Register Login

Deep Malware Analysis

top title background image

celestial.exe

Status: finished

Submission Time: 2023-12-30 15:36:06 +01:00

Malicious

Evader

Comments

Tags

Details

Analysis ID:
1368264
API (Web) ID:
1368264
Analysis Started:

2023-12-30 15:36:06 +01:00
Analysis Finished:

2023-12-30 15:46:21 +01:00
MD5:
cec816960188a34222c09dc73bf6d863
SHA1:
f5a41b754eabbb8819125ba355e3f3d05c6fe583
SHA256:
05b0abfcd182e11dd4cab4c7b830edbd92f8001fbe7ed91876acdd5c49904a2c
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
		malicious
	Full Report Management Report IOC Report	malicious Score: 68	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
	Full Report Management Report IOC Report	malicious Score: 68	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 Run Condition: Run with higher sleep bypass

Third Party Analysis Engines

Open Full Report

malicious

Score: 34/70

malicious

Score: 11/37

Domains

Name	IP	Detection
celestial-6356.onrender.com	0.0.0.0

URLs

Name	Detection
http://celestial-6356.onrender.com
https://www.newtonsoft.com/jsonschema
https://celestial-6356.onrender.com/newinjector#
Click to see the 11 hidden entries
https://celestial-6356.onrender.com/downloadv2launcher
https://www.newtonsoft.com/json
http://upx.sf.net
https://celestial-6356.onrender.com/newinjector
https://www.nuget.org/packages/Newtonsoft.Json.Bson
https://celestial-6356.onrender.com
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameP
https://celestial-6356.onrender.com/v3_3942hHA/api/version
http://celestial-6356.onrender.comd
http://james.newtonking.com/projects/json
https://github.com/JamesNK/Newtonsoft.Json

Dropped files

No malicious files found. See full and IOC report for all dropped files.