Overview

overview

10

Static

static

10

Seroxen.rar

windows11-21h2-x64

3

Guna.UI2.dll

windows11-21h2-x64

1

Mono.Cecil.dll

windows11-21h2-x64

1

Mono.Nat.dll

windows11-21h2-x64

1

Octokit.dll

windows11-21h2-x64

1

Octokit.xml

windows11-21h2-x64

1

Profiles/Default.xml

windows11-21h2-x64

1

SeroR0X.exe.xml

windows11-21h2-x64

1

Seroxen la....2.exe

windows11-21h2-x64

10

Siticone.D...UI.dll

windows11-21h2-x64

1

Unify.exe.xml

windows11-21h2-x64

1

Unity.Burs...fe.dll

windows11-21h2-x64

1

Unity.Burst.dll

windows11-21h2-x64

1

Unity.Mathematics.dll

windows11-21h2-x64

1

Unity.ProB...ee.dll

windows11-21h2-x64

1

Unity.ProB...ri.dll

windows11-21h2-x64

1

Unity.ProBuilder.dll

windows11-21h2-x64

1

UnityEngin...le.dll

windows11-21h2-x64

1

UnityEngin...le.dll

windows11-21h2-x64

1

UnityEngin...le.dll

windows11-21h2-x64

1

UnityEngin...le.dll

windows11-21h2-x64

1

UnityEngin...le.dll

windows11-21h2-x64

1

UnityEngin...le.dll

windows11-21h2-x64

1

UnityEngin...le.dll

windows11-21h2-x64

1

UnityEngin...le.dll

windows11-21h2-x64

1

UnityEngin...le.dll

windows11-21h2-x64

1

UnityEngin...le.dll

windows11-21h2-x64

1

UnityEngin...le.dll

windows11-21h2-x64

1

UnityEngin...le.dll

windows11-21h2-x64

1

UnityEngin...le.dll

windows11-21h2-x64

1

UnityEngin...le.dll

windows11-21h2-x64

1

settings.xml

windows11-21h2-x64

1

Resubmissions

12-06-2024 04:46

240612-feblss1ejn 10

05-05-2024 21:44

240505-1lv91aeg6z 10

05-05-2024 21:21

240505-z7h15aec4t 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Seroxen.rar

  • Size

    5.3MB

  • Sample

    240612-feblss1ejn

  • MD5

    286f0347a330df2518e5488f90bec5bf

  • SHA1

    0617a0cefd6c790f7ae114dd1c79d201a0e86fbc

  • SHA256

    51a8255b49900d66ec1640d09f12c057b8d0a2e0dbc6e8dee2f61b959a52b2a0

  • SHA512

    a5f9ace81e189082426fe5741e2d0db0296f98498447d6aca2310e9d4f220df28c836d7ba794a98cc795fbd88a1581399f4e7d18dc2981de59a50fedbb770e78

  • SSDEEP

    98304:r0SEKW29bLizS5Dg3Ib6ohMBNs2njUpdl0k1FQ4K/U7uTYwMYwfkDQ5EIIOn+0+w:vVZiaDg3Ib1iNsRz0t4FKVtDDmn+0N

Score
10/10
agentteslaquasarseroxenkeyloggerspywarestealertrojan

Malware Config

Extracted

Family

quasar

Attributes
  • reconnect_delay

    5000

Extracted

Family

quasar

Version

3.1.5

Botnet

SeroXen

C2

127.0.0.1:4782

Mutex

$Sxr-ngtpGVw3vJMciMHFCQ

Attributes
  • encryption_key

    PCOOI2N1QsYGuH5Tf2KW

  • install_name

    Client.exe

  • log_directory

    Logs

  • reconnect_delay

    3000

  • startup_key

    Quasar Client Startup

  • subdirectory

    SubDir

Targets

    • Target

      Seroxen.rar

    • Size

      5.3MB

    • MD5

      286f0347a330df2518e5488f90bec5bf

    • SHA1

      0617a0cefd6c790f7ae114dd1c79d201a0e86fbc

    • SHA256

      51a8255b49900d66ec1640d09f12c057b8d0a2e0dbc6e8dee2f61b959a52b2a0

    • SHA512

      a5f9ace81e189082426fe5741e2d0db0296f98498447d6aca2310e9d4f220df28c836d7ba794a98cc795fbd88a1581399f4e7d18dc2981de59a50fedbb770e78

