popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name dc68d2d9f0548144_VPNAgentService_9f81a90523364bc5934cfc197f6a4689.lnk
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\VPNAgentService_9f81a90523364bc5934cfc197f6a4689.lnk
Size 1.1KB
Processes 2552 (66f6995655161_GoogleUpdater.exe) 2720 (VPNAgentService.exe)
Type MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Sun Sep 29 17:19:22 2024, mtime=Sun Sep 29 17:19:22 2024, atime=Mon Sep 26 19:48:00 2022, length=27136, window=hide
MD5 bedc1dd7fb610e192059fd334c55ba4a
SHA1 71a3a5392d4670483f6ff20ecacc62000eb341c6
SHA256 dc68d2d9f0548144ef5c53770656a112f3212d567382b6af12d5aa6a35a8d0a7
CRC32 F9789F6A
ssdeep 12:8AycG4cZCrR8EvSWMlR+/lDg/pKNrcBA16VCizCCOLML1yvXE1vQyawua4t2YLEi:8msERdglR8uac1zNRZaXEFm6PyoiliK
Yara
  • lnk_file_format - Microsoft Windows Shortcut File Format
  • Lnk_Format_Zero - LNK Format
VirusTotal Search for analysis
Name 932e0184008dd5a7_VPNAgentService.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\LSMD\VPNAgentService.exe
Size 26.5KB
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 f19c11a58219d9abea718193816c24f4
SHA1 efe806ec27471e15db1178bb8c245ccfd53e1bac
SHA256 932e0184008dd5a70adcdc725d0bc3cb80f3878df48ae8bff9e85cb9c2716f58
CRC32 8F4EA46F
ssdeep 768:a2bBsdP5J1kKjvMKxic+cvPgdTst9Ccq5eQBk7Sn5:alP5NMKxasoUUc+ISn5
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • Is_DotNET_EXE - (no description)
  • IsPE32 - (no description)
VirusTotal Search for analysis
Name 1784df754eea92c0_VPNAgentService_c764aa8a52bf42469a9f57bb3223fe40.lnk
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\VPNAgentService_c764aa8a52bf42469a9f57bb3223fe40.lnk
Size 1.1KB
Processes 2720 (VPNAgentService.exe)
Type MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Sun Sep 29 17:19:22 2024, mtime=Sun Sep 29 17:19:22 2024, atime=Mon Sep 26 19:48:00 2022, length=27136, window=hide
MD5 f59861222cc5a3fce23b73f1f078c1cb
SHA1 5a776fe02fa6c7ac62c60e0e22c59b16751a629b
SHA256 1784df754eea92c07f76db7050e8e1ddd99d3e7067de16fe4d3eacd9d3874a28
CRC32 9907306A
ssdeep 12:8AycG4cZCrR8EvSWMlR+/GoDg/EFrcBA16VCizCCOLML1yvXE1vQyawua4t2YLEi:8msERdglRLo3Jc1zNRZaXEFm6PyoiliK
Yara
  • lnk_file_format - Microsoft Windows Shortcut File Format
  • Lnk_Format_Zero - LNK Format
VirusTotal Search for analysis