Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

CeleryInstaller.exe

windows7-x64

3

CeleryInstaller.exe

windows10-2004-x64

7

Resubmissions

11/08/2024, 09:27 UTC

240811-lezaratdrl 7

Analysis

  • max time kernel
    117s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    11/08/2024, 09:27 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    CeleryInstaller.exe

  • Size

    822KB

  • MD5

    0bd82e264be214414d6dd26bac3e1770

  • SHA1

    5325e64053dcf599a9c5cedec532418716f9d357

  • SHA256

    60593ced1e78fd4b3fdffcd58bcde989d8e9b031b3ad9132815fdf614e0449d4

  • SHA512

    842a80fed2286d06987cd2dde7ae94fc6c7986eb49cc62684f62f148973e5080df7866e1d2f81d53cb5ac95ef9d88489f6765265e29104be0ae349c6a3164592

  • SSDEEP

    12288:c5SsIg0ZvkY29slOLJFbJZXM1Eg/2QAu4NRFNxIg0Z:Ru0ZvkY29+OLfzI2Q0NH10Z

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\CeleryInstaller.exe
    "C:\Users\Admin\AppData\Local\Temp\CeleryInstaller.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:2968

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2968-0-0x00000000740EE000-0x00000000740EF000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2968-1-0x0000000000FD0000-0x00000000010A2000-memory.dmp

    Filesize

    840KB

    Download

  • memory/2968-2-0x00000000740E0000-0x00000000747CE000-memory.dmp

    Filesize

    6.9MB

    Download

  • memory/2968-4-0x0000000000AD0000-0x0000000000ADA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2968-3-0x0000000000AD0000-0x0000000000ADA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2968-5-0x00000000740E0000-0x00000000747CE000-memory.dmp

    Filesize

    6.9MB

    Download

  • memory/2968-6-0x00000000740EE000-0x00000000740EF000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2968-7-0x00000000740E0000-0x00000000747CE000-memory.dmp

    Filesize

    6.9MB

    Download

  • memory/2968-8-0x0000000000AD0000-0x0000000000ADA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2968-9-0x0000000000AD0000-0x0000000000ADA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2968-10-0x00000000740E0000-0x00000000747CE000-memory.dmp

    Filesize

    6.9MB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.