Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
04.26 02:04
file.exe
04.26 02:04
unindictedEb7l.ps1
04.26 02:04
32ja.exe
04.26 02:04
upx.exe
04.26 02:04
svcstealer.exe
04.26 02:04
fcc.exe
04.26 02:04
untippedhi.exe
04.26 02:04
sd4.ps1
04.26 09:04
228516-0.xml
04.26 05:04
crt.sh _ 17871143715.html

Latest News
04.26 06:04
Is Detection Engineeri...
04.26 06:04
Cyber-Bedrohungen: Sec...
04.26 05:04
Threat Hunting: For wh...
04.26 05:04
Tactical Tuning by Com...
04.26 05:04
Detection Engineering ...
04.26 05:04
Amazing Oscilloscope D...
04.26 04:04
Steganography Analysis...
04.26 02:04
European Universities ...
04.26 02:04
2025년 정보보호 및 개인정보보호 관리...
04.26 02:04
RP2040 Spins Right ‘Ro...

Summary | ZeroBOX

ClassLibrary1.dll

AsyncRAT PE32 .NET DLL PE File DLL

Category	Machine	Started	Completed
FILE	s1_win7_x6402	June 1, 2021, 1:25 p.m.	June 1, 2021, 1:26 p.m.

Size	61.5KB
Type	PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
MD5	`be12adb79c30513a8a6eee55be2cae12`
SHA256	`64b5682cba9ccfe1c7e2d8eefcccb8aa42097633905e18191a5590d17cdffd45`
CRC32	`99AE2868`
ssdeep	`768:TjBmgXiFngfp6egyKeY3kNH+QUrdtE/PO+qcHe4MUvE4p2obUN74MjwNCd06U1h1:nXy9gB6eR5Ys6rXwx1hVT+WY/LgP`
Yara	Win_Backdoor_AsyncRAT_Zero - Win Backdoor AsyncRAT PE_Header_Zero - PE File Signature IsDLL - (no description) Is_DotNET_DLL - (no description) IsPE32 - (no description)

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

File has been identified by 4 AntiVirus engines on VirusTotal as malicious (4 events)

CrowdStrike	win/malicious_confidence_60% (W)
Alibaba	TrojanSpy:Win32/Downloader.f7048ec8
APEX	Malicious
Ikarus	Trojan-Spy.MassLogger