    • SSDEEP

      98304:r0SEKW29bLizS5Dg3Ib6ohMBNs2njUpdl0k1FQ4K/U7uTYwMYwfkDQ5EIIOn+0+w:vVZiaDg3Ib1iNsRz0t4FKVtDDmn+0N

    Score
    3/10
    behavioral1

    • Target

      Guna.UI2.dll

    • Size

      1.9MB

    • MD5

      83e9df5d534f50280251d662861bf476

    • SHA1

      d2ecd37e462b3c6fa763341a12f9de74326cb646

    • SHA256

      836e1cc306eab0817a10c613a9c99d4dcbd604624b8b90f551d410dc164eef82

    • SHA512

      af38cfbd5fb866662afa4548011ba2d262cd70ff145fe4118db3322a9ea243bd9d8dc9cdfc62a246df014949a94d159bcd47a8f8f04010b93c963511a7e6a72a

    • SSDEEP

      24576:+5lxrKZ9DHFoXP/Jt/A1IKKPZANZuwgHQ/jz41RMIK24:Av/CIRqwRMIK24

    Score
    1/10
    behavioral2

    • Target

      Mono.Cecil.dll

    • Size

      277KB

    • MD5

      8df4d6b5dc1629fcefcdc20210a88eac

    • SHA1

      16c661757ad90eb84228aa3487db11a2eac6fe64

    • SHA256

      3e4288b32006fe8499b43a7f605bb7337931847a0aa79a33217a1d6d1a6c397e

    • SHA512

      874b4987865588efb806a283b0e785fd24e8b1562026edd43050e150bce6c883134f3c8ad0f8c107b0fb1b26fce6ddcc7e344a5f55c3788dac35035b13d15174

    • SSDEEP

      6144:iYOMWAEq+PAEwGQ9Xivs0s4EtS1Fv8jnLKdFvkPo2:AG+PpjQSHv8jA

    Score
    1/10
    behavioral3

    • Target

      Mono.Nat.dll

    • Size

      40KB

    • MD5

      bf929442b12d4b5f9906b29834bf7db1

    • SHA1

      810a2b3c8e548d1df931538bc304cc1405f7a32b

    • SHA256

      b33435ac7cdefcf7c2adf96738c762a95414eb7a4967ef6b88dcda14d58bfee0

    • SHA512

      9fcfaf48bfe5455a466e666bafa59a7348a736368daa892333cefa0cac22bcef3255f9cee24a70ed96011b73abea8e5d3dbf24876cffa81e0b532df41dd81828

    • SSDEEP

      768:yoVesKx0V2LpibQJxoKUDHj560aSX3zlJAO:lVespQibC+H56k3fF

    Score
    1/10
    behavioral4

    • Target

      Octokit.dll

    • Size

      1.3MB

    • MD5

      80feaeb7b8c493df5534c2b5c2c43bae

    • SHA1

      c73542b0a4247442c2aa979b7d4e7210ed87e03a

    • SHA256

      41508af363730c9df614bfe3e498cf5dc4565ec54907f7fb26bd86194e5ff3de

    • SHA512

      7e627e64e2273d6f0c054decd3e9cd6845d191f56e1ce29591a011e59b815805a26eba36c7746893567058fe21bde887a37c1aa89bcbae749ff00eec66d6a69b

    • SSDEEP

      24576:7PhshAfmAoEpwQQWhZ62KLp+CkAdjG3sMs2Cd5o775AxUzNZsPbKAayFHV+Sg:NrHCkAdjG3sMs2Cd5o775AxUzN8JayFr

