General
-
Target
SeroXen.rar
-
Size
6.1MB
-
Sample
241103-wv462szhrh
-
MD5
995b0533c6be937649e4831728ca7376
-
SHA1
db9c06b54349a3c6e873fef9cc0d5320d443760d
-
SHA256
ac20e5694d94b5be1c424cec9d83720700fc2997b682808faf0f786970812e77
-
SHA512
0fece800994a43687463305894cc5cf3cf8172a4694c99c0bae96297a76de35c726c2de9c0dc652dad9b05177fdd15963608505cf78f0990f239302f09bdb081
-
SSDEEP
98304:GhaKSDlmTDTZynhDv2uMpWmUNnfbVWnTUUgL0hqafhb9HRg7qG1QGCpKIcvWIuCJ:gar6ynhroPUNn8nTUTL0hqaJRRWlvWrQ
Malware Config
Targets
-
-
Target
SeroXen/SeroXen Documentation and TOS.pdf
-
Size
389KB
-
MD5
268a35fc151093712fd931438266733b
-
SHA1
0cfe4de8b721ae00275f171874e975143ba4e5c3
-
SHA256
f3329fc8e298719361d0799fd3aa160ccc860fad1cdbf2d5b920370561079d24
-
SHA512
60f12acab903f4213b2e6f96e0e4ef4d19b4378d0cd18e86b736e1ef4daecbf18f926d298a60e156fce06d4af4121636133cc87d61ce7aed815e66240ed2cc03
-
SSDEEP
6144:gHN9PzWipJ6LIgy6WW9OyfnFTGndbcF7pVEtiOTwl/BdGqgZzu6cXmnV:saqcLIgySDYdbcJ/Etol2zu6dV
Score3/10 -
-
-
Target
SeroXen/SeroXen.exe
-
Size
343KB
-
MD5
b85d103f2ef534de75f1447b8289fd84
-
SHA1
2fc3ded05126875251aa981e58a5771b5008f5ce
-
SHA256
64b4856c4510bfe8cbf192da73bbe591f4d54778699b41cd2dceca0d05b395ee
-
SHA512
a68ecdc2bf9dd2461617f5142294d2f6d73d0d1aebab8e1856b427fd2baf1a810495e4bfc7ed62330ad498fa5f1bea498f0bf04928073feb0d0563c131c16273
-
SSDEEP
6144:HiYTk9N+hQkfzy9ixQGU+aKxhjIg68pDbvdt3dAaUTP4euNbJVq:HnTk9NUacyHpkhV64bvdQaMw3E
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
-
-
Target
SeroXen/bin/BouncyCastle.Crypto.dll
-
Size
2.7MB
-
MD5
845661718fc59d2ec1e59c804ea0a319
-
SHA1
0e280f4195b263b56d7bc2a8af06e66bc6fb6b84
-
SHA256
068d21b18320762850a2ec079e43d24e41e8dc7b7d4d1e60b8b8a60161eee95d
-
SHA512
13a23d645b09fa9debc2109417ea38fca9d2a8240ec8d2b9297bb5dfc3c7ed70aadf3d08c8b4980569fc14986262d5e48afe263bd2287eb5b0195c43f8b04b3d
-
SSDEEP
49152:qEVmH5OGnsDVHKL54fKXyrJZd6HIksfqjQN/kIUcXYQ5:CH5OGIOsKXjQ3Uc75
Score1/10 -
-
-
Target
SeroXen/bin/Cake.Core.dll
-
Size
590KB
-
MD5
9c0d3ed2549d77758c8d0e730e4a2380
-
SHA1
4917b06f091836a4b46a70a0e230dae42a002d1c
-
SHA256
5b4d014d493ce66208537a1394aba89190a93025bf71857c39d45f9c95685338
-
SHA512
95ea708ff271be8e76e2fb9c27766a1a80647a865c6086cc1114a6e45cccd52d9f7dc46a631676869d3542abb4314ec9f334bcddec4259789f0e895b1daa606f
-
SSDEEP
6144:w7nQBBrO+hMKbDBNmFAdHmEwKCPgGruaa7adI3ExBAitPNbj5qRlXXKW1+SLeSfC:4nQBBrO+hMiBiAf7adNhNbj5L
Score1/10 -
-
-
Target
SeroXen/bin/EasyHook.dll
-
Size
236KB
-
MD5
6bb8e2ee1ca59eca7b0fd3cfecf3f05b
-
SHA1
c89e827f41f0af4235146a10dfe2803dabb7a1af
-
SHA256
8065451c76dd3c185eb6656b6fafc770c01a04013fe7e946439818cac0632d10
-
SHA512
702639ae0d6568eb52e9fb9b50db6294e310d1a7357d02270206570666da645be682a59075d5bcd3ef5b02845d23d7a755ce496e71e828187c1d607e3ef56bec
