quasar | sero[.]zip

Resubmissions

24-12-2024 19:02

241224-xp5fastrdy 10

16-07-2024 19:00

240716-xn2b9avhmm 10

29-04-2024 18:50

240429-xhbjmsac4x 10

29-04-2024 18:47

240429-xffetahh23 10

Sharing

Copy URL

Twitter E-mail

General

Target

sero.zip
Size

7.9MB
MD5

e2e88fe8a7c8cfee0d814f8ec54b2252
SHA1

2345f7856db703fe000b1970d090220ddde37fa7
SHA256

480f683d425ef49564b7506f057daae3a42f080915101afe0178768128761249
SHA512

9b192b187f815d30a2ccb665a30d029d7dcc3894b01bd5cec334324fc59b2e406567828be159172bc1efa879523738332b0b2ceb1f8921ee09e90b511898fafb
SSDEEP

196608:+C2QwOvtA+25ZnzwojA5KCuBvu8HDGsJZjV/RWrQX5ch1Oqtl:Nx25tzjE53uBvuQZBsyYf7

Score

10^/10

quasar

Malware Config

Signatures

Quasar family
quasar

Quasar payload 1 IoCs

resource	yara_rule
static1/unpack001/BRUH WTF/bin/Quasar.Common.dll	family_quasar

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/BRUH WTF/SeroXen.exe

Files

sero.zip
.zip
BRUH WTF/README.txt
BRUH WTF/SeroXen Documentation and TOS.pdf
.pdf
BRUH WTF/SeroXen Toolkit Instructions.txt
BRUH WTF/SeroXen.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\C5\Documents\SeroXen Stuff\Quasar-master\Quasar-master-release\bin\Release\net452\REPOS\SeroXen Launcher\SeroXen_Launcher\SeroXen Launcher\bin\x64\Release\SeroXen.pdb

Sections

.text
Size: 317KB - Virtual size: 316KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
BRUH WTF/bin/BouncyCastle.Crypto.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

37:4d:dd:80:d0:6b:63:20:d7:8c:09:38:8b:aa:f9:b6:e1:63:dd:ca
Signer

Actual PE Digest

37:4d:dd:80:d0:6b:63:20:d7:8c:09:38:8b:aa:f9:b6:e1:63:dd:ca

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

BouncyCastle.Crypto.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BRUH WTF/bin/Cake.Core.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

7e:e5:96:07:12:f4:75:26:dc:30:03:fa:fb:28:bc:8a:10:7f:fd:b2
Signer

Actual PE Digest

7e:e5:96:07:12:f4:75:26:dc:30:03:fa:fb:28:bc:8a:10:7f:fd:b2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\C5\Documents\SeroXen Stuff\Quasar-master\Quasar-master-release\bin\Release\Cake.Core.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 587KB - Virtual size: 586KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BRUH WTF/bin/Cake.Powershell.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

a1:a9:3b:a1:ec:45:94:b9:51:63:a4:9e:63:8e:04:bf:f0:a2:74:06
Signer

Actual PE Digest

a1:a9:3b:a1:ec:45:94:b9:51:63:a4:9e:63:8e:04:bf:f0:a2:74:06

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\C5\Documents\SeroXen Stuff\Quasar-master\Quasar-master-release\bin\Release\Cake.Powershell.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BRUH WTF/bin/Gma.System.MouseKeyHook.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

d0:1c:3e:7f:2a:e8:8c:ff:be:e3:ea:13:b8:ad:61:b7:c0:92:ce:5b
Signer

Actual PE Digest

d0:1c:3e:7f:2a:e8:8c:ff:be:e3:ea:13:b8:ad:61:b7:c0:92:ce:5b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\projects\globalmousekeyhook\MouseKeyHook\obj\Debug\Gma.System.MouseKeyHook.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BRUH WTF/bin/Logic.NET.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

e1:47:8e:1f:86:6e:2f:49:e9:27:04:bf:5f:22:b1:6c:63:f9:b8:3a
Signer

Actual PE Digest

e1:47:8e:1f:86:6e:2f:49:e9:27:04:bf:5f:22:b1:6c:63:f9:b8:3a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\C5\Downloads\LoGiC.NET-1.4\LoGiC.NET-1.4\obj\Release\LoGiC.NET.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 469KB - Virtual size: 468KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BRUH WTF/bin/Microsoft.VisualStudio.CodeCoverage.Shim.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