    Score
    1/10
    behavioral5

    • Target

      Octokit.xml

    • Size

      2.4MB

    • MD5

      26a2f8988de45e32c7c0d022d9eabe0d

    • SHA1

      0ab0a59b20b0cb4574caa0095026c7aeb8b750ff

    • SHA256

      674c4c92687b1826e6d1e1d6554905c2245beb06f11cbfc473e2b0a4a90b087b

    • SHA512

      f27e9a4934fd5c54b914ab6d7e3ca5b914eda535f2f08619c9bd74558919cf0e5e49860dbb53833b0a0c675c9b16a0e1f7f8df0a102664cdd76c8fbc5cd76f8d

    • SSDEEP

      49152:JRC73RnFgOcOKqHdnqxkKdc/N6WSaIqELdvdhBKcqBo3h8vi50dRDdruPxP5F:H

    Score
    1/10
    behavioral6

    • Target

      Profiles/Default.xml

    • Size

      994B

    • MD5

      58f36c4bc24c0df0b2b2c5c260947d2e

    • SHA1

      809feb41df6b113f1603d5bc8168ddf6e216a9e3

    • SHA256

      1ca74043bb004eef6076b817620d98e5a009c4b8eb04acec6728bc26c8a8027a

    • SHA512

      05e5c0c85718dd92cb80d0e5816e60c36bfa4bb9dd37680edc5de7d24b8bee75f8fee97368d8fb9815cb357528b1b783febaf83dc5b6322542543369c68f0a2d

    Score
    1/10
    behavioral7

    • Target

      SeroR0X.exe.config

    • Size

      161B

    • MD5

      c16b0746faa39818049fe38709a82c62

    • SHA1

      3fa322fe6ed724b1bc4fd52795428a36b7b8c131

    • SHA256

      d61bde901e7189cc97d45a1d4c4aa39d4c4de2b68419773ec774338506d659ad

    • SHA512

      cbcba899a067f8dc32cfcbd1779a6982d25955de91e1e02cee8eaf684a01b0dee3642c2a954903720ff6086de5a082147209868c03665c89f814c6219be2df7c

    Score
    1/10
    behavioral8

    • Target

      Seroxen launcher v3.1.2.exe

    • Size

      1.3MB

    • MD5

      a30b4df046ff1aeaa9bc6aeb650dd9aa

    • SHA1

      538b3248c00d43b6371d88151d43b4e95012da5f

    • SHA256

      268067fee4b2cab61138bcaa62402c1aeb68d6db3c92f23be88b6c61071a0ec7

    • SHA512

      91c175b4543eba084b32f79b3f4fdb144c47d78eecf7955a4eab0409c03bdf7d275aa25f13aa592fc7d307af1d351746793bb632d7621597273bae294d06ee73

    • SSDEEP

      24576:N7njFX9ew/1bffPrhEqE0r+UPffBhffffffffffjhKhrfQjsRw:tFNb/lffPrhEqtr+UPffBhfffffffff9

    Score
    10/10
    agentteslaquasarseroxenkeyloggerspywarestealertrojan

    • AgentTesla

      Agent Tesla is a remote access tool (RAT) written in visual basic.

      keyloggertrojanstealerspywareagenttesla

    • Quasar RAT

      Quasar is an open source Remote Access Tool.

      trojanspywarequasar

    • Quasar payload

    • AgentTesla payload

    • Executes dropped EXE

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral9

    • Target

      Siticone.Desktop.UI.dll

    • Size

      4.0MB

    • MD5

      1582aa45d981e0e569c6e05698642b30

    • SHA1

      763506f312a186c55a04ef6a16ad7e867c394097

    • SHA256

      21eecaf504b7fe787a45f4aa8f8f36dacfc3ab1d75624dfb41827cdef2a9a589

    • SHA512

      278a7a4e2b9d82528200b9f92244db3f228187d15c36fd169deb927e343bc4d0bb29c9dba496f86558aea4f4deb44d1e47a41d5598c0b375d99ad9fbe99cec34

