows10-2004-x64
3Monaco/vs/...css.js
windows7-x64
3Monaco/vs/...css.js
windows10-2004-x64
3Monaco/vs/...ile.js
windows7-x64
3Monaco/vs/...ile.js
windows10-2004-x64
3Analysis
-
max time kernel
150s -
max time network
152s -
platform
windows10-2004_x64 -
resource
win10v2004-20240709-en -
resource tags
arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system -
submitted
22/07/2024, 13:12
Static task
static1
Behavioral task
behavioral1
Sample
Bunifu_UI_v1.5.3.dll
Resource
win7-20240705-en
windows7-x64
Behavioral task
behavioral2
Sample
Bunifu_UI_v1.5.3.dll
Resource
win10v2004-20240709-en
windows10-2004-x64
Behavioral task
behavioral3
Sample
CeleryCracked.dll
Resource
win7-20240708-en
windows7-x64
Behavioral task
behavioral4
Sample
CeleryCracked.dll
Resource
win10v2004-20240709-en
windows10-2004-x64
Behavioral task
behavioral5
Sample
CeleryIn.dll
Resource
win7-20240704-en
windows7-x64
Behavioral task
behavioral6
Sample
CeleryIn.dll
Resource
win10v2004-20240709-en
windows10-2004-x64
Behavioral task
behavioral7
Sample
CeleryInject.exe
Resource
win7-20240708-en
windows7-x64
Behavioral task
behavioral8
Sample
CeleryInject.exe
Resource
win10v2004-20240709-en
windows10-2004-x64
Behavioral task
behavioral9
Sample
Microsoft.Web.WebView2.Core.dll
Resource
win7-20240708-en
windows7-x64
Behavioral task
behavioral10
Sample
Microsoft.Web.WebView2.Core.dll
Resource
win10v2004-20240709-en
windows10-2004-x64
Behavioral task
behavioral11
Sample
Microsoft.Web.WebView2.WinForms.dll
Resource
win7-20240704-en
windows7-x64
Behavioral task
behavioral12
Sample
Microsoft.Web.WebView2.WinForms.dll
Resource
win10v2004-20240709-en
windows10-2004-x64
Behavioral task
behavioral13
Sample
Microsoft.Web.WebView2.Wpf.dll
Resource
win7-20240704-en
windows7-x64
Behavioral task
behavioral14
Sample
Microsoft.Web.WebView2.Wpf.dll
Resource
win10v2004-20240709-en
windows10-2004-x64
Behavioral task
behavioral15
Sample
Monaco/Monaco.html
Resource
win7-20240704-en
windows7-x64
Behavioral task
behavioral16
Sample
Monaco/Monaco.html
Resource
win10v2004-20240709-en
windows10-2004-x64
Behavioral task
behavioral17
Sample
Monaco/vs/base/worker/workerMain.js
Resource
win7-20240708-en
windows7-x64
Behavioral task
behavioral18
Sample
Monaco/vs/base/worker/workerMain.js
Resource
win10v2004-20240704-en
windows10-2004-x64
Behavioral task
behavioral19
Sample
Monaco/vs/basic-languages/bat/bat.js
Resource
win7-20240705-en
windows7-x64
Behavioral task
behavioral20
Sample
Monaco/vs/basic-languages/bat/bat.js
Resource
win10v2004-20240709-en
windows10-2004-x64
Behavioral task
behavioral21
Sample
Monaco/vs/basic-languages/coffee/coffee.js
Resource
win7-20240704-en
windows7-x64
Behavioral task
behavioral22
Sample
Monaco/vs/basic-languages/coffee/coffee.js
Resource
win10v2004-20240709-en
windows10-2004-x64
Behavioral task
behavioral23
Sample
Monaco/vs/basic-languages/cpp/cpp.js
Resource
win7-20240705-en
windows7-x64
Behavioral task
behavioral24
Sample
Monaco/vs/basic-languages/cpp/cpp.js
Resource
win10v2004-20240709-en
windows10-2004-x64
Behavioral task
behavioral25
Sample
Monaco/vs/basic-languages/csharp/csharp.js
Resource
win7-20240704-en
windows7-x64
Behavioral task
behavioral26
Sample
Monaco/vs/basic-languages/csharp/csharp.js
Resource
win10v2004-20240709-en
windows10-2004-x64
Behavioral task
behavioral27
Sample
Monaco/vs/basic-languages/csp/csp.js
Resource
win7-20240708-en
windows7-x64
Behavioral task
behavioral28
Sample
Monaco/vs/basic-languages/csp/csp.js
Resource
win10v2004-20240709-en
windows10-2004-x64
Behavioral task
behavioral29
Sample
Monaco/vs/basic-languages/css/css.js
Resource
win7-20240704-en
windows7-x64
Behavioral task
behavioral30
Sample
Monaco/vs/basic-languages/css/css.js
Resource
win10v2004-20240709-en
windows10-2004-x64
Behavioral task
behavioral31
Sample
Monaco/vs/basic-languages/dockerfile/dockerfile.js
Resource
win7-20240704-en
windows7-x64
Behavioral task
behavioral32
Sample
Monaco/vs/basic-languages/dockerfile/dockerfile.js
Resource
win10v2004-20240709-en
windows10-2004-x64
General
-
Target
CeleryInject.exe
-
Size
3.2MB
-
MD5
3b5f8a3991aa5e0079bbc52c7518c4d4
-
SHA1
bf62e397e6e6868be795d31bfdc18531646058fc
-
SHA256
f5035da7de64c48f6b1eaf947a028f0e5fd3970f971c2a6c6075501c4aad1af8
-
SHA512
686cf331ae4e90e03d05b44d6acbeff1cc42883f76c701f32f97889f8dd159e6b409fa01d66477cb1b57d4c5ec5adad121466b74570072192435d9d56a7226d2
-
SSDEEP
24576:0r+wL9+Acp2DOJeol+3oEL+53iauYCzafbOpKnNDGjaNYcpbdp3fsSzDsIasqGVN:0r+wQADDOThiLub1DGjaNlpxp3fZaQ
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 64 IoCs
pid Process 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe 3456 CeleryInject.exe