ASUniverse1[.]3[.]9b[.]rar

Sharing

Copy URL Twitter E-mail

General

Target

ASUniverse1.3.9b.rar
Size

2.2MB
MD5

5b5a726b11f5b19ee6543b4397854138
SHA1

01b19f843de767f5071408986cb0c45ced1121d7
SHA256

1f530564040dd87b117567d6155f56fbc221040c8eef04901a393b2dfa387d4f
SHA512

68f93f053ab2257c405107a4b0eb26521a8c8f2e105d8be2eac7f94b23e3958c4f0af4e0eb46d94649b8a5a762b8a085055e5d76409fc78f8e95026950f31660
SSDEEP

49152:MNbU0kz4UZvjEBEvKhLYdMfPs80UUKKtzpx:MJd3UZQEUEqs8x6zpx

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/scripts/ASUniverse.dll
unpack001/scripts/NativeUI.dll
unpack001/scripts/iFruitAddon2.dll

Files

ASUniverse1.3.9b.rar
.rar
Grab Contact Icon/char_mp_stripclub_pr.ytd
README.txt
scripts/ASUniverse.dll
.dll windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Sections

E DXZA
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
scripts/ASUniverse.ini
scripts/ASUniverse.pdb
scripts/ASUniverse/ASUniverse.xml
scripts/ASUniverse/GrabConnector.ini
scripts/ASUniverse/Images/Vehicles/battery_gray.png
.png
scripts/ASUniverse/Images/Vehicles/battery_red.png
.png
scripts/ASUniverse/Images/Vehicles/engine_gray.png
.png
scripts/ASUniverse/Images/Vehicles/engine_yellow.png
.png
scripts/ASUniverse/Images/Vehicles/fuel_gray.png
.png
scripts/ASUniverse/Images/Vehicles/fuel_red.png
.png
scripts/ASUniverse/Images/Vehicles/oil_gray.png
.png
scripts/ASUniverse/Images/Vehicles/oil_red.png
.png
scripts/ASUniverse/Images/Vehicles/temp_blue.png
.png
scripts/ASUniverse/Images/Vehicles/temp_gray.png
.png
scripts/ASUniverse/Images/Vehicles/temp_red.png
.png
scripts/ASUniverse/Images/Vehicles/veh_Persistent.png
.png
scripts/ASUniverse/Images/Vehicles/veh_notPersistent.png
.png
scripts/ASUniverse/Images/asuniverse.jpg
.jpg
scripts/ASUniverse/Images/grab.jpg
.jpg
scripts/ASUniverse/Images/jobmanager.jpg
.jpg
scripts/ASUniverse/Images/mazebank.jpg
.jpg
scripts/ASUniverse/Images/weedhouse.jpg
.jpg
scripts/ASUniverse/a.wav
scripts/ASUniverse/er.wav
scripts/ASUniverse/fuel_injector_bike.wav
scripts/ASUniverse/fuel_injector_car.wav
scripts/ASUniverse/jobs.xml
scripts/ASUniverse/key.wav
scripts/ASUniverse/marker.xml
scripts/ASUniverse/mo.wav
scripts/ASUniverse/no.wav
scripts/ASUniverse/reviews.xml
scripts/ASUniverse/teleporter.xml
scripts/ASUniverse/ui.wav
scripts/ASUniverse/ye.wav
scripts/NativeUI.dll
.dll windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

A:\Dropbox\stuff\Programming\C#\NativeUI\NativeUI\obj\x64\Release\NativeUI.pdb

Sections

.text
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
scripts/NativeUI.xml
.xml
scripts/iFruitAddon2.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\zero\Documents\Visual Studio 2017\scripts para GTAV\iFruitAddon2-master\obj\Debug\iFruitAddon2.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

E DXZA Size: 109KB - Virtual size: 108KB

.text Size: 56KB - Virtual size: 55KB

.rsrc Size: 1024B - Virtual size: 904B

Headers

DLL Characteristics

File Characteristics

PDB Paths

Sections

.text Size: 94KB - Virtual size: 93KB

.rsrc Size: 1024B - Virtual size: 888B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 40KB - Virtual size: 39KB

.rsrc Size: 1024B - Virtual size: 992B

.reloc Size: 512B - Virtual size: 12B

E DXZA
Size: 109KB - Virtual size: 108KB

.text
Size: 56KB - Virtual size: 55KB

.rsrc
Size: 1024B - Virtual size: 904B

.text
Size: 94KB - Virtual size: 93KB

.rsrc
Size: 1024B - Virtual size: 888B

.text
Size: 40KB - Virtual size: 39KB

.rsrc
Size: 1024B - Virtual size: 992B

.reloc
Size: 512B - Virtual size: 12B