    • SSDEEP

      24576:UCCxPAT4L7h3M7O2MLBSlvTh/aOBteUePU/DU/GHQYazK/DkWoql3zjbndHQ/jzb:WuO2MIThZNwewYDoyG

    Score
    1/10
    behavioral10

    • Target

      Unify.exe.config

    • Size

      161B

    • MD5

      c16b0746faa39818049fe38709a82c62

    • SHA1

      3fa322fe6ed724b1bc4fd52795428a36b7b8c131

    • SHA256

      d61bde901e7189cc97d45a1d4c4aa39d4c4de2b68419773ec774338506d659ad

    • SHA512

      cbcba899a067f8dc32cfcbd1779a6982d25955de91e1e02cee8eaf684a01b0dee3642c2a954903720ff6086de5a082147209868c03665c89f814c6219be2df7c

    Score
    1/10
    behavioral11

    • Target

      Unity.Burst.Unsafe.dll

    • Size

      5KB

    • MD5

      129351e9879a83262ea92a4a45aacc46

    • SHA1

      3b34cbb3f76a73e2f14571c105202dc5f147d83b

    • SHA256

      9d9c1ff52411decbee5d9f0d1cd61ebeaa222077aa77a52101ea3debafae98e2

    • SHA512

      d1dd65654d4e12dabb148b9bcde6b99bc7314b453a25b80b07c5d81af322b23a9d064b88e64de202de0b56c0b6c72c8fd7fd8931b63346e7886ac8ba5e247465

    • SSDEEP

      48:6yz9Yuj7TafnR3qCEfjnl10NuBi177UULkhzArxoMjzbALLT5SXBiZFmqqn8M3lg:zbad7NLkG/qygZFSzZBcMdugSDJD9

    Score
    1/10
    behavioral12

    • Target

      Unity.Burst.dll

    • Size

      309KB

    • MD5

      999e54df37cdf3e01d4ea9f997a624f5

    • SHA1

      cc2578a964a85f81ef730e465aa8b1726ae64d35

    • SHA256

      77b3d9c9f0f60c02af89276b473909585df27e3646fa28236eb99332a9f1ab51

    • SHA512

      fece2f5df55ea0e58dacf8242fc03ab937faa3ecbacbc260787e86d459dc6fcba9df5e271f2fb949786d13b057e6cc2e3c28a18af55459bf9975d4f3b6b3eceb

    • SSDEEP

      3072:QK3NiyhxtfMxHoktRxKQdsUxeOXWHuMSOOBwgdKGJAlYygx8MuKxTSwyhZhKKcDk:9xtExIkiS1ADCDVTSwyhZhKKcDV+dmr

    Score
    1/10
    behavioral13

    • Target

      Unity.Mathematics.dll

    • Size

      734KB

    • MD5

      117fd091d3e32b195753108e9edd905f

    • SHA1

      eb1e0abc8b49ec2ac1d1f2c71b27a389148d8f7b

    • SHA256

      4f623e77dd97b8bf4c18ffc46ff9da9c1770868ffbe2a87cc5bb98551860f40c

    • SHA512

      36764d248ad869dbd674e9865b617d5601cec9cb961d13a2fcdd51078f15ea23eb3992f37dee5e7b3e5bbeee048a0342bf476038d996295b53d85a4363555054

    • SSDEEP

      6144:IVQAtxMbzkvIV5iHzqQsE2gVMVMrGaOwuSCvt69wupiaquxhDlQphFz/GknU7LqH:xdbAWiHzqQsE2eUSsMwupBXQpX

    Score
    1/10
    behavioral14

    • Target

      Unity.ProBuilder.KdTree.dll

    • Size

      20KB

    • MD5

      f3413d6df6697025a1e35a45ec6cb47c

    • SHA1

      c406cc82632ed2747a3e96611fdfc843dfb7376f

    • SHA256

      485b283937a2815dec8e0161e0aabf1904cbb681c43168e1007ce713bdeb704d

    • SHA512

      fdd9fb11c2370def330a4042768c44bb202367c5acf8b9d12a17f89c1d8f316b3eaed5fb9eec1acf7bdec010ede607182e2ba76eab3a380b72cdec19eadb99bd

    • SSDEEP

      384:M48H1u2nebvVT2MmQk2QnY2V88t3wMHNfQoqjotyPCEvGTqIgL:M48H1u2kT2MY3fqPCHTqP

    Score
    1/10
    behavioral15

    • Target

      Unity.ProBuilder.Poly2Tri.dll

    • Size

      39KB

    • MD5

      6dffbaba49027e2aaae482237027484f

    • SHA1

      995cfb51b1c24266f89ad34ae320d82aae036798

    • SHA256

      687234b94af6e65047e6f32d2edf420ad5f33f59fbdf63f5d1573111f5c4bf3c

    • SHA512

      e324272fc247e3a6061890893b182466e56b1d0f806e74c7293f25d86a7d89133e3e07658c8da6bd790f7745d342cf7468dc21c20a42bba0c86367b5fe9d5c9b

    • SSDEEP

      768:9mugwqJvVXLkMJjr2vrH6PO1IhfeeOxkHw28XAvN:XwJvdLNJjr2jbded8XAvN

    Score
    1/10
    behavioral16

    • Target

      Unity.ProBuilder.dll

    • Size

      393KB

    • MD5

      cb10bb038e7ae561fcb62326cc098c82

    • SHA1

      d7ba80e3ce44bf14a30c6f1c93f60032d8f0d3c8

    • SHA256

      7dbd3912fcebd49a836a3b0289c8b0d8d23d1422ece012fa5ab81441425675be

    • SHA512

      8531f19a01ab7c3d4eb1c0d977065eab5db89280b737f868c3f4a00ee87e011fe3b6c09d28ac3b8fa6fed2038202feb7016a6848b4e34aeee0616a279b56f507

    • SSDEEP

      6144:qA282VgNWIByFdgzXUdfXWWdEl3BrXRaeHC68j:t2VgNOFd+kdfXWXlzW

    Score
    1/10
    behavioral17

    • Target

      UnityEngine.AIModule.dll

    • Size

      56KB

    • MD5

      c20b271bd00f5b10b91bd69cfbe734dd

    • SHA1

      2bbf3b546cf5d437fd6662640c4bc7270d2dd377

    • SHA256

      b8824a33a59c6688b8699936f7766ae204d7c36a5f9c5e9f3e4d265ff5615fa7

    • SHA512

      ad4102ff3f9dc31b325c10b5e58bda86910c4da254eea5e8a63695d51eb7f641bcd0f9f1e69826e943ffd1e30d6f373703082913a2aecfdd0c71b69a0563aa85

    • SSDEEP

      1536:mKJXAjbkEPznZMb+WmzncHAhjMFSZhvj7TPx3kXa:mywPSaWmznfjfx6a

    Score
    1/10
    behavioral18

    • Target

      UnityEngine.ARModule.dll

    • Size

      20KB

    • MD5

      01fdcf1b2c75180101b686eff44d6d77

    • SHA1

      073ddb5ad7caac07b8e19ad523e65d838aa58611

    • SHA256

      2f7bc3f1d062b0a645757a4c9e65dd4d055cdf3ca3923039a847d63a78466d95

    • SHA512

      390cde936fffddc0f339a1dc8b646011a56eb336ea82ef8ff98d52a05328379353fd92475be6a10127bbeb646aa8d99278a3cfd1468fda2c816e5794c5b2fe30