0a:7a:9c:00:f9:bc:ea:8b:0a:1a:1f:6d:6c:3b:ec:44:5b:cd:d0:dc
Signer

Actual PE Digest

0a:7a:9c:00:f9:bc:ea:8b:0a:1a:1f:6d:6c:3b:ec:44:5b:cd:d0:dc

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

F:\binaries\Intermediate\vset\shim.csproj_kqmet5lz\objr\x86\Microsoft.VisualStudio.CodeCoverage.Shim.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BRUH WTF/bin/Microsoft.VisualStudio.TestPlatform.MSTest.TestAdapter.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

5e:bf:52:e5:b7:28:ed:8f:c9:6b:bc:e0:35:d5:3b:b3:00:0e:e2:b2
Signer

Actual PE Digest

5e:bf:52:e5:b7:28:ed:8f:c9:6b:bc:e0:35:d5:3b:b3:00:0e:e2:b2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

E:\A\_work\4790\s\src\Adapter\MSTest.CoreAdapter\obj\Release\Microsoft.VisualStudio.TestPlatform.MSTest.TestAdapter.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BRUH WTF/bin/Microsoft.VisualStudio.TestPlatform.MSTestAdapter.PlatformServices.Interface.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

a7:d9:c5:aa:a1:d3:e2:75:6a:46:13:55:a7:dd:32:83:02:ac:d7:8b
Signer

Actual PE Digest

a7:d9:c5:aa:a1:d3:e2:75:6a:46:13:55:a7:dd:32:83:02:ac:d7:8b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

E:\A\_work\4790\s\src\Adapter\PlatformServices.Interface\obj\Release\Microsoft.VisualStudio.TestPlatform.MSTestAdapter.PlatformServices.Interface.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BRUH WTF/bin/Microsoft.VisualStudio.TestPlatform.MSTestAdapter.PlatformServices.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

5f:65:71:f0:46:1f:d6:7c:1d:d6:18:91:1c:3b:38:1d:67:a7:c9:10
Signer

Actual PE Digest

5f:65:71:f0:46:1f:d6:7c:1d:d6:18:91:1c:3b:38:1d:67:a7:c9:10

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

E:\A\_work\4790\s\src\Adapter\PlatformServices.Desktop\obj\Release\Microsoft.VisualStudio.TestPlatform.MSTestAdapter.PlatformServices.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BRUH WTF/bin/Microsoft.VisualStudio.TestPlatform.TestFramework.Extensions.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

d3:c7:d9:ad:7e:b5:23:e9:82:75:fa:6f:d2:f6:95:1b:5e:47:0f:90
Signer

Actual PE Digest

d3:c7:d9:ad:7e:b5:23:e9:82:75:fa:6f:d2:f6:95:1b:5e:47:0f:90

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

E:\A\_work\4790\s\src\TestFramework\Extension.Desktop\obj\Release\Microsoft.VisualStudio.TestPlatform.TestFramework.Extensions.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BRUH WTF/bin/Microsoft.VisualStudio.TestPlatform.TestFramework.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

9f:0e:a1:3c:e4:6d:79:5a:d2:03:ce:74:d0:8c:e5:a0:ca:75:5c:5b
Signer

Actual PE Digest

9f:0e:a1:3c:e4:6d:79:5a:d2:03:ce:74:d0:8c:e5:a0:ca:75:5c:5b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

E:\A\_work\4790\s\src\TestFramework\MSTest.Core\obj\Release\Microsoft.VisualStudio.TestPlatform.TestFramework.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BRUH WTF/bin/Mono.Cecil.Mdb.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

