Dropped Files | ZeroBOX
Name 24efbb21f68a0de0_VPNAgentService.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\LSMD\VPNAgentService.exe
Size 26.5KB
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 dcdb897d2801402f78c645729cbde7ca
SHA1 f79925dbb1b132647265ee0033f68918b9f23b7f
SHA256 24efbb21f68a0de095014daeb300879df8428847a1e9586b8e62a54e4e548d99
CRC32 6800D96B
ssdeep 768:xrbBRXZPJ/kOjWMKzUq7cvPgCohb9CcqJlSa5:xjZPiMKzLsHo5UcISa5
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • Is_DotNET_EXE - (no description)
  • IsPE32 - (no description)
VirusTotal Search for analysis
Name 20506d0435b159a9_VPNAgentService_9f81a90523364bc5934cfc197f6a4689.lnk
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\VPNAgentService_9f81a90523364bc5934cfc197f6a4689.lnk
Size 1.1KB
Processes 2552 (GoogleUpdater.exe) 2716 (VPNAgentService.exe)
Type MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Sun Sep 29 15:25:47 2024, mtime=Sun Sep 29 15:25:47 2024, atime=Mon Sep 26 19:48:00 2022, length=27136, window=hide
MD5 110099bc301e982d0519d9189d78ed36
SHA1 d99f08d34edd4b96848bcbcf8c3c01c189c2d385
SHA256 20506d0435b159a9fea302be68decbc1e3eea647b75235d2730318e46d60539b
CRC32 7A48A974
ssdeep 12:8ANnycG4cZCrR8EvSWMlR+/5Tg/3BtprcY6VCizCCOLML1yvXE1vQyawua4t2YLd:8UsERdglRBHcDzNRZaXEFm6PyoiliK
Yara
  • lnk_file_format - Microsoft Windows Shortcut File Format
  • Lnk_Format_Zero - LNK Format
VirusTotal Search for analysis