Overview
overview
10Static
static
10Release/Ce...IR.dll
windows7-x64
1Release/Ce...IR.dll
windows10-2004-x64
1Release/CeleryIn.dll
windows7-x64
1Release/CeleryIn.dll
windows10-2004-x64
1Release/Ce...ct.exe
windows7-x64
1Release/Ce...ct.exe
windows10-2004-x64
1Release/EvolveAPI.dll
windows7-x64
1Release/EvolveAPI.dll
windows10-2004-x64
1Release/Flux.dll
windows7-x64
1Release/Flux.dll
windows10-2004-x64
1Release/Guna.UI2.dll
windows7-x64
1Release/Guna.UI2.dll
windows10-2004-x64
1Release/Mi...re.dll
windows7-x64
1Release/Mi...re.dll
windows10-2004-x64
1Release/Mi...ms.dll
windows7-x64
1Release/Mi...ms.dll
windows10-2004-x64
1Release/Mi...pf.dll
windows7-x64
1Release/Mi...pf.dll
windows10-2004-x64
1Release/Mo...o.html
windows7-x64
1Release/Mo...o.html
windows10-2004-x64
1Release/Mo...ug.log
windows7-x64
1Release/Mo...ug.log
windows10-2004-x64
1Release/Mo...et.dll
windows7-x64
3Release/Mo...et.dll
windows10-2004-x64
3Release/Mo...ain.js
windows7-x64
3Release/Mo...ain.js
windows10-2004-x64
3Release/Mo...lua.js
windows7-x64
3Release/Mo...lua.js
windows10-2004-x64
3Release/Mo...ain.js
windows7-x64
3Release/Mo...ain.js
windows10-2004-x64
3Release/Mo....de.js
windows7-x64
3Release/Mo....de.js
windows10-2004-x64
3Analysis
-
max time kernel
150s -
max time network
126s -
platform
windows10-2004_x64 -
resource
win10v2004-20240611-en -
resource tags
arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system -
submitted
01-07-2024 01:35
Behavioral task
behavioral1
Sample
Release/CeleryAPIR.dll
Resource
win7-20240611-en
windows7-x64
Behavioral task
behavioral2
Sample
Release/CeleryAPIR.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral3
Sample
Release/CeleryIn.dll
Resource
win7-20240419-en
windows7-x64
Behavioral task
behavioral4
Sample
Release/CeleryIn.dll
Resource
win10v2004-20240611-en
windows10-2004-x64
Behavioral task
behavioral5
Sample
Release/CeleryInject.exe
Resource
win7-20240508-en
windows7-x64
Behavioral task
behavioral6
Sample
Release/CeleryInject.exe
Resource
win10v2004-20240611-en
windows10-2004-x64
Behavioral task
behavioral7
Sample
Release/EvolveAPI.dll
Resource
win7-20240508-en
windows7-x64
Behavioral task
behavioral8
Sample
Release/EvolveAPI.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral9
Sample
Release/Flux.dll
Resource
win7-20240508-en
windows7-x64
Behavioral task
behavioral10
Sample
Release/Flux.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral11
Sample
Release/Guna.UI2.dll
Resource
win7-20240611-en
windows7-x64
Behavioral task
behavioral12
Sample
Release/Guna.UI2.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral13
Sample
Release/Microsoft.Web.WebView2.Core.dll
Resource
win7-20240611-en
windows7-x64
Behavioral task
behavioral14
Sample
Release/Microsoft.Web.WebView2.Core.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral15
Sample
Release/Microsoft.Web.WebView2.WinForms.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral16
Sample
Release/Microsoft.Web.WebView2.WinForms.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral17
Sample
Release/Microsoft.Web.WebView2.Wpf.dll
Resource
win7-20240419-en
windows7-x64
Behavioral task
behavioral18
Sample
Release/Microsoft.Web.WebView2.Wpf.dll
Resource
win10v2004-20240611-en
windows10-2004-x64
Behavioral task
behavioral19
Sample
Release/Monaco/Monaco.html
Resource
win7-20240220-en
windows7-x64
Behavioral task
behavioral20
Sample
Release/Monaco/Monaco.html
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral21
Sample
Release/Monaco/debug.log
Resource
win7-20231129-en
windows7-x64
Behavioral task
behavioral22
Sample
Release/Monaco/debug.log
Resource
win10v2004-20240611-en
windows10-2004-x64
Behavioral task
behavioral23
Sample
Release/Monaco/vs/MonacoNet.dll
Resource
win7-20240508-en
windows7-x64
Behavioral task
behavioral24
Sample
Release/Monaco/vs/MonacoNet.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral25
Sample
Release/Monaco/vs/base/worker/workerMain.js
Resource
win7-20240611-en
windows7-x64
Behavioral task
behavioral26
Sample
Release/Monaco/vs/base/worker/workerMain.js
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral27
Sample
Release/Monaco/vs/basic-languages/lua/lua.js
Resource
win7-20231129-en
windows7-x64
Behavioral task
behavioral28
Sample
Release/Monaco/vs/basic-languages/lua/lua.js
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral29
Sample
Release/Monaco/vs/editor/editor.main.js
Resource
win7-20240220-en
windows7-x64
Behavioral task
behavioral30
Sample
Release/Monaco/vs/editor/editor.main.js
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral31
Sample
Release/Monaco/vs/editor/editor.main.nls.de.js
Resource
win7-20240508-en
windows7-x64
Behavioral task
behavioral32
Sample
Release/Monaco/vs/editor/editor.main.nls.de.js
Resource
win10v2004-20240508-en
windows10-2004-x64
General
-
Target
Release/CeleryInject.exe
-
Size
3.2MB
-
MD5
53c98ae66a46b2a922b2f18f39c3e033
-
SHA1
292da9727277cfdd7470279ceefc9fb1bc8cbac5
-
SHA256
8d5c649876d17ade85501a7639e0f2726c990e5769057c63cf24b24adeea2a6d
-
SHA512
bad25c9273049eb278c4ea6d895adc297948f182c4e7f2e3498ae5ea057694ae5c2a63840579f8543ee341ee0fcf10d15bfd3a2c275245fc94d8982dd9868e35
-
SSDEEP
49152:8v4Pv9dBMKVHIVWP42DGjaNlpLp3fglx6:dVdThp
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 64 IoCs
Processes:
CeleryInject.exepid process 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe 3044 CeleryInject.exe