    • SSDEEP

      384:LyBsd4+azncH5z2hjMFSZcjOVVNyb8E9VF6IYiTPx3nk1AXu4ZY:Lyc4+azncHAhjMFSZhVxEpYiTPx3kb

    Score
    1/10
    behavioral19

    • Target

      UnityEngine.AccessibilityModule.dll

    • Size

      23KB

    • MD5

      efc7c40c3b5a989498a58576646706ec

    • SHA1

      064dc9cabec4cf37aa90214eb0f6b8f6ad9ee1c0

    • SHA256

      f23b48f5c5423cedda10fce0e4ad666b8b6484cbde846ad31aa6af9d8bd28307

    • SHA512

      cbb269c509f002ff2865119b962844b4427c580347df23c53e185a5b184e65f1b1e61f4cc2bec5234afca40cdf815dab5a6e36b0f3d717619a084f369a6a3081

    • SSDEEP

      384:Gx8QRNUDVhP660HyaCKzncH5z2hjMFSZcjOBxNyb8E9VF6IYiTPx3nkZBwb:Gx88CRlb0HyatzncHAhjMFSZhBVEpYiR

    Score
    1/10
    behavioral20

    • Target

      UnityEngine.AndroidJNIModule.dll

    • Size

      90KB

    • MD5

      6dfc871996746831cd57c78e73600e6a

    • SHA1

      0a14c3372432e70b500993145bebebdb5f51123d

    • SHA256

      50036b581888ec5124e8e79282413b55f9d11b8eb8ee791f9f7b4c8c1d1c9d02

    • SHA512

      7a4d08bb60bd5e203b9ab3ca6b7a3ab097a9563149f5c526f0ac0dd79ffc9228d8b6fd6c37be2d4d85b2100d20c3d658f39527db70a3ee3a93dacb88667ddb6d

    • SSDEEP

      1536:MMfO8AaTr+lldcCxhb+4hw5+imzWgzQcuozncHAhjMFSZhD27TPx3k4:MMfO6rolddxhb+4h09mzWgzQcLznT2fV

    Score
    1/10
    behavioral21

    • Target

      UnityEngine.AnimationModule.dll

    • Size

      160KB

    • MD5

      f63734f252b0556b8be583c88e051817

    • SHA1

      bfbbd5e85ccf1d75a4b84ce600e63ba1983310ab

    • SHA256

      e9df6ccb02a836cb84c88511c0cda2bf2d00513a867d3ef8c06cdbf68b5f1ba1

    • SHA512

      7b9574f077d20a697248679bd9b864fd5c7ff62cf7df0cc43a0819b99740733be04962023742df85de19c4b9bcfb7c9f11c1f2dfd0f909441e44dc0210f4fa01

    • SSDEEP

      3072:D5a6AwpFcgOBSGbYTyWDm2nL432S9pEModsiSznihfxLh:frpC3BhIbK2nL432S9pEcnMh

    Score
    1/10
    behavioral22

    • Target

      UnityEngine.AssetBundleModule.dll

    • Size

      32KB

    • MD5

      3dc621de517bfe9c90b2bdbbb1236048

    • SHA1

      d0a94e6369dfa1cae12b921fa10d4c79c16f3c8e

    • SHA256

      7d67d19b3c0376dd72c954bc5b9a2953f04ad21ee842319387a7ce0bf5f37b5a

    • SHA512

      e0b94498b7bb49e9d5b5de390970ea34077f00e6f48a760ff1dc7ec1aeb41883835bedc9a26936c72b69c798ae50d68a6649e6b5859a6525b16be623bc8a514a

    • SSDEEP

      768:trz1unaUTOzncHAhjMFSZhwL3EpYiTPx3ksMi:Sa2OzncHAhjMFSZhw07TPx3ksr

    Score
    1/10
    behavioral23

    • Target

      UnityEngine.AudioModule.dll

    • Size

      69KB

    • MD5

      943b603ca1c1ddec0d70718db152d759

    • SHA1

      c003bf47115aac5552859a90ec99e0c80eb69001

    • SHA256

      74ceb8add399701cbc9d895e5945c3f0855b37192abb43d52b53fdc4355205cb

    • SHA512

      dbf5d1b026e8152e51ff1bd0cad9776ce0e225c4e1e8c71e3567cce2a1237b287dd90fcc96d8f37378d94d4276180792727111cc7813bb82a14c1a15870895a5

    • SSDEEP

      1536:gU3HTL27cJYUR2Hr+2s67AUDl+zncHAhjMFSZh/B7TPx3kRXy:gU3znYUAHy2s67dl+znvBfx3

    Score
    1/10
    behavioral24

    • Target

      UnityEngine.ClothModule.dll

    • Size

      25KB

    • MD5

      f5bd91c9884c86dd96a5d07df6981175

    • SHA1

      fb206728f411b52de52439560d53041c156df7f0

    • SHA256

      faad656ae41c9ee21d547f1769f9733d7c917606c633fd9710373f6908074938

    • SHA512

      c19cff54f3b291ddc7281fdb0da641f4bc7f29c06ab9952249fbc3fad664dcfe1c4b5b45b1513bbe49e0b89c35c865ba53c4eb149d0b25d841305d0abbbb2361

    • SSDEEP

      768:HwYYiUKLxzncHAhjMFSZhMnEpYiTPx3kHj02A:HwlgzncHAhjMFSZhMA7TPx3kD0n

    Score
    1/10
    behavioral25

    • Target

      UnityEngine.ClusterInputModule.dll

    • Size

      21KB

    • MD5

      757d415d5f085d1d5db0ce4315387658

    • SHA1

      2a86af8fbc0aeb1b2851a012f8e80a10a46f3788

    • SHA256

      f654c1e360e16824903da29b96b6ea373ca0b80bc5b03a5d002f8e0f684616da

    • SHA512

      8eb9362accdac302768e0869c5e81d90e6bd593a5bbb2730b33d01450a88670f3585f6f015b8201b27fb8cc59969d526eabbbda1fd157fd4456b8915007ca34d

    • SSDEEP

      384:LeCFUDG5m/zncH5z2hjMFSZcjOUjequNyb8E9VF6IYiTPx3nkfMpn:LeCFUL/zncHAhjMFSZhUjeqWEpYiTPxz

    Score
    1/10
    behavioral26

    • Target

      UnityEngine.ClusterRendererModule.dll

    • Size

      21KB

    • MD5

      ca11b7512758513f9ebc438d41aac5e2

    • SHA1

      fd2c1d073918db0bcc503b015d428afe3530d1fb

    • SHA256

      5ac7a1d6945da1ff4ea68941916ffd8438979b0ac323270ef286f6656e2f69c1

    • SHA512

      12f76c7c8bbf40d974b8c6e9b22c9bc6aa8079c321df1768e39232baf6e9c0e6c6f6bfff2545c78676f97ede25249ef7dd987ef7643cf0e7689022297acb7b0a

    • SSDEEP

      384:zCkEzncH5z2hjMFSZcjOHU6qONyb8E9VF6IYiTPx3nkvbINPxd:2kEzncHAhjMFSZh06q2EpYiTPx3kAd

    Score
    1/10
    behavioral27

    • Target

      UnityEngine.ContentLoadModule.dll

    • Size

      26KB

    • MD5

      68cfff8cb3380348eeffce0121d33f90

    • SHA1

      68b76be397b168d9465d046dc2881c96814c9516

    • SHA256

      5fd84a6b2b877f95a3b8d996cfd143e1f2fc7b11ab9fa8bb250edee05a844e8b

    • SHA512

      acc05c8610c66c5d6b3337220906b1247d7c2818fa33cc33854ad77077270f6dfde6045c185c02c4da15ca2303d7ae1b75291c9f38c6d20c7782de311718e9d0