-
SSDEEP
6144:8ix67ESjsDsdkk96LSR7JqdR9bG061TS7iK2:8ix67xjsQdkVLSR7JqdR2SJ2
Score1/10 -
-
-
Target
SeroXen/bin/Logic.NET.dll
-
Size
472KB
-
MD5
a78ca07fdfd93bcfdc37ca824ec58850
-
SHA1
d9c5ef1261a74f87a06e0934535c9f6c436b91fb
-
SHA256
8337d23ad9bcfd3fe1cb357d173a36307b16f2e8b65b2af7245746b6c23c7fb4
-
SHA512
599e8357e03fce4d709452a6e2f0a8c4ff41eb477de92256b47a8b7599f86b153ce43d6c7b6c52a120ed6f708355e40f4b41802f0a9acfd85cdad897ab6c2040
-
SSDEEP
12288:VU2sBpHa0w1o+Blc5xFrIUFRmwEE93f4D5+GqeA:VU2PBo+ByRsUFQk49+N
Score1/10 -
-
-
Target
SeroXen/bin/Microsoft.VisualStudio.CodeCoverage.Shim.dll
-
Size
7KB
-
MD5
f27e6a41d8b2aed44a4a3143a3e39ceb
-
SHA1
35337c506f859ac4c078bbea66334367a2ffd696
-
SHA256
f3a346e1ba5250f06561a5e488f0378dd295a9c4ce1a5e3389c5bbb724421181
-
SHA512
988b2f84d2f942e1dcb80fdb79fffd6f4212b82e961e20023beba4c3096df99f788b5887edc965bf54efa6884c7b43bbe60441acd38fd08039c1f503ff339eb4
-
SSDEEP
96:rQabibnD54HXPQGxvKAWQDdiDL1Il5SWPTgleSn6WPLYQOQl:rqjDofNxCV1I2W7e6WTMQl
Score1/10 -
-
-
Target
SeroXen/bin/Microsoft.VisualStudio.TestPlatform.MSTest.TestAdapter.dll
-
Size
124KB
-
MD5
f5b0619323bd200045b6a54710fe1d2b
-
SHA1
4f598978d5768d00d541ccc2ba2d20c3185862ea
-
SHA256
b4189ff9118c8daafdb59c3b851dec5e1cb099d3f93ed33dff818622fbad4134
-
SHA512
96843c4bc24b57429421f7ddbbcb147b613ac9c5ae7ef1689ee5d22a75844ff98809da5f54c85f308cfb9dc399991a9cc086e7a9ad01c19b414c6dc344966b14
-
SSDEEP
3072:n9DFl7hiU7MK/C2ZZ6uw2HZRBUDIrmbu+c3B5HZttOPVY7PzaL2CKJ8Yx:viUAK/CoNHZPULST3B5HZttOPVY77aa1
Score1/10 -
-
-
Target
SeroXen/bin/Microsoft.VisualStudio.TestPlatform.MSTestAdapter.PlatformServices.Interface.dll
-
Size
9KB
-
MD5
8bb527db67433b149bcc4b4e7f4f5115
-
SHA1
1cf1eb3ec9b8bd9aaa1b84320ab68549dca03ee8
-
SHA256
5a496524dd381e1a98a0430024240a409fa62039e2db7bba692100fa59604e5a
-
SHA512
0cc8dc74014f0eea614e9e088a80b9d009f303d4b8e073614d92593ca86e0c52dd5716090f7d1f1ecdeb9bf149d3d520e4549591fe4686cc4608f305a415d571
-
SSDEEP
192:umwc44i5A4vBYfWcUeKD8xJ5zBy/TW0xOq:Vi5AIBIW+KDq8LW0Mq
Score1/10 -
-
-
Target
SeroXen/bin/Microsoft.VisualStudio.TestPlatform.MSTestAdapter.PlatformServices.dll
-
Size
99KB
-
MD5
85392bce56ebfc0fa98053e387d9bc75
-
SHA1
8da051c274cbbcb385c1b118ac7084594b0b5042
-
SHA256
2277d6eaa6fb3edc48c4c3b03aa024ecb89fb3e6ce1f23a348e77ea495e790cf
-
SHA512
f9735e4772a7490e21c6851ea9af7f1c7d9283b4d4f3a6b41c64ce4cdfd88c71699c02a4bad6e585c34fc04a58544808350515ea4d71a9597ca5322f349ed0f5
-
SSDEEP
1536:stdZMxG+d5x8JcNBaVV7nOHzVbKihRauFHQgMNfaElrsff95gUdR16gKAh8W11P:s44cNBSpOHBKihRaEQAEqff9VdRf8A1P
Score1/10 -
-
-
Target
SeroXen/bin/Microsoft.VisualStudio.TestPlatform.TestFramework.Extensions.dll
-
Size
25KB
-
MD5
2300250ee990b536eb9ec1401617213b
-
SHA1
29bf3b475506406ffa49814c300e209b7a4f1d11
-
SHA256
0998ee28d8b43a5753f0a3af8d80bddaf414a3e03a8732981f4d719d67564fc2
-
SHA512
1276f2a5941ac03315ee3d907ed2ead4e26c964b1567c08481e78c10e16d34c80d9349d4dd6cb8e72bc55f7b06e11d674ce62bd9fdd938219a656bf2015afb86
-
SSDEEP
384:yrDjuKfEO77j7K+Hw63UZg+fzlgl8hb4bb/6bQfEKAM29cSaKjmST2ozngxYaWH5:KfuKfVzsgFCQxA5/mWng25
Score1/10 -
-
-
Target
SeroXen/bin/Microsoft.VisualStudio.TestPlatform.TestFramework.dll
-
Size
58KB
-
MD5
ae48ee9e36c045d98904c0e48ab661b1
-
SHA1
4734a4894906aacc58d57bb7c828d3af98197004
-
SHA256
f5bc913c7410f7f4f1b0db7f0ddc90cac5858e4076d642744416830f7c2a4a6b
-
SHA512
c98cb6ab212ebc1f82fe2d76e6c0838657f7b864b2c500d2952b9161744a83c69616df11c62f248345e4968ea767884684dc3f7e870be3712a58716eed27ac80
-
SSDEEP
768:khK6GEpsh6tjavt/VhlPeMHi3klMdARhdhlD7pxva6K8W2FXvhLmiqc0WvnZHXM7:YDGEpNyr/CMfTCpRivvDWN+gqHof0q3R
Score1/10 -
-
-
Target
SeroXen/bin/Mono.Cecil.Mdb.dll
-
Size
191KB
-
MD5
816bd7caee4eb82de66a3500aecdbcd4
-
SHA1
8c58f70335c60e5dc2ff27bea9568ab4886bc30b
-
SHA256
bad4bd80811674ecb8a9247c15775cbb40df527441a0cdfd35d0b18ba3c93587
-
SHA512
8119df718e37efed003fac05d48686d52aae132c324370142a2aca847af27c1455b63048199906bab5e0cbdd6ea15bbfd6f53a0cefeb786e0e557a54b9834c91
-
SSDEEP
3072:qlCvZMUxyaaHy8pgFPNDBQLfAVc67e4upqn6CyhAPGXdxhss:qQvZMUxyaaHyhJNyDlVU69MGtxhf
Score1/10 -
-
-
Target
SeroXen/bin/Mono.Cecil.Pdb.dll
-
Size
265KB
-
MD5
c6c90c9a2a3b7735c78ab274e1be51ac
-
SHA1
e4a5aa44b47e605167e80d5b49ebdf844ccb91d5
-
SHA256
14f9512115c3f24ea4433cc74b2ed4ad68122cfc38633f8ba83306d4c5628c1b
-
SHA512
8e2cba3c2b08dc7cc27e5788b59660d0e6f40ae123138107b269b6cc603d569aff0c4b369c28ff473adaa5715cc96d373e0917d1b291daef4cd5d136700fc926
-
SSDEEP
3072:Wyl7NjpG/hwPXumS1I6iIf10yD9TpYfR0KPONxthzESE5xZ0AxA0RVzLVi/I7jBD:Z7pAJ03GpYZ9kxthzE7P9RughLM2
Score1/10 -
-
-
Target
SeroXen/bin/Mono.Cecil.Rocks.dll
-
Size
100KB
-
MD5
efc05992923eae4261142d6c6e0766ea
-
SHA1
861dc1f1597330248586c75b3eaab0f36b2b3485
-
SHA256
8f7d70e962f46af559614267c2153b4db6609a54f56f8388a0e16ba401970f52
-
SHA512
70ba3cfc82884831c57626005fa30522711898f9a56bd8a3645c1eba7c8239be077cac5d011d6f7fae76439ae7e5c3f8864e592e5634964a4fe2a83196c0e84a
-
SSDEEP
3072:tpjx70ixRB8E10W42Aw/otf44SitEB9wrpNMVtP8dHE8x1HwAQ5j0AU0fK:tpjx70ixRB8E10W42Aw/otf44SitEB9Q
Score1/10 -
-
-
Target
SeroXen/bin/Mono.Cecil.dll
-
Size
1.8MB
-
MD5
925879684b81b251f166e375dc722f27
-
SHA1
eabfb765267902df4abe38c28ec894e3637332d3
-
SHA256
867df4eae1113e63ad5d744477fb34954f339fca68c8b60cea1368e28503800e
-
SHA512
6d2543ebdaea8ea3d9f2ee5b03f5de3142c8d3e08f36c4879aad76a6cb46da99cd8da869cf0262c4e677f81db1c8470feb7ea148ba67d21cd2d6b620da5ad02e
-
SSDEEP
24576:L9IIx+jSHUd+1powI4UT8+g4DjvnmCrlwzE:LhhUd+1KwI4UjmC5wzE
Score1/10 -