3d:f2:d5:ca:af:12:66:5b:de:ce:77:71:32:85:6b:b5:64:33:e0:0b
Signer

Actual PE Digest

3d:f2:d5:ca:af:12:66:5b:de:ce:77:71:32:85:6b:b5:64:33:e0:0b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\C5\Documents\SeroXen Stuff\Quasar-master\Quasar-master-release\bin\Release\Mono.Cecil.Mdb.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 188KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BRUH WTF/bin/Mono.Cecil.Pdb.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

79:04:23:6b:3c:e5:f0:83:16:71:8c:d7:c5:f0:08:78:8d:82:9f:ea
Signer

Actual PE Digest

79:04:23:6b:3c:e5:f0:83:16:71:8c:d7:c5:f0:08:78:8d:82:9f:ea

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\C5\Documents\SeroXen Stuff\Quasar-master\Quasar-master-release\bin\Release\Mono.Cecil.Pdb.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 262KB - Virtual size: 262KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BRUH WTF/bin/Mono.Cecil.Rocks.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

6d:52:d8:3f:b3:65:a9:5f:5e:54:b0:d7:1d:68:74:4c:68:a9:b0:8a
Signer

Actual PE Digest

6d:52:d8:3f:b3:65:a9:5f:5e:54:b0:d7:1d:68:74:4c:68:a9:b0:8a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\C5\Documents\SeroXen Stuff\Quasar-master\Quasar-master-release\bin\Release\Mono.Cecil.Rocks.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BRUH WTF/bin/Mono.Cecil.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

c7:2f:ee:81:68:fe:fc:48:9e:19:f7:6b:73:06:22:82:16:5b:9c:89
Signer

Actual PE Digest

c7:2f:ee:81:68:fe:fc:48:9e:19:f7:6b:73:06:22:82:16:5b:9c:89

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\C5\Documents\SeroXen Stuff\Quasar-master\Quasar-master-release\bin\Release\Mono.Cecil.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BRUH WTF/bin/MonoMod.Backports.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

40:8c:05:53:60:a9:2a:e8:62:41:9d:d6:a6:bb:3c:0d:c5:29:e6:b3
Signer

Actual PE Digest

40:8c:05:53:60:a9:2a:e8:62:41:9d:d6:a6:bb:3c:0d:c5:29:e6:b3

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

Z:\Users\aaron\Source\Repos\MonoModReorg\MonoMod\artifacts\obj\MonoMod.Backports\Release\net452\MonoMod.Backports.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 138KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BRUH WTF/bin/MonoMod.ILHelpers.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

09:f5:3d:d4:fd:a1:41:b1:f7:fe:76:84:3e:d9:a0:22:e5:b9:0f:62
Signer

Actual PE Digest

09:f5:3d:d4:fd:a1:41:b1:f7:fe:76:84:3e:d9:a0:22:e5:b9:0f:62

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

Z:\Users\aaron\Source\Repos\MonoModReorg\MonoMod\artifacts\obj\MonoMod.ILHelpers\Release\net452\verpatched\MonoMod.ILHelpers.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BRUH WTF/bin/MonoMod.Utils.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

20:12:5d:b7:00:51:1a:68:5a:af:fc:ea:1b:39:bf:75:8c:9c:31:c6
Signer

Actual PE Digest

20:12:5d:b7:00:51:1a:68:5a:af:fc:ea:1b:39:bf:75:8c:9c:31:c6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

Z:\Users\aaron\Source\Repos\MonoModReorg\MonoMod\artifacts\obj\MonoMod.Utils\Release\net452\MonoMod.Utils.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 321KB - Virtual size: 321KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BRUH WTF/bin/Newtonsoft.Json.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

81:23:d1:fa:ee:1c:d4:58:8e:87:e2:44:00:4a:31:47:44:49:ed:d8
Signer

Actual PE Digest

81:23:d1:fa:ee:1c:d4:58:8e:87:e2:44:00:4a:31:47:44:49:ed:d8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

/_/Src/Newtonsoft.Json/obj/Release/net45/Newtonsoft.Json.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 681KB - Virtual size: 680KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BRUH WTF/bin/Open.Nat.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

ce:73:51:33:f7:08:24:37:19:f0:b0:8e:82:e6:8d:e0:77:49:0a:63
Signer

Actual PE Digest

ce:73:51:33:f7:08:24:37:19:f0:b0:8e:82:e6:8d:e0:77:49:0a:63

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\C5\Documents\SeroXen Stuff\Quasar-master\Quasar-master-release\bin\Release\Open.Nat.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 325KB - Virtual size: 324KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BRUH WTF/bin/Profiles/Default.xml
BRUH WTF/bin/Quasar.Common.Tests.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

