quasar | SeroXen[.]rar

Sharing

Copy URL

Twitter E-mail

General

Target

SeroXen.rar
Size

6.1MB
MD5

995b0533c6be937649e4831728ca7376
SHA1

db9c06b54349a3c6e873fef9cc0d5320d443760d
SHA256

ac20e5694d94b5be1c424cec9d83720700fc2997b682808faf0f786970812e77
SHA512

0fece800994a43687463305894cc5cf3cf8172a4694c99c0bae96297a76de35c726c2de9c0dc652dad9b05177fdd15963608505cf78f0990f239302f09bdb081
SSDEEP

98304:GhaKSDlmTDTZynhDv2uMpWmUNnfbVWnTUUgL0hqafhb9HRg7qG1QGCpKIcvWIuCJ:gar6ynhroPUNn8nTUTL0hqaJRRWlvWrQ

Score

10^/10

quasar

Malware Config

Signatures

Quasar family
quasar

Quasar payload 1 IoCs

Processes:

resource	yara_rule
static1/unpack001/SeroXen/bin/Quasar.Common.dll	family_quasar

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/SeroXen/SeroXen.exe

Files

SeroXen.rar
.rar
SeroXen/README.txt
SeroXen/SeroXen Documentation and TOS.pdf
.pdf
SeroXen/SeroXen.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\C5\Documents\SeroXen Stuff\Quasar-master\Quasar-master-release\bin\Release\net452\REPOS\SeroXen Launcher\SeroXen_Launcher\SeroXen Launcher\bin\x64\Release\SeroXen Launcher.pdb

Sections

.text
Size: 323KB - Virtual size: 322KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
SeroXen/bin/BouncyCastle.Crypto.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

37:4d:dd:80:d0:6b:63:20:d7:8c:09:38:8b:aa:f9:b6:e1:63:dd:ca
Signer

Actual PE Digest

37:4d:dd:80:d0:6b:63:20:d7:8c:09:38:8b:aa:f9:b6:e1:63:dd:ca

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

BouncyCastle.Crypto.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeroXen/bin/Cake.Core.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

7e:e5:96:07:12:f4:75:26:dc:30:03:fa:fb:28:bc:8a:10:7f:fd:b2
Signer

Actual PE Digest

7e:e5:96:07:12:f4:75:26:dc:30:03:fa:fb:28:bc:8a:10:7f:fd:b2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\C5\Documents\SeroXen Stuff\Quasar-master\Quasar-master-release\bin\Release\Cake.Core.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 587KB - Virtual size: 586KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeroXen/bin/EasyHook.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

36:ba:d4:2d:47:9e:47:a9:3e:3b:15:93:67:c5:f0:25:03:27:f5:5f
Signer

Actual PE Digest

36:ba:d4:2d:47:9e:47:a9:3e:3b:15:93:67:c5:f0:25:03:27:f5:5f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\C5\Desktop\EasyHook.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 233KB - Virtual size: 232KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeroXen/bin/Logic.NET.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

e1:47:8e:1f:86:6e:2f:49:e9:27:04:bf:5f:22:b1:6c:63:f9:b8:3a
Signer

Actual PE Digest

e1:47:8e:1f:86:6e:2f:49:e9:27:04:bf:5f:22:b1:6c:63:f9:b8:3a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\C5\Downloads\LoGiC.NET-1.4\LoGiC.NET-1.4\obj\Release\LoGiC.NET.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 469KB - Virtual size: 468KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeroXen/bin/Microsoft.VisualStudio.CodeCoverage.Shim.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

0a:7a:9c:00:f9:bc:ea:8b:0a:1a:1f:6d:6c:3b:ec:44:5b:cd:d0:dc
Signer

Actual PE Digest

0a:7a:9c:00:f9:bc:ea:8b:0a:1a:1f:6d:6c:3b:ec:44:5b:cd:d0:dc

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

F:\binaries\Intermediate\vset\shim.csproj_kqmet5lz\objr\x86\Microsoft.VisualStudio.CodeCoverage.Shim.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeroXen/bin/Microsoft.VisualStudio.TestPlatform.MSTest.TestAdapter.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

5e:bf:52:e5:b7:28:ed:8f:c9:6b:bc:e0:35:d5:3b:b3:00:0e:e2:b2
Signer

Actual PE Digest

5e:bf:52:e5:b7:28:ed:8f:c9:6b:bc:e0:35:d5:3b:b3:00:0e:e2:b2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

