Celesty[.]exe | Triage

Sharing

General

Target

Celesty.exe
Size

1.7MB
MD5

8966d25141f5e150ff7d02ac502cce46
SHA1

f882485d1ffac1b75b60794824b771e4ce33d7b7
SHA256

8694257c04deed3937833145954c65564627f7d40cd20f8401696933a03b7e3f
SHA512

caedef6e8fdc042d6586816bdc87c36b3d40c22a8e4e331d46296b669ed03f2e295f4b44ed4092f43e8d0dad8cc40766982d6938d1d638fb4e4eecaddd529df3
SSDEEP

49152:6PxCjaDpascfyHTtgWc79pGvFog9hlQ0xM7QYeYnUgy:mCq4sokTtlPFooQzzU/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Celesty.exe

Files

Celesty.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