27:05:e7:e4:3c:31:79:7e:94:70:0e:a7:1d:4a:aa:48:4b:cf:59:3f
Signer

Actual PE Digest

27:05:e7:e4:3c:31:79:7e:94:70:0e:a7:1d:4a:aa:48:4b:cf:59:3f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\C5\Desktop\dlls\Quasar.Common.Tests.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 948B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BRUH WTF/bin/Quasar.Common.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

79:9f:ac:6a:c4:87:ee:ed:50:d3:9d:1a:9b:94:43:9c:79:d0:78:4c
Signer

Actual PE Digest

79:9f:ac:6a:c4:87:ee:ed:50:d3:9d:1a:9b:94:43:9c:79:d0:78:4c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\C5\Desktop\dlls\Quasar.Common.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 277KB - Virtual size: 276KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BRUH WTF/bin/Renci.SshNet.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

9a:05:25:64:71:e1:0b:eb:d3:26:73:70:77:6f:c1:f7:b7:b2:0d:3b
Signer

Actual PE Digest

9a:05:25:64:71:e1:0b:eb:d3:26:73:70:77:6f:c1:f7:b7:b2:0d:3b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\C5\Documents\SeroXen Stuff\Quasar-master\Quasar-master-release\bin\Release\Renci.SshNet.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BRUH WTF/bin/SeroXen.exe
.exe windows:4 windows x64 arch:x64

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

e4:30:9d:59:dd:1a:c9:1f:e3:4e:2d:c7:ea:91:1b:f5:84:43:60:13
Signer

Actual PE Digest

e4:30:9d:59:dd:1a:c9:1f:e3:4e:2d:c7:ea:91:1b:f5:84:43:60:13

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\C5\Documents\SeroXen Stuff\Quasar-master\Quasar-master-release\bin\Release\net452\REPOS\SeroXen_Initializer\SeroXen\SeroXen\bin\x64\Release\SeroXen.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 359KB - Virtual size: 358KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BRUH WTF/bin/System.Management.Automation.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

1c:14:c3:36:cb:e7:4b:09:75:6c:22:cc:fb:67:e9:69:55:ae:14:fc
Signer

Actual PE Digest

1c:14:c3:36:cb:e7:4b:09:75:6c:22:cc:fb:67:e9:69:55:ae:14:fc

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 344KB - Virtual size: 343KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BRUH WTF/bin/System.ValueTuple.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

e0:5a:d1:da:4b:60:60:fb:28:f2:b5:1c:59:6c:d7:66:96:16:eb:e0
Signer

Actual PE Digest

e0:5a:d1:da:4b:60:60:fb:28:f2:b5:1c:59:6c:d7:66:96:16:eb:e0

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

E:\A\_work\39\s\corefx\bin\obj\AnyOS.AnyCPU.Release\System.ValueTuple\netstandard1.0\System.ValueTuple.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BRUH WTF/bin/Vestris.ResourceLib.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

23:0f:c8:cb:be:02:cd:f3:72:20:6e:48:9c:9f:38:ed:8e:fa:c4:46
Signer

Actual PE Digest

23:0f:c8:cb:be:02:cd:f3:72:20:6e:48:9c:9f:38:ed:8e:fa:c4:46

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\C5\Documents\SeroXen Stuff\Quasar-master\Quasar-master-release\bin\Release\Vestris.ResourceLib.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 281KB - Virtual size: 280KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BRUH WTF/bin/dnlib.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

62:b7:5d:57:b8:45:38:ed:59:7b:10:d2:83:cc:4a:a4:38:1b:93:11
Signer

Actual PE Digest

62:b7:5d:57:b8:45:38:ed:59:7b:10:d2:83:cc:4a:a4:38:1b:93:11

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\C5\Documents\SeroXen Stuff\Quasar-master\Quasar-master-release\bin\Release\dnlib.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 6.1MB - Virtual size: 6.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BRUH WTF/bin/protobuf-net.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