E:\A\_work\4790\s\src\Adapter\MSTest.CoreAdapter\obj\Release\Microsoft.VisualStudio.TestPlatform.MSTest.TestAdapter.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeroXen/bin/Microsoft.VisualStudio.TestPlatform.MSTestAdapter.PlatformServices.Interface.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

a7:d9:c5:aa:a1:d3:e2:75:6a:46:13:55:a7:dd:32:83:02:ac:d7:8b
Signer

Actual PE Digest

a7:d9:c5:aa:a1:d3:e2:75:6a:46:13:55:a7:dd:32:83:02:ac:d7:8b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

E:\A\_work\4790\s\src\Adapter\PlatformServices.Interface\obj\Release\Microsoft.VisualStudio.TestPlatform.MSTestAdapter.PlatformServices.Interface.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeroXen/bin/Microsoft.VisualStudio.TestPlatform.MSTestAdapter.PlatformServices.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

5f:65:71:f0:46:1f:d6:7c:1d:d6:18:91:1c:3b:38:1d:67:a7:c9:10
Signer

Actual PE Digest

5f:65:71:f0:46:1f:d6:7c:1d:d6:18:91:1c:3b:38:1d:67:a7:c9:10

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

E:\A\_work\4790\s\src\Adapter\PlatformServices.Desktop\obj\Release\Microsoft.VisualStudio.TestPlatform.MSTestAdapter.PlatformServices.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeroXen/bin/Microsoft.VisualStudio.TestPlatform.TestFramework.Extensions.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

d3:c7:d9:ad:7e:b5:23:e9:82:75:fa:6f:d2:f6:95:1b:5e:47:0f:90
Signer

Actual PE Digest

d3:c7:d9:ad:7e:b5:23:e9:82:75:fa:6f:d2:f6:95:1b:5e:47:0f:90

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

E:\A\_work\4790\s\src\TestFramework\Extension.Desktop\obj\Release\Microsoft.VisualStudio.TestPlatform.TestFramework.Extensions.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeroXen/bin/Microsoft.VisualStudio.TestPlatform.TestFramework.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

9f:0e:a1:3c:e4:6d:79:5a:d2:03:ce:74:d0:8c:e5:a0:ca:75:5c:5b
Signer

Actual PE Digest

9f:0e:a1:3c:e4:6d:79:5a:d2:03:ce:74:d0:8c:e5:a0:ca:75:5c:5b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

E:\A\_work\4790\s\src\TestFramework\MSTest.Core\obj\Release\Microsoft.VisualStudio.TestPlatform.TestFramework.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeroXen/bin/Mono.Cecil.Mdb.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

3d:f2:d5:ca:af:12:66:5b:de:ce:77:71:32:85:6b:b5:64:33:e0:0b
Signer

Actual PE Digest

3d:f2:d5:ca:af:12:66:5b:de:ce:77:71:32:85:6b:b5:64:33:e0:0b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\C5\Documents\SeroXen Stuff\Quasar-master\Quasar-master-release\bin\Release\Mono.Cecil.Mdb.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 188KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeroXen/bin/Mono.Cecil.Pdb.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

79:04:23:6b:3c:e5:f0:83:16:71:8c:d7:c5:f0:08:78:8d:82:9f:ea
Signer

Actual PE Digest

79:04:23:6b:3c:e5:f0:83:16:71:8c:d7:c5:f0:08:78:8d:82:9f:ea

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\C5\Documents\SeroXen Stuff\Quasar-master\Quasar-master-release\bin\Release\Mono.Cecil.Pdb.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 262KB - Virtual size: 262KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeroXen/bin/Mono.Cecil.Rocks.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

6d:52:d8:3f:b3:65:a9:5f:5e:54:b0:d7:1d:68:74:4c:68:a9:b0:8a
Signer

Actual PE Digest

6d:52:d8:3f:b3:65:a9:5f:5e:54:b0:d7:1d:68:74:4c:68:a9:b0:8a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\C5\Documents\SeroXen Stuff\Quasar-master\Quasar-master-release\bin\Release\Mono.Cecil.Rocks.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeroXen/bin/Mono.Cecil.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

c7:2f:ee:81:68:fe:fc:48:9e:19:f7:6b:73:06:22:82:16:5b:9c:89
Signer

Actual PE Digest

c7:2f:ee:81:68:fe:fc:48:9e:19:f7:6b:73:06:22:82:16:5b:9c:89

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\C5\Documents\SeroXen Stuff\Quasar-master\Quasar-master-release\bin\Release\Mono.Cecil.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeroXen/bin/MonoMod.Backports.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

