CeleryInstaller[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

CeleryInstaller.exe
Size

950KB
MD5

010e4de815635b1c05441163ccb5aa85
SHA1

4769378606c0af271222dc8290993a92849d41e2
SHA256

284dba6e94cbb3f37809090e267cb0de6177fb01f88b55c0f60d076412b053dc
SHA512

936c0ab74518eb45353b8033e2f1d16793290cec0900ad1ecc89cc36201c456c971968bb2aa2bd8e2525a12da98a9ab7fc34a4a4d1068c2b43e5a5e0e2a6263f
SSDEEP

24576:tuMYDG0WHKr5D5cO5DuU/jaHW11rnJC61uAIHasx0Z:tuMOrYOwuaHanJ4A+0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
CeleryInstaller.exe

Files

CeleryInstaller.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 912KB - Virtual size: 911KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