Dropped Files | ZeroBOX
Name 755405630b02a675_nratnew.exe.lnk
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NRATNew.exe.lnk
Size 945.0B
Processes 2552 (NRATNew.exe)
Type MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Read-Only, Hidden, System, ctime=Thu Mar 23 00:22:09 2023, mtime=Thu Mar 23 00:22:09 2023, atime=Thu Mar 23 00:22:10 2023, length=65536, window=hide
MD5 401b90746d86deb38af161741a028951
SHA1 9b84b8192138535a2619eae3be20d20ee5fe1ae7
SHA256 755405630b02a6751aa73b1a4e03861ab3478c3678f960901b2a7de78eb6a5dc
CRC32 C812481C
ssdeep 12:8imfsMR4cZCrR8EvSWp8RctHMCl0izCCOLMcgH11XWawu0cf/kJxo4t2YLEPKzlb:8HesERdd8Rc5VzNRDVRlMoPyoiliK
Yara
  • Lnk_Format_Zero - LNK Format
VirusTotal Search for analysis
Name 3efee23e06297968_nratnew.exe
Submit file
Filepath C:\Users\test22\AppData\Local\NRATNew.exe
Size 64.0KB
Processes 2552 (NRATNew.exe)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 ca6a4db4964f4475bed525178ad92f0c
SHA1 66eb56d69006dd3df2ae8aef566bd8a7f70a0cb1
SHA256 3efee23e062979685c1efb87ef9c739630c4da1e7a7ad22e8c45da66ad0f4b3c
CRC32 C1D7A6AC
ssdeep 1536:ih3HaMmkefuYjsDAiENQVseNbIB2Cdoo:i3GNjsD8YNOtCo
Yara
  • Is_DotNET_EXE - (no description)
  • Malicious_Packer_Zero - Malicious Packer
  • Win_Backdoor_AsyncRAT_Zero - Win Backdoor AsyncRAT
  • IsPE32 - (no description)
  • PE_Header_Zero - PE File Signature
VirusTotal Search for analysis