CeleryInstaller[.]exe | Triage

Sharing

General

Target

CeleryInstaller.exe
Size

828KB
MD5

3c8603f5225052c1375f87ecb572690c
SHA1

9ad1026b68030bd1ec7bc6fd25e3a3a8f6be5ad7
SHA256

e0365edc35c855afe7ff301328f265b363d81afca23efa88bcb5f2f8f35c739b
SHA512

cbd0df325cad43c56847765d9327774c91fdb15a558ee93a75189a3d94465231c375d64bcd777d176734cc95c6d095cd25f3e27c37ae9361b9e63c1fa9973cec
SSDEEP

24576:3f0ZvkIP9VM9aexhgaBPbhhhchhhwSf8SDf0Z:+vkIP93F8SDu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
CeleryInstaller.exe

Files

CeleryInstaller.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\stent\source\repos\Celery-FOSS\CeleryInstaller\CeleryInstaller\bin\Release\CeleryInstaller.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 789KB - Virtual size: 789KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