Trojan.MSIL.Agent.ASC
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Popularity Rank: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Popularity Rank: | 2,832 |
| Threat Level: | 80 % (High) |
| Infected Computers: | 589 |
| First Seen: | October 24, 2022 |
| Last Seen: | April 16, 2026 |
| OS(es) Affected: | Windows |
Table of Contents
Analysis Report
General information
| Family Name: | Trojan.MSIL.Agent.ASC |
|---|---|
| Signature status: | No Signature |
Known Samples
Known Samples
This section lists other file samples believed to be associated with this family.|
MD5:
512fba0e45bdaff7751e98259b7fc60a
SHA1:
12a3c8467085c6d88cf0b8b2978ddb6de964ec23
SHA256:
A89F0597DC16911AF7F6A65A7873C1B8550167D4F56BA21998DF6896A721F5CF
File Size:
22.02 KB, 22016 bytes
|
|
MD5:
b1b1821e0c0602bc0b105ac1adec9ee5
SHA1:
ecb99f5bda33984335b2104f15492e72bd46db56
SHA256:
F0531D00E82BCFC5751B212F4E95758767F84980E35FD09338122974D62202C5
File Size:
23.04 KB, 23040 bytes
|
|
MD5:
8375f3c68fa79586de08ffb9911cf4cd
SHA1:
b0311d1af17a98518dc5c21c0f5921114e6a5933
SHA256:
AE7CF1B2C3DDAA272B55BD74642983AE80EC85CBEDD75E4AD00C4EE139E1E90D
File Size:
15.36 KB, 15360 bytes
|
|
MD5:
991ffadefc1da0f8880bfc37cae80701
SHA1:
0275792a4641da67f1684ae3bd623fad0588dcd9
SHA256:
B83E59449D17A5A51181669BE0F227951EADF690AF37B567A39D3905E1E931C8
File Size:
57.34 KB, 57344 bytes
|
|
MD5:
061c00d5a89797def413c44de2d352d1
SHA1:
bd68db8f43488a3ee19d13c5bc2508ba9113078f
SHA256:
172742ACA117A40A3C3C03D557372B49A12959053EAEFF3C2CA13A7AFCE6E878
File Size:
61.44 KB, 61440 bytes
|
Show More
|
MD5:
602667f226480679a4f66676dccb1754
SHA1:
31cd67fb5f26468eb0bd9fd15d48e45c66875bfe
SHA256:
571627356B6219D116805974345693B90EF5301917F9681FC4DAA34E2B781B53
File Size:
11.26 KB, 11264 bytes
|
|
MD5:
e756ef8191a753b973ae15217cf17a1b
SHA1:
637fcdbc9ccd833827ef2a9284f71a0884d81739
SHA256:
1061A8B8F308AB59EB120823FEE57D20EE5A2DEDE1D5E7CFAFA104D17A8EFEE2
File Size:
24.06 KB, 24064 bytes
|
|
MD5:
9a73f73f2ab3ce39eb27f64d76153531
SHA1:
00bde344a7def67f0b06a61070daaad7cd181458
SHA256:
59349BD42733B478B402B4F9386583746BFF01960ADA6AF3F88E6E21C0E5279E
File Size:
71.68 KB, 71680 bytes
|
|
MD5:
ca09108b5c119b226a86b97c6d62a893
SHA1:
b87e3f2fdbcd9e00dba5321fc9cd367d92a95ce3
SHA256:
6E32B2D2A1DAA7394E824B2E0D13426095C0200F91C388DB7D0D48FFA7D458AF
File Size:
50.18 KB, 50176 bytes
|
|
MD5:
cb1654f97f6f8ecb620ef25981d4528b
SHA1:
064c9bd804bf9802dfe2eb881d860de3d74cc632
SHA256:
44C102E5D468985C50D1BBC290DB22C9371EC0F7DCF726D0BF3B19390120DB04
File Size:
198.14 KB, 198144 bytes
|
|
MD5:
cd913da9047bb2a2ea48d6a79f57e29d
SHA1:
13a6fd48b4d6d271b9de1b1407f50d10b7ba1218
SHA256:
6A919AD74C14870B1AB5888FA7A96C74ECC2AF1A1BBBB8E7E6E3F267D3B33D3D
File Size:
14.34 KB, 14336 bytes
|
|
MD5:
0ec80c2c82fda27d8cb43906920929be
SHA1:
b31edf236e8e8ffa1ae34a73e7f7b0409cc6337c
SHA256:
D85847904CFEA208EFD890FDE54F940F9186899B374F240394E4F6A0031937F8
File Size:
32.77 KB, 32768 bytes
|
|
MD5:
445ccab5cdb970bbce878bbb989c374f
SHA1:
6c5ceaacf8532b9dfc94a3c8ee946f25f0a47ebc
SHA256:
A67ECDB70C3558435BBDC9B4CAD63DB4024255B3A95A8107E3A66876E16EE8C3
File Size:
391.17 KB, 391168 bytes
|
Windows Portable Executable Attributes
- File doesn't have "Rich" header
- File doesn't have exports table
- File doesn't have security information
- File is .NET application
- File is 32-bit executable
- File is console application (IMAGE_SUBSYSTEM_WINDOWS_CUI)
- File is either console or GUI application
- File is not packed
- IMAGE_FILE_DLL is not set inside PE header (Executable)
- IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)
Windows PE Version Information
Windows PE Version Information
This section displays values and attributes that have been set in the Windows file version information data structure for samples within this family. To mislead users, malware actors often add fake version information mimicking legitimate software.| Name | Value |
|---|---|
| Assembly Version | 0.0.0.0 |
| File Version | 0.0.0.0 |
| Internal Name |
|
| Original Filename |
|
| Product Version | 0.0.0.0 |
File Traits
- .NET
- dll
- x86
Block Information
Block Information
During analysis, EnigmaSoft breaks file samples into logical blocks for classification and comparison with other samples. Blocks can be used to generate malware detection rules and to group file samples into families based on shared source code, functionality and other distinguishing attributes and characteristics. This section lists a summary of this block data, as well as its classification by EnigmaSoft. A visual representation of the block data is also displayed, where available.| Total Blocks: | 616 |
|---|---|
| Potentially Malicious Blocks: | 399 |
| Whitelisted Blocks: | 65 |
| Unknown Blocks: | 152 |
Visual Map
x
0
0
x
x
x
x
x
x
x
x
x
x
x
x
x
0
0
x
0
0
x
x
x
0
x
x
x
x
x
0
0
x
0
0
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
?
x
x
0
0
x
0
0
?
x
x
0
?
x
x
x
x
x
?
x
?
?
x
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
?
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
?
x
?
x
?
?
x
x
?
x
x
?
x
x
?
x
?
?
x
x
?
x
x
?
x
x
?
x
x
?
x
x
?
x
?
x
x
?
?
x
?
0
?
x
?
x
?
x
?
x
?
x
?
?
x
x
0
0
x
0
0
?
x
x
0
x
x
x
x
x
x
x
0
0
x
0
0
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
?
x
x
0
0
x
0
0
0
?
x
x
x
x
x
x
x
?
x
x
x
0
0
0
x
0
0
?
x
x
0
?
x
?
x
x
x
?
x
x
x
?
x
?
x
?
x
?
x
?
x
?
x
?
x
?
x
?
x
?
x
x
x
?
x
?
?
x
x
0
0
0
0
0
0
0
0
0
0
0
0
0
x
0
0
x
x
x
0
x
x
x
x
x
0
0
x
0
0
x
x
x
0
?
x
?
x
x
x
?
x
?
x
x
x
?
x
?
x
?
x
?
x
x
x
?
x
?
?
x
x
0
0
x
0
0
x
x
x
0
x
x
x
x
x
0
0
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block
? - Unknown Block
x - Potentially Malicious Block
Windows API Usage
Windows API Usage
This section lists Windows API calls that are used by the samples in this family. Windows API usage analysis is a valuable tool that can help identify malicious activity, such as keylogging, security privilege escalation, data encryption, data exfiltration, interference with antivirus software, and network request manipulation.| Category | API |
|---|---|
| Syscall Use |
Show More
|