08:0e:a8:08:be:52:6b:8e:6f:f4:8f:11:f9:a6:0a:77:f2:d6:13:ce
Signer

Actual PE Digest

08:0e:a8:08:be:52:6b:8e:6f:f4:8f:11:f9:a6:0a:77:f2:d6:13:ce

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\C5\Desktop\asdsdasd\MonoMod.Backports.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 410KB - Virtual size: 409KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeroXen/bin/MonoMod.ILHelpers.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

7a:33:4e:7a:c4:6d:9c:d0:08:90:e9:c6:5c:7b:5d:eb:9b:7d:71:09
Signer

Actual PE Digest

7a:33:4e:7a:c4:6d:9c:d0:08:90:e9:c6:5c:7b:5d:eb:9b:7d:71:09

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\C5\Desktop\asdsdasd\MonoMod.ILHelpers.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeroXen/bin/MonoMod.Utils.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

b8:83:de:65:84:48:7c:bf:a8:1b:a3:ab:71:50:c5:67:f9:0f:c7:26
Signer

Actual PE Digest

b8:83:de:65:84:48:7c:bf:a8:1b:a3:ab:71:50:c5:67:f9:0f:c7:26

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\C5\Desktop\asdsdasd\MonoMod.Utils.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 883KB - Virtual size: 882KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeroXen/bin/Newtonsoft.Json.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

81:23:d1:fa:ee:1c:d4:58:8e:87:e2:44:00:4a:31:47:44:49:ed:d8
Signer

Actual PE Digest

81:23:d1:fa:ee:1c:d4:58:8e:87:e2:44:00:4a:31:47:44:49:ed:d8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

/_/Src/Newtonsoft.Json/obj/Release/net45/Newtonsoft.Json.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 681KB - Virtual size: 680KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeroXen/bin/Open.Nat.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

ce:73:51:33:f7:08:24:37:19:f0:b0:8e:82:e6:8d:e0:77:49:0a:63
Signer

Actual PE Digest

ce:73:51:33:f7:08:24:37:19:f0:b0:8e:82:e6:8d:e0:77:49:0a:63

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\C5\Documents\SeroXen Stuff\Quasar-master\Quasar-master-release\bin\Release\Open.Nat.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 325KB - Virtual size: 324KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeroXen/bin/Quasar.Common.Tests.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

91:c4:5a:3c:a7:3f:d9:96:a4:1a:47:00:a3:e6:bf:17:20:bc:0f:e4
Signer

Actual PE Digest

91:c4:5a:3c:a7:3f:d9:96:a4:1a:47:00:a3:e6:bf:17:20:bc:0f:e4

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\C5\Desktop\SXN\SeroXen\bin\Quasar.Common.Tests.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 948B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeroXen/bin/Quasar.Common.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

5f:a7:61:fa:5e:17:2c:48:f3:8f:17:f5:33:5a:f9:81:1d:dd:a6:a7
Signer

Actual PE Digest

5f:a7:61:fa:5e:17:2c:48:f3:8f:17:f5:33:5a:f9:81:1d:dd:a6:a7

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\C5\Desktop\SXN\SeroXen\bin\Quasar.Common.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 286KB - Virtual size: 286KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeroXen/bin/Renci.SshNet.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

9a:05:25:64:71:e1:0b:eb:d3:26:73:70:77:6f:c1:f7:b7:b2:0d:3b
Signer

Actual PE Digest

9a:05:25:64:71:e1:0b:eb:d3:26:73:70:77:6f:c1:f7:b7:b2:0d:3b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\C5\Documents\SeroXen Stuff\Quasar-master\Quasar-master-release\bin\Release\Renci.SshNet.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeroXen/bin/SeroXen.exe
.exe windows:4 windows x64 arch:x64

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

e4:30:9d:59:dd:1a:c9:1f:e3:4e:2d:c7:ea:91:1b:f5:84:43:60:13
Signer

Actual PE Digest

e4:30:9d:59:dd:1a:c9:1f:e3:4e:2d:c7:ea:91:1b:f5:84:43:60:13

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\C5\Documents\SeroXen Stuff\Quasar-master\Quasar-master-release\bin\Release\net452\REPOS\SeroXen_Initializer\SeroXen\SeroXen\bin\x64\Release\SeroXen.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 359KB - Virtual size: 358KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeroXen/bin/System.Management.Automation.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

