» assleech.dll
Overview
Analysis
File Details
Downloads (5)

assleech.dll

The library assleech.dll has been detected as malware by 6 anti-virus scanners. The file has been seen being downloaded from ln.syncusercontent.com and multiple other hosts.

File name:

assleech.dll

MD5:

1a67cf4728dc05c4b341ee0e34244cf6

SHA-1:

3429c85bb83f7d098d8bccdd85da3b44433bef4c

SHA-256:

cd1c9700ce3f0931dcb8a71413adb39d3fa8bc2b12b656e64012dcf4d9587f3d

Scanner detections:

6 / 68

Status:

Malware

Analysis date:

11/5/2024 4:45:43 AM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

TR/Black.Gen2

8.3.3.4

AVG

Win32/Blacked

2017.0.2764

Bkav FE

HW32.Packed

1.3.0.7744

ESET NOD32

Win32/Packed.VMProtect.ABO (variant)

10.13379

Qihoo 360 Security

HEUR/QVM36.0.0000.Malware.Gen

1.0.0.1120

Sophos

Mal/VMProtBad-A

4.98

File size:

163.5 KB (167,424 bytes)

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\users\{user}\downloads\assleech.dll

File PE Metadata

Compilation timestamp:

4/22/2016 9:32:10 PM

OS version:

6.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

14.0

CTPH (ssdeep):

3072:7MRan/GoA8QFiVi+urW2rXm83tPRNNXXKvj6sI5k:WSG58QQYWGm8RfX9sI5k

Entry address:

0x10DDFF

Entry point:

E9, FA, 01, 01, 00, F6, D0, E8, 6E, 6D, 01, 00, 58, 8D, 7F, 01, 98, 0F, B6, C3, E8, 76, 92, 00, 00, 85, 62, 58, 40, 7E, DB, 5F, 5D, 01, E1, 5F, 8B, 4C, 85, 0D, E2, 1F, 74, 41, C4, 6F, 53, A8, E8, 6F, AB, 1D, BD, 6F, 26, 24, A2, 71, DC, F2, 2C, 89, 24, 0A, A6, 0B, DE, 41, 98, D3, F1, 0A, DD, 03, 24, E8, 3E, 1E, C9, 54, 93, 8E, 66, D0, 7A, AE, 78, 90, 51, 65, 33, E1, D6, 11, C0, 24, 34, 46, CC, 3B, EB, A2, 92, 09, 54, 76, 32, 0F, 5C, FE, 09, E6, AF, C1, 50, 71, AF, 88, 01, 31, 48, 33, 94, 02, E0, 89, 9B, 88... 
[+]

Entropy:

7.4816

Packer / compiler:

Xtreme-Protector v1.05

Code size:

23 KB (23,552 bytes)

The file assleech.dll has been seen being distributed by the following 5 URLs.

https://ln.syncusercontent.com/mfs-5fea196d21f0e02b327b3524258b8e1380372bb88083d72dbf279b2719cad2375/p/Assleech.dll?sharelink_id=179602110008&linkoid=8000008&linkcachekey=962577d80&datakey=ftcdUt9AkwpmLMcyHX/txdu1cEAOEYWq9 gmOPXshqOmA0FrsnjsedxO zW8WNgEzaTOG4y7FJLAtC s MbuayCmtbhL1eBE5HOprCY4VUFRAMWkN8wLWL3 sYNmoXwI dah/2wp5ucDmUZgciBeNSvOv TEoYa1N0DO5NnmkyQmYjDOUZCQsXx8xcF Qw/.../dtL63UfTjxW4jWrS6N clh8RbVlYFh4c0aqgrvkUe9mt6mVUz dzJ C1JOD8QkcotDzvKU db7aQnjcpG6lnpBX3UPQQYXlY6TyUciQFawOC1BEaldGlWwpTxQkJxcH7LNFCGUwDlGCxA&mode=100&header1=Q29udGVudC1UeXBlOiBhcHBsaWNhdGlvbi9vY3RldC1zdHJlYW0&header2=Q29udGVudC1EaXNwb3NpdGlvbjogYXR0YWNobWVudDsgZmlsZW5hbWU9IkFzc2xlZWNoLmRsbCI

https://ln.syncusercontent.com/mfs-5fea196d21f0e02b327b3524258b8e1380372bb88083d72dbf279b2719cad2375/p/Assleech.dll?sharelink_id=179602110008&linkoid=8000008&linkcachekey=962577d80&datakey=XDIpcDfTZgw2rYzTKbDCJfmJE7erO3U7Zlww2NVcqrbmBqJIKiTZugA/cG53cdMgjX9bMXRgFnkR7sFJK1EH5BCSCMAqOJKmjpTuHI4bBXkqhy7KJW cuzPfrL6fbVMN f3nyBWQP7XJVkXBQTSarrDVUltCBpV miJ0dS3cEQ5EuKqv7VfPMPrhOOPjUYkHRSHp/iRw9q2EiLA7rezrOB9onB0OofD6WopmzAaEUMXp9sqyvOOL5mZgNA3ctlYBS29sdCV/.../toO8awtr 1v8b6P5snatp846OY96LJ2E2GbEqvroe4w&mode=100&header1=Q29udGVudC1UeXBlOiBhcHBsaWNhdGlvbi9vY3RldC1zdHJlYW0&header2=Q29udGVudC1EaXNwb3NpdGlvbjogYXR0YWNobWVudDsgZmlsZW5hbWU9IkFzc2xlZWNoLmRsbCI

https://ln.syncusercontent.com/mfs-5fea196d21f0e02b327b3524258b8e1380372bb88083d72dbf279b2719cad2375/p/Assleech.dll?sharelink_id=179602110008&linkoid=8000008&linkcachekey=962577d80&datakey=X MbPsmnrgYaVeh 6bxMkx/UOBqX4LL0K38YzgNP6Ue ReO LZ/ivjpZv//CMEptdjTUpNpwbNrxUNmbpmh5lE /GXoRHxap1T/zpSNNoKe/Zw3RxzH7LWoC1XqTbvGNkkgpphxT1c6nwqFriXvwCjJJ6T8YMo3kWRL ZspaZN E9XPuSsvu6 yf/.../YInDanFTCcDV67X 042O14jnZBZUyrQHaULkpYtnaTjxD7Y1VLWfiITHBACb8kGY5maFjwqITR1uVh0PQ&mode=100&header1=Q29udGVudC1UeXBlOiBhcHBsaWNhdGlvbi9vY3RldC1zdHJlYW0&header2=Q29udGVudC1EaXNwb3NpdGlvbjogYXR0YWNobWVudDsgZmlsZW5hbWU9IkFzc2xlZWNoLmRsbCI

https://ln.syncusercontent.com/mfs-5fea196d21f0e02b327b3524258b8e1380372bb88083d72dbf279b2719cad2375/p/Assleech.dll?sharelink_id=179602110008&linkoid=8000008&linkcachekey=962577d80&datakey=oGx1LyFabjBPwbRKN4Gs3j6Rdk89kt1ACGO t7Ha8qCy j5BzJ47HueHFTVjJPR7uOcY5gHjpd8kHNJ 2eJBRPuiVfRROmdCSEoXG jU/w8CFJKvnOqRm5BOC5qolhcKtyZFEc2VMNghvMCwG ffHynPZamxAdtBoi Ix/VmLhKpcIcxW5wQkXyn42Y5KP78IqOg1mWbBp/vBWrjEQpwk66PN/.../MyaaxRaqrDhakbfMraa10K4AyDgqO1nkyEOo3z9JzbETR4Q&mode=100&header1=Q29udGVudC1UeXBlOiBhcHBsaWNhdGlvbi9vY3RldC1zdHJlYW0&header2=Q29udGVudC1EaXNwb3NpdGlvbjogYXR0YWNobWVudDsgZmlsZW5hbWU9IkFzc2xlZWNoLmRsbCI

http://www.filedropper.com/.../filedownload.php?id=assleech_4

Remove assleech.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.