Overview

overview

7

Static

static

7

server/start.bat

windows10-2004-x64

1

Resubmissions

23/07/2024, 13:51

240723-q6ahxstblq 7

23/07/2024, 13:50

240723-q5gkvataqr 7

Sharing

Copy URL Twitter E-mail

General

  • Target

    [CRACKED BY L1nc0In] Celestial (2).rar

  • Size

    13.1MB

  • MD5

    636c1ebadd92b21114fcb17c5c640032

  • SHA1

    22eb7705a181bd1a0b1291c1304470e31761774d

  • SHA256

    ef63fd911b2fae0822c9c35e513b9660890dd09e131add652856f8d5e3586162

  • SHA512

    f9490f7354b025a8cba4d198e624beb5ec4ee5ce46c75ffca34fcd03b368beddacd9492ed2dfefdb0eb39d693092ccec56fbff3ffd652d3a58dcb68c6b076d04

  • SSDEEP

    196608:LwKLUXdrrtFo6FH4tLKQEhkGTktUr8cNCZiX54kSIRwR8H6G5/Qj3d3GxPaP7QMs:Z+dfF/TNdNCZiJ3RcZ423d2g0X

Score
7/10
themida

Malware Config

Signatures

  • Themida packer 1 IoCs

    Detects Themida, an advanced Windows software protection system.

    themida
  • Unsigned PE 18 IoCs

    Checks for missing Authenticode signature.

Files

  • [CRACKED BY L1nc0In] Celestial (2).rar
    .rar

    Password: L1nc0In

  • Celestial.exe
    .exe windows:4 windows x64 arch:x64

    Password: L1nc0In


    Headers

    Sections

  • CelestialPatcher.exe
    .exe windows:6 windows x64 arch:x64

    Password: L1nc0In

    d341ecf5263ee0002cca002652f0c62c


    Headers

    Imports

    Exports

    Sections

  • IconExtractor.dll
    .dll windows:4 windows x86 arch:x86

    Password: L1nc0In

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Notifications.Wpf.dll
    .dll windows:4 windows x86 arch:x86

    Password: L1nc0In

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Vestris.ResourceLib.dll
    .dll windows:4 windows x86 arch:x86

    Password: L1nc0In

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • WinMM.Net.dll
    .dll windows:4 windows x86 arch:x86

    Password: L1nc0In

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • data/6c.dll
  • data/8c.dll
  • data/RT.bin
  • data/RTS.bin
  • data/asm.exe
    .exe windows:4 windows x64 arch:x64

    Password: L1nc0In

    245fd5847db29ac01003e87f2fc0fe30


    Headers

    Imports

    Sections

  • data/d.exe
  • data/injector.bin
  • data/libs/AForge.Video.DirectShow.dll
    .dll windows:4 windows x86 arch:x86

    Password: L1nc0In

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • data/libs/AForge.Video.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • data/libs/DotNetZip.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • data/libs/SharpDX.DXGI.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • data/libs/SharpDX.Direct3D11.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • data/libs/SharpDX.Direct3D9.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • data/libs/SharpDX.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • data/payload/m.exe
    .exe windows:4 windows x86 arch:x86

    51e7ef6b1d43d0d05d7109dee9789560


    Headers

    Imports

    Sections

  • data/payload/sig.py
  • data/stub.bin
  • dnlib.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • log.txt
  • scripts/ClipperLib.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • server/Server.deps.json
  • server/Server.dll
    .exe windows:4 windows x64 arch:x64


    Headers

    Sections

  • server/Server.runtimeconfig.json
  • server/net8 linux install.txt
  • server/start.bat
  • server/start.sh
  • sound.wav