quasar | SeroXen[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

SeroXen.zip
Size

28.4MB
MD5

a48f01863eef695f0ee387e10dcffee3
SHA1

939dbe6e3d0ad0878edea8e13f992997b777381f
SHA256

3f42688027964833072e16ebd523406819d90db0169f36bcc87ed69c68b63e86
SHA512

d2a4d340d8372e5dea4e9b0a24f33d552b6f37038f26392ba3660dd4d754779ab27b06a62733c789b76729b221cf2aa530448663e8621f45ae2ae5d297b075ae
SSDEEP

786432:6dn6DdCGXUBy0NwNH4CaOwRzxvHdJLAgXy/zpsIDN0f8:6c3sy0NPFRtvPLAqeVDmf8

Score

10^/10

quasar

Malware Config

Signatures

Quasar family
quasar

Quasar payload 1 IoCs

resource	yara_rule
static1/unpack001/SeroXen/bin/Quasar.Common.dll	family_quasar

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/SeroXen/SeroXen.exe
unpack001/SeroXen/bin/SeroXen.exe

Files

SeroXen.zip
.zip
SeroXen/README.txt
SeroXen/SeroXen Documentation and TOS.pdf
.pdf
SeroXen/SeroXen.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\C5\Documents\SeroXen Stuff\Quasar-master\Quasar-master-release\bin\Release\net452\REPOS\SeroXen Launcher\SeroXen_Launcher\SeroXen Launcher\bin\x64\Release\SeroXen Launcher.pdb

Sections

.text
Size: 323KB - Virtual size: 322KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
SeroXen/bin/BouncyCastle.Crypto.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

37:4d:dd:80:d0:6b:63:20:d7:8c:09:38:8b:aa:f9:b6:e1:63:dd:ca
Signer

Actual PE Digest

37:4d:dd:80:d0:6b:63:20:d7:8c:09:38:8b:aa:f9:b6:e1:63:dd:ca

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

BouncyCastle.Crypto.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeroXen/bin/Cake.Core.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

7e:e5:96:07:12:f4:75:26:dc:30:03:fa:fb:28:bc:8a:10:7f:fd:b2
Signer

Actual PE Digest

7e:e5:96:07:12:f4:75:26:dc:30:03:fa:fb:28:bc:8a:10:7f:fd:b2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\C5\Documents\SeroXen Stuff\Quasar-master\Quasar-master-release\bin\Release\Cake.Core.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 587KB - Virtual size: 586KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeroXen/bin/Cake.Powershell.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

a1:a9:3b:a1:ec:45:94:b9:51:63:a4:9e:63:8e:04:bf:f0:a2:74:06
Signer

Actual PE Digest

a1:a9:3b:a1:ec:45:94:b9:51:63:a4:9e:63:8e:04:bf:f0:a2:74:06

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\C5\Documents\SeroXen Stuff\Quasar-master\Quasar-master-release\bin\Release\Cake.Powershell.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeroXen/bin/EasyHook.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

36:ba:d4:2d:47:9e:47:a9:3e:3b:15:93:67:c5:f0:25:03:27:f5:5f
Signer

Actual PE Digest

36:ba:d4:2d:47:9e:47:a9:3e:3b:15:93:67:c5:f0:25:03:27:f5:5f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\C5\Desktop\EasyHook.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 233KB - Virtual size: 232KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeroXen/bin/Gma.System.MouseKeyHook.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

d0:1c:3e:7f:2a:e8:8c:ff:be:e3:ea:13:b8:ad:61:b7:c0:92:ce:5b
Signer

Actual PE Digest

d0:1c:3e:7f:2a:e8:8c:ff:be:e3:ea:13:b8:ad:61:b7:c0:92:ce:5b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\projects\globalmousekeyhook\MouseKeyHook\obj\Debug\Gma.System.MouseKeyHook.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeroXen/bin/Logic.NET.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

e1:47:8e:1f:86:6e:2f:49:e9:27:04:bf:5f:22:b1:6c:63:f9:b8:3a
Signer

Actual PE Digest

e1:47:8e:1f:86:6e:2f:49:e9:27:04:bf:5f:22:b1:6c:63:f9:b8:3a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\C5\Downloads\LoGiC.NET-1.4\LoGiC.NET-1.4\obj\Release\LoGiC.NET.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 469KB - Virtual size: 468KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeroXen/bin/Microsoft.VisualStudio.CodeCoverage.Shim.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

0a:7a:9c:00:f9:bc:ea:8b:0a:1a:1f:6d:6c:3b:ec:44:5b:cd:d0:dc
Signer

Actual PE Digest

0a:7a:9c:00:f9:bc:ea:8b:0a:1a:1f:6d:6c:3b:ec:44:5b:cd:d0:dc

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

F:\binaries\Intermediate\vset\shim.csproj_kqmet5lz\objr\x86\Microsoft.VisualStudio.CodeCoverage.Shim.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeroXen/bin/Microsoft.VisualStudio.TestPlatform.MSTest.TestAdapter.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

5e:bf:52:e5:b7:28:ed:8f:c9:6b:bc:e0:35:d5:3b:b3:00:0e:e2:b2
Signer

Actual PE Digest

5e:bf:52:e5:b7:28:ed:8f:c9:6b:bc:e0:35:d5:3b:b3:00:0e:e2:b2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

E:\A\_work\4790\s\src\Adapter\MSTest.CoreAdapter\obj\Release\Microsoft.VisualStudio.TestPlatform.MSTest.TestAdapter.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeroXen/bin/Microsoft.VisualStudio.TestPlatform.MSTestAdapter.PlatformServices.Interface.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

a7:d9:c5:aa:a1:d3:e2:75:6a:46:13:55:a7:dd:32:83:02:ac:d7:8b
Signer

Actual PE Digest

a7:d9:c5:aa:a1:d3:e2:75:6a:46:13:55:a7:dd:32:83:02:ac:d7:8b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

E:\A\_work\4790\s\src\Adapter\PlatformServices.Interface\obj\Release\Microsoft.VisualStudio.TestPlatform.MSTestAdapter.PlatformServices.Interface.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeroXen/bin/Microsoft.VisualStudio.TestPlatform.MSTestAdapter.PlatformServices.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

5f:65:71:f0:46:1f:d6:7c:1d:d6:18:91:1c:3b:38:1d:67:a7:c9:10
Signer

Actual PE Digest

5f:65:71:f0:46:1f:d6:7c:1d:d6:18:91:1c:3b:38:1d:67:a7:c9:10

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

E:\A\_work\4790\s\src\Adapter\PlatformServices.Desktop\obj\Release\Microsoft.VisualStudio.TestPlatform.MSTestAdapter.PlatformServices.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeroXen/bin/Microsoft.VisualStudio.TestPlatform.TestFramework.Extensions.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

d3:c7:d9:ad:7e:b5:23:e9:82:75:fa:6f:d2:f6:95:1b:5e:47:0f:90
Signer

Actual PE Digest

d3:c7:d9:ad:7e:b5:23:e9:82:75:fa:6f:d2:f6:95:1b:5e:47:0f:90

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

E:\A\_work\4790\s\src\TestFramework\Extension.Desktop\obj\Release\Microsoft.VisualStudio.TestPlatform.TestFramework.Extensions.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeroXen/bin/Microsoft.VisualStudio.TestPlatform.TestFramework.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

9f:0e:a1:3c:e4:6d:79:5a:d2:03:ce:74:d0:8c:e5:a0:ca:75:5c:5b
Signer

Actual PE Digest

9f:0e:a1:3c:e4:6d:79:5a:d2:03:ce:74:d0:8c:e5:a0:ca:75:5c:5b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

E:\A\_work\4790\s\src\TestFramework\MSTest.Core\obj\Release\Microsoft.VisualStudio.TestPlatform.TestFramework.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeroXen/bin/Mono.Cecil.Mdb.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

3d:f2:d5:ca:af:12:66:5b:de:ce:77:71:32:85:6b:b5:64:33:e0:0b
Signer

Actual PE Digest

3d:f2:d5:ca:af:12:66:5b:de:ce:77:71:32:85:6b:b5:64:33:e0:0b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\C5\Documents\SeroXen Stuff\Quasar-master\Quasar-master-release\bin\Release\Mono.Cecil.Mdb.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 188KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeroXen/bin/Mono.Cecil.Pdb.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

79:04:23:6b:3c:e5:f0:83:16:71:8c:d7:c5:f0:08:78:8d:82:9f:ea
Signer

Actual PE Digest

79:04:23:6b:3c:e5:f0:83:16:71:8c:d7:c5:f0:08:78:8d:82:9f:ea

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\C5\Documents\SeroXen Stuff\Quasar-master\Quasar-master-release\bin\Release\Mono.Cecil.Pdb.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 262KB - Virtual size: 262KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeroXen/bin/Mono.Cecil.Rocks.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

6d:52:d8:3f:b3:65:a9:5f:5e:54:b0:d7:1d:68:74:4c:68:a9:b0:8a
Signer

Actual PE Digest

6d:52:d8:3f:b3:65:a9:5f:5e:54:b0:d7:1d:68:74:4c:68:a9:b0:8a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\C5\Documents\SeroXen Stuff\Quasar-master\Quasar-master-release\bin\Release\Mono.Cecil.Rocks.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeroXen/bin/Mono.Cecil.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

c7:2f:ee:81:68:fe:fc:48:9e:19:f7:6b:73:06:22:82:16:5b:9c:89
Signer

Actual PE Digest

c7:2f:ee:81:68:fe:fc:48:9e:19:f7:6b:73:06:22:82:16:5b:9c:89

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\C5\Documents\SeroXen Stuff\Quasar-master\Quasar-master-release\bin\Release\Mono.Cecil.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeroXen/bin/MonoMod.Backports.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

08:0e:a8:08:be:52:6b:8e:6f:f4:8f:11:f9:a6:0a:77:f2:d6:13:ce
Signer

Actual PE Digest

08:0e:a8:08:be:52:6b:8e:6f:f4:8f:11:f9:a6:0a:77:f2:d6:13:ce

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\C5\Desktop\asdsdasd\MonoMod.Backports.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 410KB - Virtual size: 409KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeroXen/bin/MonoMod.ILHelpers.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

7a:33:4e:7a:c4:6d:9c:d0:08:90:e9:c6:5c:7b:5d:eb:9b:7d:71:09
Signer

Actual PE Digest

7a:33:4e:7a:c4:6d:9c:d0:08:90:e9:c6:5c:7b:5d:eb:9b:7d:71:09

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\C5\Desktop\asdsdasd\MonoMod.ILHelpers.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeroXen/bin/MonoMod.Utils.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

b8:83:de:65:84:48:7c:bf:a8:1b:a3:ab:71:50:c5:67:f9:0f:c7:26
Signer

Actual PE Digest

b8:83:de:65:84:48:7c:bf:a8:1b:a3:ab:71:50:c5:67:f9:0f:c7:26

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\C5\Desktop\asdsdasd\MonoMod.Utils.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 883KB - Virtual size: 882KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeroXen/bin/Newtonsoft.Json.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

81:23:d1:fa:ee:1c:d4:58:8e:87:e2:44:00:4a:31:47:44:49:ed:d8
Signer

Actual PE Digest

81:23:d1:fa:ee:1c:d4:58:8e:87:e2:44:00:4a:31:47:44:49:ed:d8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

/_/Src/Newtonsoft.Json/obj/Release/net45/Newtonsoft.Json.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 681KB - Virtual size: 680KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeroXen/bin/Open.Nat.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

ce:73:51:33:f7:08:24:37:19:f0:b0:8e:82:e6:8d:e0:77:49:0a:63
Signer

Actual PE Digest

ce:73:51:33:f7:08:24:37:19:f0:b0:8e:82:e6:8d:e0:77:49:0a:63

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\C5\Documents\SeroXen Stuff\Quasar-master\Quasar-master-release\bin\Release\Open.Nat.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 325KB - Virtual size: 324KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeroXen/bin/Quasar.Common.Tests.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

91:c4:5a:3c:a7:3f:d9:96:a4:1a:47:00:a3:e6:bf:17:20:bc:0f:e4
Signer

Actual PE Digest

91:c4:5a:3c:a7:3f:d9:96:a4:1a:47:00:a3:e6:bf:17:20:bc:0f:e4

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\C5\Desktop\SXN\SeroXen\bin\Quasar.Common.Tests.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 948B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeroXen/bin/Quasar.Common.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

5f:a7:61:fa:5e:17:2c:48:f3:8f:17:f5:33:5a:f9:81:1d:dd:a6:a7
Signer

Actual PE Digest

5f:a7:61:fa:5e:17:2c:48:f3:8f:17:f5:33:5a:f9:81:1d:dd:a6:a7

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\C5\Desktop\SXN\SeroXen\bin\Quasar.Common.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 286KB - Virtual size: 286KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeroXen/bin/Renci.SshNet.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

9a:05:25:64:71:e1:0b:eb:d3:26:73:70:77:6f:c1:f7:b7:b2:0d:3b
Signer

Actual PE Digest

9a:05:25:64:71:e1:0b:eb:d3:26:73:70:77:6f:c1:f7:b7:b2:0d:3b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\C5\Documents\SeroXen Stuff\Quasar-master\Quasar-master-release\bin\Release\Renci.SshNet.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeroXen/bin/SeroXen.exe
.exe windows:6 windows x64 arch:x64

63a41778bd0650fcaaf45dbeb6b7072a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\a\deno\deno\target\release\deps\deno.pdb

Imports

powrprof

CallNtPowerInformation

iphlpapi

GetAdaptersAddresses

ntdll

NtCancelIoFileEx
RtlPcToFileHeader
RtlUnwindEx
RtlNtStatusToDosError
RtlCaptureStackBackTrace
RtlDeleteFunctionTable
RtlAddFunctionTable
VerSetConditionMask
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
NtCreateFile
NtDeviceIoControlFile
RtlUnwind

bcrypt

BCryptGenRandom

advapi32

RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
SystemFunction036
RegQueryValueExW

d3dcompiler_47

D3DCompile

dbghelp

SymGetModuleBase64
SymSetOptions
SymGetLineFromAddr64
SymFromAddr
SymInitialize
SymFunctionTableAccess64
StackWalk64
SymSetSearchPathW
SymGetSearchPathW

kernel32

HeapSize
IsValidCodePage
OutputDebugStringW
GetConsoleOutputCP
GetStringTypeW
GetUserDefaultLCID
GetACP
GetOEMCP
FindFirstFileExW
SetStdHandle
EnumSystemLocalesW
MultiByteToWideChar
SetEndOfFile
GetFileSizeEx
RemoveDirectoryW
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetCommandLineA
GetCPInfo
FreeLibraryAndExitThread
ExitThread
SwitchToThread
SetConsoleMode
LeaveCriticalSection
CloseHandle
SetConsoleCursorPosition
lstrlenW
GetProcessHeap
HeapAlloc
WaitForSingleObject
GetLastError
GetExitCodeProcess
GetCurrentProcessId
GetCommandLineW
HeapFree
AddVectoredExceptionHandler
HeapReAlloc
GetStdHandle
GetFileInformationByHandleEx
GetConsoleMode
EnterCriticalSection
Sleep
GetProcAddress
LoadLibraryExW
CreateEventA
CreateHardLinkW
DeviceIoControl
ReadFile
FreeLibrary
TerminateProcess
RegisterWaitForSingleObject
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetCurrentDirectoryW
GetProcessId
SetEnvironmentVariableW
SetErrorMode
SetThreadErrorMode
LoadLibraryW
OpenProcess
GetConsoleScreenBufferInfo
CreateToolhelp32Snapshot
Process32First
Process32Next
ResetEvent
WaitForMultipleObjects
SetFileTime
GetOverlappedResult
WriteFile
CancelIoEx
SetFileCompletionNotificationModes
CreateIoCompletionPort
GetQueuedCompletionStatusEx
PostQueuedCompletionStatus
WaitForSingleObjectEx
CreateFileW
CreateSemaphoreW
ReadDirectoryChangesW
ReleaseSemaphore
CancelIo
GetSystemInfo
GetModuleHandleA
SetFileInformationByHandle
SetHandleInformation
GetConsoleCursorInfo
SetConsoleCursorInfo
ReadConsoleInputW
FillConsoleOutputCharacterA
FillConsoleOutputAttribute
GetFileInformationByHandle
TlsGetValue
TlsSetValue
InitializeCriticalSection
DeleteCriticalSection
GetModuleHandleW
SetLastError
GetEnvironmentVariableW
WriteConsoleW
GetCurrentProcess
GetCurrentThread
ReleaseMutex
GetCurrentDirectoryW
LoadLibraryA
CreateMutexA
TlsAlloc
FormatMessageW
GetTempPathW
GetModuleFileNameW
FlushFileBuffers
DuplicateHandle
SetFilePointerEx
FindNextFileW
CreateDirectoryW
ReadConsoleW
TryEnterCriticalSection
FindFirstFileW
CreateProcessW
CreateNamedPipeW
CreateEventW
ExitProcess
QueryPerformanceCounter
QueryPerformanceFrequency
GetSystemTimeAsFileTime
FindClose
DeleteFileW
MoveFileExW
SetEvent
SetFileAttributesW
CopyFileExW
CreateThread
GetFinalPathNameByHandleW
UnregisterWaitEx
SetConsoleTextAttribute
GetSystemTimes
GlobalMemoryStatusEx
GetVersionExA
GetLocaleInfoEx
CreateFileA
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
GetTimeZoneInformation
WideCharToMultiByte
GetThreadTimes
GetCurrentThreadId
DeleteFileA
GetTempPathA
GetTempFileNameA
GetFileType
OutputDebugStringA
VerifyVersionInfoW
VirtualAlloc
VirtualFree
IsDebuggerPresent
TlsFree
QueryThreadCycleTime
GetThreadPriority
SetThreadPriority
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
TryAcquireSRWLockExclusive
AcquireSRWLockShared
ReleaseSRWLockShared
VirtualProtect
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableSRW
InitOnceExecuteOnce
SetUnhandledExceptionFilter
GetNativeSystemInfo
GetDynamicTimeZoneInformation
GetUserGeoID
GetGeoInfoW
InitializeConditionVariable
OpenThread
SuspendThread
GetThreadContext
ResumeThread
CreateSemaphoreA
ResolveLocaleName
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetDateFormatEx
GetTimeFormatEx
GetCurrencyFormatEx
GetNumberFormatEx
InitializeSListHead
GetModuleHandleExW
EncodePointer
InterlockedPushEntrySList
RaiseException
IsProcessorFeaturePresent
GetStartupInfoW
UnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount

ole32

CoTaskMemFree

shell32

SHGetKnownFolderPath

ws2_32

setsockopt
getaddrinfo
freeaddrinfo
WSAStartup
WSACleanup
WSASocketW
getpeername
recv
send
shutdown
WSASend
getsockopt
sendto
recvfrom
getsockname
connect
accept
ioctlsocket
socket
WSAIoctl
WSAGetLastError
listen
bind
closesocket

winmm

timeGetTime

Exports

Exports

CrashForExceptionInNonABICompliantCodeRange

Sections

.text
Size: 27.6MB - Virtual size: 27.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21.8MB - Virtual size: 21.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 114KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 109KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 162KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeroXen/bin/System.Management.Automation.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

1c:14:c3:36:cb:e7:4b:09:75:6c:22:cc:fb:67:e9:69:55:ae:14:fc
Signer

Actual PE Digest

1c:14:c3:36:cb:e7:4b:09:75:6c:22:cc:fb:67:e9:69:55:ae:14:fc

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 344KB - Virtual size: 343KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeroXen/bin/System.ValueTuple.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

e0:5a:d1:da:4b:60:60:fb:28:f2:b5:1c:59:6c:d7:66:96:16:eb:e0
Signer

Actual PE Digest

e0:5a:d1:da:4b:60:60:fb:28:f2:b5:1c:59:6c:d7:66:96:16:eb:e0

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

E:\A\_work\39\s\corefx\bin\obj\AnyOS.AnyCPU.Release\System.ValueTuple\netstandard1.0\System.ValueTuple.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeroXen/bin/Vestris.ResourceLib.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

23:0f:c8:cb:be:02:cd:f3:72:20:6e:48:9c:9f:38:ed:8e:fa:c4:46
Signer

Actual PE Digest

23:0f:c8:cb:be:02:cd:f3:72:20:6e:48:9c:9f:38:ed:8e:fa:c4:46

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\C5\Documents\SeroXen Stuff\Quasar-master\Quasar-master-release\bin\Release\Vestris.ResourceLib.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 281KB - Virtual size: 280KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeroXen/bin/dnlib.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

79:28:90:20:b6:c8:23:95:7d:ad:2c:81:09:76:ac:82:d1:cc:3a:29
Signer

Actual PE Digest

79:28:90:20:b6:c8:23:95:7d:ad:2c:81:09:76:ac:82:d1:cc:3a:29

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

/_/src/obj/Release/net45/dnlib.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeroXen/bin/protobuf-net.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

Issuer

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

Not Before

26-08-2023 07:20

Not After

25-08-2024 13:20

Subject

CN={37461E0F-BE27-431A-B6C7-06F5933648BC}

6b:89:d7:bc:b6:90:42:96:f8:93:63:e4:87:b4:31:17:d1:f9:eb:49
Signer

Actual PE Digest

6b:89:d7:bc:b6:90:42:96:f8:93:63:e4:87:b4:31:17:d1:f9:eb:49

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\C5\Documents\SeroXen Stuff\Quasar-master\Quasar-master-release\bin\Release\protobuf-net.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeroXen/bin/settings.xml

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

PDB Paths

Sections

.text Size: 323KB - Virtual size: 322KB

.rsrc Size: 19KB - Virtual size: 19KB

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38Certificate

37:4d:dd:80:d0:6b:63:20:d7:8c:09:38:8b:aa:f9:b6:e1:63:dd:caSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 2.7MB - Virtual size: 2.7MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38Certificate

7e:e5:96:07:12:f4:75:26:dc:30:03:fa:fb:28:bc:8a:10:7f:fd:b2Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 587KB - Virtual size: 586KB

.rsrc Size: 1024B - Virtual size: 1016B

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38Certificate

a1:a9:3b:a1:ec:45:94:b9:51:63:a4:9e:63:8e:04:bf:f0:a2:74:06Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 81KB - Virtual size: 81KB

.rsrc Size: 1024B - Virtual size: 888B

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38Certificate

36:ba:d4:2d:47:9e:47:a9:3e:3b:15:93:67:c5:f0:25:03:27:f5:5fSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 233KB - Virtual size: 232KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Code Sign

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38Certificate

d0:1c:3e:7f:2a:e8:8c:ff:be:e3:ea:13:b8:ad:61:b7:c0:92:ce:5bSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 44KB - Virtual size: 43KB

.text
Size: 323KB - Virtual size: 322KB

.rsrc
Size: 19KB - Virtual size: 19KB

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

37:4d:dd:80:d0:6b:63:20:d7:8c:09:38:8b:aa:f9:b6:e1:63:dd:ca
Signer

.text
Size: 2.7MB - Virtual size: 2.7MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

7e:e5:96:07:12:f4:75:26:dc:30:03:fa:fb:28:bc:8a:10:7f:fd:b2
Signer

.text
Size: 587KB - Virtual size: 586KB

.rsrc
Size: 1024B - Virtual size: 1016B

.reloc
Size: 512B - Virtual size: 12B

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

a1:a9:3b:a1:ec:45:94:b9:51:63:a4:9e:63:8e:04:bf:f0:a2:74:06
Signer

.text
Size: 81KB - Virtual size: 81KB

.rsrc
Size: 1024B - Virtual size: 888B

.reloc
Size: 512B - Virtual size: 12B

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

36:ba:d4:2d:47:9e:47:a9:3e:3b:15:93:67:c5:f0:25:03:27:f5:5f
Signer

.text
Size: 233KB - Virtual size: 232KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

d0:1c:3e:7f:2a:e8:8c:ff:be:e3:ea:13:b8:ad:61:b7:c0:92:ce:5b
Signer

.text
Size: 44KB - Virtual size: 43KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 12B

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

e1:47:8e:1f:86:6e:2f:49:e9:27:04:bf:5f:22:b1:6c:63:f9:b8:3a
Signer

.text
Size: 469KB - Virtual size: 468KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

0a:7a:9c:00:f9:bc:ea:8b:0a:1a:1f:6d:6c:3b:ec:44:5b:cd:d0:dc
Signer

.text
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

5e:bf:52:e5:b7:28:ed:8f:c9:6b:bc:e0:35:d5:3b:b3:00:0e:e2:b2
Signer

.text
Size: 120KB - Virtual size: 120KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

a7:d9:c5:aa:a1:d3:e2:75:6a:46:13:55:a7:dd:32:83:02:ac:d7:8b
Signer

.text
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

28:51:0d:78:56:26:44:86:4f:77:90:84:22:31:00:38
Certificate

5f:65:71:f0:46:1f:d6:7c:1d:d6:18:91:1c:3b:38:1d:67:a7:c9:10
Signer