1c:14:c3:36:cb:e7:4b:09:75:6c:22:cc:fb:67:e9:69:55:ae:14:fc
Signer

Actual PE Digest

1c:14:c3:36:cb:e7:4b:09:75:6c:22:cc:fb:67:e9:69:55:ae:14:fc

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 344KB - Virtual size: 343KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeroXen/bin/System.ValueTuple.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

e0:5a:d1:da:4b:60:60:fb:28:f2:b5:1c:59:6c:d7:66:96:16:eb:e0
Signer

Actual PE Digest

e0:5a:d1:da:4b:60:60:fb:28:f2:b5:1c:59:6c:d7:66:96:16:eb:e0

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

E:\A\_work\39\s\corefx\bin\obj\AnyOS.AnyCPU.Release\System.ValueTuple\netstandard1.0\System.ValueTuple.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeroXen/bin/builds/SeroXen.exe
SeroXen/bin/dnlib.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

79:28:90:20:b6:c8:23:95:7d:ad:2c:81:09:76:ac:82:d1:cc:3a:29
Signer

Actual PE Digest

79:28:90:20:b6:c8:23:95:7d:ad:2c:81:09:76:ac:82:d1:cc:3a:29

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

/_/src/obj/Release/net45/dnlib.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeroXen/bin/protobuf-net.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

6b:89:d7:bc:b6:90:42:96:f8:93:63:e4:87:b4:31:17:d1:f9:eb:49
Signer

Actual PE Digest

6b:89:d7:bc:b6:90:42:96:f8:93:63:e4:87:b4:31:17:d1:f9:eb:49

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\C5\Documents\SeroXen Stuff\Quasar-master\Quasar-master-release\bin\Release\protobuf-net.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

PDB Paths

Sections

.text Size: 323KB - Virtual size: 322KB

.rsrc Size: 19KB - Virtual size: 19KB

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38Certificate

37:4d:dd:80:d0:6b:63:20:d7:8c:09:38:8b:aa:f9:b6:e1:63:dd:caSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 2.7MB - Virtual size: 2.7MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38Certificate

7e:e5:96:07:12:f4:75:26:dc:30:03:fa:fb:28:bc:8a:10:7f:fd:b2Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 587KB - Virtual size: 586KB

.rsrc Size: 1024B - Virtual size: 1016B

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38Certificate

36:ba:d4:2d:47:9e:47:a9:3e:3b:15:93:67:c5:f0:25:03:27:f5:5fSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 233KB - Virtual size: 232KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38Certificate

e1:47:8e:1f:86:6e:2f:49:e9:27:04:bf:5f:22:b1:6c:63:f9:b8:3aSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 469KB - Virtual size: 468KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38Certificate

0a:7a:9c:00:f9:bc:ea:8b:0a:1a:1f:6d:6c:3b:ec:44:5b:cd:d0:dcSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 3KB - Virtual size: 3KB

.text
Size: 323KB - Virtual size: 322KB

.rsrc
Size: 19KB - Virtual size: 19KB

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

37:4d:dd:80:d0:6b:63:20:d7:8c:09:38:8b:aa:f9:b6:e1:63:dd:ca
Signer

.text
Size: 2.7MB - Virtual size: 2.7MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

7e:e5:96:07:12:f4:75:26:dc:30:03:fa:fb:28:bc:8a:10:7f:fd:b2
Signer

.text
Size: 587KB - Virtual size: 586KB

.rsrc
Size: 1024B - Virtual size: 1016B

.reloc
Size: 512B - Virtual size: 12B

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

36:ba:d4:2d:47:9e:47:a9:3e:3b:15:93:67:c5:f0:25:03:27:f5:5f
Signer

.text
Size: 233KB - Virtual size: 232KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

e1:47:8e:1f:86:6e:2f:49:e9:27:04:bf:5f:22:b1:6c:63:f9:b8:3a
Signer

.text
Size: 469KB - Virtual size: 468KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

0a:7a:9c:00:f9:bc:ea:8b:0a:1a:1f:6d:6c:3b:ec:44:5b:cd:d0:dc
Signer

.text
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

5e:bf:52:e5:b7:28:ed:8f:c9:6b:bc:e0:35:d5:3b:b3:00:0e:e2:b2
Signer

.text
Size: 120KB - Virtual size: 120KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

a7:d9:c5:aa:a1:d3:e2:75:6a:46:13:55:a7:dd:32:83:02:ac:d7:8b
Signer

.text
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

5f:65:71:f0:46:1f:d6:7c:1d:d6:18:91:1c:3b:38:1d:67:a7:c9:10
Signer

.text
Size: 95KB - Virtual size: 95KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

d3:c7:d9:ad:7e:b5:23:e9:82:75:fa:6f:d2:f6:95:1b:5e:47:0f:90
Signer

.text
Size: 21KB - Virtual size: 21KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

9f:0e:a1:3c:e4:6d:79:5a:d2:03:ce:74:d0:8c:e5:a0:ca:75:5c:5b
Signer