General

  • Target

    SeroXen v3.zip

  • Size

    4.0MB

  • MD5

    33ab605ba89f1a5188d250ec9820260b

  • SHA1

    fdf610782fe43368d478de0047a6efb52621d2de

  • SHA256

    b4765a83ef556d2f3500d047c7e96855ec7d7e16dceaf8a82611d7dbb5ad4576

  • SHA512

    2b87de6efe667fd22b54515f18ca9f92cd917afc0ddadceb2e308d2afe2dd0d9cdfa96e314f4b1b1bed9729fb804201d583456530c5f35c41e98ba9d93b34074

  • SSDEEP

    98304:J2tPJKXg/KQJwMxN22i/Dwmko60PFkinQPcZlrU4ifzF5V:JK8w/lJwMH2JZI0PFFn+c4xz7V

Score
10/10

Malware Config

Extracted

Family

quasar

Attributes
  • reconnect_delay

    5000

Signatures

  • AgentTesla payload 1 IoCs
  • Agenttesla family
  • Quasar family
  • Quasar payload 1 IoCs
  • Unsigned PE 7 IoCs

    Checks for missing Authenticode signature.

Files

  • SeroXen v3.zip
    .zip
  • Guna.UI2.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Mono.Cecil.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Mono.Nat.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Octokit.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Octokit.xml
    .xml
  • SeroXen.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • Siticone.Desktop.UI.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Vestris.ResourceLib.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • client.bin
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections