» asshurt.dll
Overview
Analysis
File Details
Downloads (2)

asshurt.dll

The library asshurt.dll has been detected as malware by 13 anti-virus scanners. The file has been seen being downloaded from ln.syncusercontent.com and multiple other hosts.

File name:

asshurt.dll

MD5:

7b687ac707c6a474780348b3d3db8194

SHA-1:

00c220291b994cbe379589a98fc08c034bcf38d0

SHA-256:

cc607be35b705cc5b45376a978a2adc22953851032209784cc61f60fb487383b

Scanner detections:

13 / 68

Status:

Malware

Analysis date:

11/5/2024 4:42:03 AM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

TR/Black.Gen2

8.3.3.4

avast!

Win32:Malware-gen

2014.9-160507

AVG

Win32/Blacked

2017.0.2750

Comodo Security

UnclassifiedMalware

24922

ESET NOD32

Win32/Packed.VMProtect.ABO (variant)

10.13433

Fortinet FortiGate

W32/VMProtBad.A!tr

5/7/2016

G Data

Win32.Trojan.Agent.F6FOAR

16.5.25

IKARUS anti.virus

Trojan.Win32.VMProtect

t3scan.2.0.9.0

K7 AntiVirus

Trojan

13.224.19494

McAfee

RDN/Generic.tfr

5600.6406

Qihoo 360 Security

HEUR/QVM36.0.Malware.Gen

1.0.0.1120

Sophos

Mal/VMProtBad-A

4.98

Zillya! Antivirus

Trojan.Packed.Win32.84957

2.0.0.2839

File size:

519 KB (531,456 bytes)

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\users\{user}\downloads\asshurt.dll

File PE Metadata

Compilation timestamp:

4/26/2016 8:54:58 PM

OS version:

6.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

14.0

CTPH (ssdeep):

12288:UN40KFeud04NwTr+g3gSlRG5YgpyOpuclTcxOyZAJH4d:MN5ud0ow2QlEymDcx/ZWH4d

Entry address:

0x1695BD

Entry point:

9C, C7, 04, 24, 97, 6C, 43, FF, 56, C7, 04, 24, B5, 36, F0, 64, 9C, 8D, 64, 24, 04, E9, B5, DC, 02, 00, 88, 0C, 24, 8D, 64, 24, 04, 0F, 84, 3A, 90, FF, FF, 54, 8D, 64, 24, 04, E9, 57, AE, 02, 00, F5, 3A, 07, E9, 37, 47, 00, 00, B3, 02, 8D, 64, 24, 2C, 9C, FF, 34, 24, 8D, 64, 24, 08, E8, CE, 3B, 00, 00, E9, 6A, 6B, 02, 00, E8, F7, 69, 00, 00, F7, D4, E4, B3, 72, 10, 6E, 13, 5E, 51, 1F, 94, EB, C4, 92, 31, F4, B7, CC, BB, 83, 10, 6A, 25, 47, 44, A6, CD, 9B, 1C, CA, B5, 89, 22, 90, 2F, 9B, 9B, A6, FC, AA, 58... 
[+]

Entropy:

7.4971

Code size:

169.5 KB (173,568 bytes)

The file asshurt.dll has been seen being distributed by the following 2 URLs.

https://ln.syncusercontent.com/mfs-a50e1c9a6aeacee3b112a185056cc696588448114df9219ceb1307e190eb568e4/p/asshurt.dll?sharelink_id=186538880008&linkoid=8000008&linkcachekey=4a1e51290&datakey=NMKL1ipcgsZqjVWQArk7cufg4/Yd0RgjA5AniJNRwB4AjPL3Plz/TY3qDfTAJWJUMZuDYf0EnOJv1iDbxOMTAaan66/.../iceysSNcV4Wlgy0zDcmICrX9na9YL38RYG4Me2h9LyrSZdEDtCBpWCfZvIJCq42PtUgzGkt3mNiivVdXDUxZyKyZljo7x5uYfzKyPyKScdEXIvsjmP7q9P QWyRAZ1rFJbmakHRieyT9XPruzAFtxwCQep9M3cs shoG fmMa9DMUEYp9IsmsuxNEYHg1oxxri90MtCRrGOrfu3gvOK1W0RTfp363DQoQDfc3IpHg&mode=100&header1=Q29udGVudC1UeXBlOiBhcHBsaWNhdGlvbi9vY3RldC1zdHJlYW0&header2=Q29udGVudC1EaXNwb3NpdGlvbjogYXR0YWNobWVudDsgZmlsZW5hbWU9ImFzc2h1cnQuZGxsIg

https://ln.syncusercontent.com/mfs-a50e1c9a6aeacee3b112a185056cc696588448114df9219ceb1307e190eb568e4/p/asshurt.dll?sharelink_id=186538880008&linkoid=8000008&linkcachekey=4a1e51290&datakey=lESLMdmFDWIp0 oF0OfbrgY5XlG DS bpJ3erRpa4OEBhA8T7DuuVojJQfAV/Z2rrlaU7iTI2qI1SgNOqkFN QV8JSR8vvb4 W9jyCV/Kkd/yQ/M4LmhmO59wcx/2DghrSqzY1jHmEWElmFHAu2lU1tx2gLdwF2vq02ZIWDlZynZFQEdAh9yLJjSPiWroAhgmJnmWlDUO4bJCb1ViV3jjn5IbFfUAwRqB bfdjkyaQLVt0OCyLRn01tVoUs4 wYF/.../X WMdKDb ho1 MICKC16X6ItUAHM7GdT2DUoqhRsJZR1NSqQ&mode=100&header1=Q29udGVudC1UeXBlOiBhcHBsaWNhdGlvbi9vY3RldC1zdHJlYW0&header2=Q29udGVudC1EaXNwb3NpdGlvbjogYXR0YWNobWVudDsgZmlsZW5hbWU9ImFzc2h1cnQuZGxsIg

Remove asshurt.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.