8ae0f170187701c391a7ef44d957dde423be508bff66e13ad7e375153230011a

Submit
Reports

Overview

overview

Static

static

SeroXenPTO.rar

windows10-2004-x64

SeroXenPTO...to.dll

windows10-2004-x64

SeroXenPTO/C5VM.dll

windows10-2004-x64

SeroXenPTO...re.dll

windows10-2004-x64

SeroXenPTO...ll.dll

windows10-2004-x64

SeroXenPTO...ok.dll

windows10-2004-x64

SeroXenPTO...ET.dll

windows10-2004-x64

SeroXenPTO...im.dll

windows10-2004-x64

SeroXenPTO...er.dll

windows10-2004-x64

SeroXenPTO...ce.dll

windows10-2004-x64

SeroXenPTO...es.dll

windows10-2004-x64

SeroXenPTO...ns.dll

windows10-2004-x64

SeroXenPTO...rk.dll

windows10-2004-x64

SeroXenPTO...db.dll

windows10-2004-x64

SeroXenPTO...db.dll

windows10-2004-x64

SeroXenPTO...ks.dll

windows10-2004-x64

SeroXenPTO...il.dll

windows10-2004-x64

SeroXenPTO...at.dll

windows10-2004-x64

SeroXenPTO...th.dll

windows10-2004-x64

SeroXenPTO...lt.xml

windows10-2004-x64

SeroXenPTO...ts.dll

windows10-2004-x64

SeroXenPTO...on.dll

windows10-2004-x64

SeroXenPTO...et.dll

windows10-2004-x64

SeroXenPTO...en.exe

windows10-2004-x64

SeroXenPTO...TO.exe

windows10-2004-x64

SeroXenPTO...on.dll

windows10-2004-x64

SeroXenPTO...le.dll

windows10-2004-x64

SeroXenPTO...ib.dll

windows10-2004-x64

SeroXenPTO...bf.bin

windows10-2004-x64

SeroXenPTO/dnlib.dll

windows10-2004-x64

SeroXenPTO...et.dll

windows10-2004-x64

SeroXenPTO...gs.xml

windows10-2004-x64

Analysis

max time kernel
66s
max time network
55s
platform
windows10-2004_x64
resource
win10v2004-20240419-en
resource tags

arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
submitted
28-04-2024 03:21

Sharing

Copy URL

Twitter E-mail

Static task

static1

quasar

3 signatures

Behavioral task

behavioral1

Sample

SeroXenPTO.rar

Resource

win10v2004-20240419-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

SeroXenPTO/BouncyCastle.Crypto.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

SeroXenPTO/C5VM.dll

Resource

win10v2004-20240419-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

SeroXenPTO/Cake.Core.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

SeroXenPTO/Cake.Powershell.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

SeroXenPTO/Gma.System.MouseKeyHook.dll

Resource

win10v2004-20240419-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

SeroXenPTO/Logic.NET.dll

Resource

win10v2004-20240419-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

SeroXenPTO/Microsoft.VisualStudio.CodeCoverage.Shim.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

SeroXenPTO/Microsoft.VisualStudio.TestPlatform.MSTest.TestAdapter.dll

Resource

win10v2004-20240419-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

SeroXenPTO/Microsoft.VisualStudio.TestPlatform.MSTestAdapter.PlatformServices.Interface.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

SeroXenPTO/Microsoft.VisualStudio.TestPlatform.MSTestAdapter.PlatformServices.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

SeroXenPTO/Microsoft.VisualStudio.TestPlatform.TestFramework.Extensions.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

SeroXenPTO/Microsoft.VisualStudio.TestPlatform.TestFramework.dll

Resource

win10v2004-20240419-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

SeroXenPTO/Mono.Cecil.Mdb.dll

Resource

win10v2004-20240419-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

SeroXenPTO/Mono.Cecil.Pdb.dll

Resource

win10v2004-20240419-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

SeroXenPTO/Mono.Cecil.Rocks.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

SeroXenPTO/Mono.Cecil.dll

Resource

win10v2004-20240419-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

SeroXenPTO/Open.Nat.dll

Resource

win10v2004-20240419-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

SeroXenPTO/PTOAuth.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

SeroXenPTO/Profiles/Default.xml

Resource

win10v2004-20240419-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

SeroXenPTO/Quasar.Common.Tests.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral22

Sample

SeroXenPTO/Quasar.Common.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral23

Sample

SeroXenPTO/Renci.SshNet.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral24

Sample

SeroXenPTO/SeroXen.exe

Resource

win10v2004-20240419-en

quasar evasion spyware themida trojan

windows10-2004-x64

9 signatures

150 seconds

Behavioral task

behavioral25

Sample

SeroXenPTO/SeroXenPTO.exe

Resource

win10v2004-20240419-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral26

Sample

SeroXenPTO/System.Management.Automation.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral27

Sample

SeroXenPTO/System.ValueTuple.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral28

Sample

SeroXenPTO/Vestris.ResourceLib.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral29

Sample

SeroXenPTO/client_obf.bin

Resource

win10v2004-20240419-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral30

Sample

SeroXenPTO/dnlib.dll

Resource

win10v2004-20240419-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral31

Sample

SeroXenPTO/protobuf-net.dll

Resource

win10v2004-20240419-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral32

Sample

SeroXenPTO/settings.xml

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

150 seconds

Report Analysis Logs

General

Target

SeroXenPTO/Profiles/Default.xml
Size

1016B
MD5

2ffcc04969560f036c866b5de3b581fb
SHA1

83190452d6100266f7be1ab3a91a83684b4cd6ff
SHA256

2b31dc602654d2ce209c69b02f5cff9046942406a76c976bda400ef47373a514
SHA512

fb387a7c436c1ffd798bb529051302da51c3a62db26233df4dce92e9f801132c48dac8871f832d8d7503f9f60a6715513701802d1e6e5f79777e7d165404a7e4

Score

1^/10

Malware Config

Signatures

Processes

C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLED.EXE
"C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLED.EXE" /verb open "C:\Users\Admin\AppData\Local\Temp\SeroXenPTO\Profiles\Default.xml"
1⤵
PID:4348

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4348-0-0x00007FF978250000-0x00007FF978260000-memory.dmp

Filesize
64KB

Download
memory/4348-1-0x00007FF9B81D0000-0x00007FF9B83C5000-memory.dmp

Filesize
2.0MB

Download
memory/4348-2-0x00007FF9B58F0000-0x00007FF9B5BB9000-memory.dmp

Filesize
2.8MB

Download
memory/4348-3-0x00007FF978250000-0x00007FF978260000-memory.dmp

Filesize
64KB

Download
memory/4348-4-0x00007FF9B81D0000-0x00007FF9B83C5000-memory.dmp

Filesize
2.0MB

Download