Overview
overview
10Static
static
102024 star ...pi.dll
windows7-x64
12024 star ...pi.dll
windows10-2004-x64
1FastColore...ox.dll
windows7-x64
1FastColore...ox.dll
windows10-2004-x64
1Guna.UI2.dll
windows7-x64
1Guna.UI2.dll
windows10-2004-x64
1Leave.exe
windows7-x64
3Leave.exe
windows10-2004-x64
10Shaakey-id...in.exe
windows7-x64
7Shaakey-id...in.exe
windows10-2004-x64
7api/CeleryIn.dll
windows7-x64
1api/CeleryIn.dll
windows10-2004-x64
1api/CeleryInject.exe
windows7-x64
1api/CeleryInject.exe
windows10-2004-x64
1bin/API.dll
windows7-x64
1bin/API.dll
windows10-2004-x64
1main.exe
windows7-x64
7main.exe
windows10-2004-x64
7Analysis
-
max time kernel
150s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
14-09-2024 08:45
Behavioral task
behavioral1
Sample
2024 star of the night Api.dll
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
2024 star of the night Api.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral3
Sample
FastColoredTextBox.dll
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
FastColoredTextBox.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral5
Sample
Guna.UI2.dll
Resource
win7-20240903-en
Behavioral task
behavioral6
Sample
Guna.UI2.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral7
Sample
Leave.exe
Resource
win7-20240903-en
Behavioral task
behavioral8
Sample
Leave.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral9
Sample
Shaakey-idfk12-09d89e6/main.exe
Resource
win7-20240903-en
Behavioral task
behavioral10
Sample
Shaakey-idfk12-09d89e6/main.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral11
Sample
api/CeleryIn.dll
Resource
win7-20240708-en
Behavioral task
behavioral12
Sample
api/CeleryIn.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral13
Sample
api/CeleryInject.exe
Resource
win7-20240903-en
Behavioral task
behavioral14
Sample
api/CeleryInject.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral15
Sample
bin/API.dll
Resource
win7-20240903-en
Behavioral task
behavioral16
Sample
bin/API.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral17
Sample
main.exe
Resource
win7-20240729-en
Behavioral task
behavioral18
Sample
main.exe
Resource
win10v2004-20240802-en
General
-
Target
api/CeleryInject.exe
-
Size
4.8MB
-
MD5
ed10dc5297ce06b1f2ac9be338813439
-
SHA1
e6423d50a5dab548b2d77799abfca9d6db0f83bd
-
SHA256
e97562123b7c059aec0e31a3bdc402f13e41e9f0ab38857b1adf948b350a8a94
-
SHA512
bc061587e29eca586c1f4a70cd4d7ee73b83b13642f763609af36cea6297917ac86bfca861fdc08113fd3107793ed9f93e7b9bdc8408b34cb1a0751482809a84
-
SSDEEP
49152:nJm4iNvgKzFKHLT48y3vPqAmDGjyAlqP53Ps9Ssudn1dnndn+dnMHJtk:JGI5HWeK
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 64 IoCs
pid Process 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe 1696 CeleryInject.exe