CeleryInstaller (2)[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

CeleryInstaller (2).exe
Size

1.2MB
MD5

3902bed1239777138b1cbcf17ba79910
SHA1

762bd052bd66474b1e5c57083b125c7ef80d8065
SHA256

3ab431f6cd7a4bfbf4039dba7ababc8b8b35aa99b5df8e6697eb2794e782e015
SHA512

9898285093253aece38862974e0d2d07dc3ae2eec22bbc6199476de773138dbb48404113c61a372d8b622f7159111a792a04a92a4f67d1f716aac9be738b96d1
SSDEEP

24576:E7Rof1S8YVua/Sig8FMndEYes8U7NXPdA2+vxgPzJQ0Z:Uyf1jYVusl4djeSRFW21

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
CeleryInstaller (2).exe

Files

CeleryInstaller (2).exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