    • SSDEEP

      768:9h4X7nxgNzncHAhjMFSZhpqEpYiTPx3k4:9hu7uNzncHAhjMFSZhpL7TPx3k4

    Score
    1/10
    behavioral28

    • Target

      UnityEngine.CoreModule.dll

    • Size

      1.3MB

    • MD5

      a65dbc18598e70831e50b1a23f50239d

    • SHA1

      6bc284f4c96bc132d0a10ba0aeeca8ac487ab01f

    • SHA256

      68e60f3c8abad9eb1e5c75525b7601b502c1a9695cfdc8374f9be2ce176e38c9

    • SHA512

      0a745b79c1f30a5aca327b9809b7ba5e05c831289d4dd87ffc03e517e029f47ab076dcd7eac337b8528a48a972453e72235db9f45282c7825e1c81f345446100

    • SSDEEP

      24576:tQfO7Icvj0ziVvNZreikZU+CM3AGd/L4vc/skdt:CfO77vH6x7/LNt

    Score
    1/10
    behavioral29

    • Target

      UnityEngine.CrashReportingModule.dll

    • Size

      20KB

    • MD5

      b92da0d133c88ca456584409c578a732

    • SHA1

      4d19b9ba6f58a0d5fef861f7679c79163d2e2c13

    • SHA256

      22f4d3e3277701576e9f46c3f7274577edbd12806449db95caee75f7ead0d1ea

    • SHA512

      85e7c9ab08f6fd90fd17e7295714a072cdc3fcb05dd225bf314c8e1eb6d75512b8096417626e56002ea4423d5e24117bc6e812fa2b0a396e6aae3837961c2414

    • SSDEEP

      384:WTGDzncH5z2hjMFSZcjOjvNyb8E9VF6IYiTPx3nk0qUkKRSJ:PDzncHAhjMFSZhjTEpYiTPx3k7Ua

    Score
    1/10
    behavioral30

    • Target

      UnityEngine.DSPGraphModule.dll

    • Size

      28KB

    • MD5

      c779dbaf6946c392b4358f61b348443d

    • SHA1

      aa9f087c785c9f9ea1bc6ff6c2ca38b2df4b2538

    • SHA256

      205c287ecfc21f09477b77007b153c7c48fbdce428d6a793839115e02f93de97

    • SHA512

      9a866b71344b24ba11679a61b4b8f6ffc8e496547e1f6f6a2259ef89c1d481ffdaee964c599bc4ce2adae55338311ba40aadc7727ce33ff335fce18a67992f9e

    • SSDEEP

      768:L7BiKBDNICIzncHAhjMFSZhfsEpYiTPx3k1k:gsObzncHAhjMFSZhfl7TPx3k2

    Score
    1/10
    behavioral31

    • Target

      settings.xml

    • Size

      402B

    • MD5

      3e7e03412bcd80ed563e36650836ffb8

    • SHA1

      9b76f430a0c6135424422cd717a960ede9a15e22

    • SHA256

      3ca285b097d81d2e5e6f375cea2840ab70e76fd55a9ad89b8e35cf70bc7eba8c

    • SHA512

      96b4b986c1748d494650511af056298a29a64683288f9f191efeb3b88ecc31a83bbff2433b8d947b22c9ff0f2f5c73ff0324efbac0d04f2f55b5ed228a0f1525

    Score
    1/10
    behavioral32

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Scheduled Task/Job

1
T1053

Persistence

Scheduled Task/Job

1
T1053

Privilege Escalation

Scheduled Task/Job

1
T1053

Defense Evasion

Modify Registry

5
T1112

Credential Access

Discovery

System Information Discovery

3
T1082

Query Registry

1
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

agentteslaquasar
Score
10/10

behavioral1

Score
3/10

behavioral2

Score
1/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

agentteslaquasarseroxenkeyloggerspywarestealertrojan
Score
10/10

behavioral10

Score
1/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10