CelestialUUpdate[.]exe | Triage

Sharing

General

Target

CelestialUUpdate.exe
Size

1.2MB
MD5

8b16db15e2df974f1e2d4d36934d8067
SHA1

2392ba431d064fbcdf8812056a0398e28d3985ae
SHA256

c9f1853eb63ea24a952a37bb0a5853be5333e94097e0ff3a60474fb022e09ae7
SHA512

be01dc9ca1db5dbf6399b7568b9e063adbc617dfc686f74faf648318138c9673e09e97e6922116512d1df56cb5197fb016bfe549c21b6f022493bfcde9150f29
SSDEEP

24576:2fFSkjA+SpS/h3UYU2Uq74JZXXKn4VNWF40LrBjcnbPaF/MPqoXj2:2NhfGSJUD2UqGXaHr9cn7PXC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
CelestialUUpdate.exe

Files

CelestialUUpdate.exe
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 55KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 206KB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 957KB - Virtual size: 960KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE