cb6e5498783057d293cdd184505d725b2c0e9ffabaafd9faebc4d156c36533b8 | Triage

Submit
Reports

Overview

overview

Static

static

pass is 1/...ng.dll

windows7-x64

1

pass is 1/...ng.dll

windows10-2004-x64

1

pass is 1/...re.dll

windows7-x64

1

pass is 1/...re.dll

windows10-2004-x64

1

pass is 1/...ms.dll

windows7-x64

1

pass is 1/...ms.dll

windows10-2004-x64

1

pass is 1/...pf.dll

windows7-x64

1

pass is 1/...pf.dll

windows10-2004-x64

1

pass is 1/UI.dll

windows7-x64

5

pass is 1/UI.dll

windows10-2004-x64

7

pass is 1/awp 2.exe

windows7-x64

1

pass is 1/awp 2.exe

windows10-2004-x64

1

pass is 1/...t).exe

windows7-x64

pass is 1/...t).exe

windows10-2004-x64

Analysis

max time kernel
93s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
28-12-2024 20:26

Sharing

Static task

static1

themida awp quasar

4 signatures

Behavioral task

behavioral1

Sample

pass is 1/Microsoft.Extensions.FileSystemGlobbing.dll

Resource

win7-20241010-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

pass is 1/Microsoft.Extensions.FileSystemGlobbing.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

pass is 1/Microsoft.Web.WebView2.Core.dll

Resource

win7-20241023-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

pass is 1/Microsoft.Web.WebView2.Core.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

pass is 1/Microsoft.Web.WebView2.WinForms.dll

Resource

win7-20241010-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

pass is 1/Microsoft.Web.WebView2.WinForms.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

pass is 1/Microsoft.Web.WebView2.Wpf.dll

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

pass is 1/Microsoft.Web.WebView2.Wpf.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

pass is 1/UI.dll

Resource

win7-20240903-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral10

Sample

pass is 1/UI.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral11

Sample

pass is 1/awp 2.exe

Resource

win7-20240729-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

pass is 1/awp 2.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

pass is 1/driver (run to map it).exe

Resource

win7-20240903-en

quasar awp spyware trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral14

Sample

pass is 1/driver (run to map it).exe

Resource

win10v2004-20241007-en

quasar awp spyware trojan

windows10-2004-x64

12 signatures

150 seconds

Report Analysis Logs

General

Target

pass is 1/Microsoft.Extensions.FileSystemGlobbing.dll
Size

44KB
MD5

470ad714b6cb486c3a64a918e72497a7
SHA1

13583e2627ff47fa64c192d8f91e06c4472e6cda
SHA256

ed0855b522f09b5a9ddbb85de62042c25e07d10044086da8620c845de41e473c
SHA512

6237af61b1f592fd10692906024fc970cd41f3db971c2a869aed392ad686a904edb19dae81cc247b691a26a7e5e554affdf0853b1e29938d6cea799e20343c77
SSDEEP

768:m0PO7gRE3x5o7UP04wqgYtqPRw02KO7I9Yfwbhgv5NFcEn9zT8n3:m02GE3xOwP04wqgYtm2nQY4Ngv5NFT96

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe "C:\Users\Admin\AppData\Local\Temp\pass is 1\Microsoft.Extensions.FileSystemGlobbing.dll",#1
1⤵
PID:3700

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2025

Terms | Privacy