6b:89:d7:bc:b6:90:42:96:f8:93:63:e4:87:b4:31:17:d1:f9:eb:49
Signer

Actual PE Digest

6b:89:d7:bc:b6:90:42:96:f8:93:63:e4:87:b4:31:17:d1:f9:eb:49

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\C5\Documents\SeroXen Stuff\Quasar-master\Quasar-master-release\bin\Release\protobuf-net.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BRUH WTF/bin/settings.xml

Resubmissions

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

PDB Paths

Sections

.text Size: 317KB - Virtual size: 316KB

.rsrc Size: 16KB - Virtual size: 16KB

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38Certificate

37:4d:dd:80:d0:6b:63:20:d7:8c:09:38:8b:aa:f9:b6:e1:63:dd:caSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 2.7MB - Virtual size: 2.7MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38Certificate

7e:e5:96:07:12:f4:75:26:dc:30:03:fa:fb:28:bc:8a:10:7f:fd:b2Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 587KB - Virtual size: 586KB

.rsrc Size: 1024B - Virtual size: 1016B

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38Certificate

a1:a9:3b:a1:ec:45:94:b9:51:63:a4:9e:63:8e:04:bf:f0:a2:74:06Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 81KB - Virtual size: 81KB

.rsrc Size: 1024B - Virtual size: 888B

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38Certificate

d0:1c:3e:7f:2a:e8:8c:ff:be:e3:ea:13:b8:ad:61:b7:c0:92:ce:5bSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 44KB - Virtual size: 43KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38Certificate

e1:47:8e:1f:86:6e:2f:49:e9:27:04:bf:5f:22:b1:6c:63:f9:b8:3aSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text
Size: 317KB - Virtual size: 316KB

.rsrc
Size: 16KB - Virtual size: 16KB

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

37:4d:dd:80:d0:6b:63:20:d7:8c:09:38:8b:aa:f9:b6:e1:63:dd:ca
Signer

.text
Size: 2.7MB - Virtual size: 2.7MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

7e:e5:96:07:12:f4:75:26:dc:30:03:fa:fb:28:bc:8a:10:7f:fd:b2
Signer

.text
Size: 587KB - Virtual size: 586KB

.rsrc
Size: 1024B - Virtual size: 1016B

.reloc
Size: 512B - Virtual size: 12B

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

a1:a9:3b:a1:ec:45:94:b9:51:63:a4:9e:63:8e:04:bf:f0:a2:74:06
Signer

.text
Size: 81KB - Virtual size: 81KB

.rsrc
Size: 1024B - Virtual size: 888B

.reloc
Size: 512B - Virtual size: 12B

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

d0:1c:3e:7f:2a:e8:8c:ff:be:e3:ea:13:b8:ad:61:b7:c0:92:ce:5b
Signer

.text
Size: 44KB - Virtual size: 43KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 12B

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

e1:47:8e:1f:86:6e:2f:49:e9:27:04:bf:5f:22:b1:6c:63:f9:b8:3a
Signer

.text
Size: 469KB - Virtual size: 468KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

0a:7a:9c:00:f9:bc:ea:8b:0a:1a:1f:6d:6c:3b:ec:44:5b:cd:d0:dc
Signer

.text
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

5e:bf:52:e5:b7:28:ed:8f:c9:6b:bc:e0:35:d5:3b:b3:00:0e:e2:b2
Signer

.text
Size: 120KB - Virtual size: 120KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

a7:d9:c5:aa:a1:d3:e2:75:6a:46:13:55:a7:dd:32:83:02:ac:d7:8b
Signer

.text
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

5f:65:71:f0:46:1f:d6:7c:1d:d6:18:91:1c:3b:38:1d:67:a7:c9:10
Signer

.text
Size: 95KB - Virtual size: 95KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

d3:c7:d9:ad:7e:b5:23:e9:82:75:fa:6f:d2:f6:95:1b:5e:47:0f:90
Signer