It is not a piece of software you should have on your system. If you've found this on a computer or network, it is a strong indicator of an active security breach. What it does

Look for unauthorized RDP logins or the creation of new local accounts (often done via netplwiz ).

It scans the network to find shared folders, drives, and other connected devices.

They deploy tools like 5-NS new.exe , KPortScan , and Advanced Port Scanner to map out the environment.

Are you seeing this file name on a or a corporate network ? Phobos ransomware - Dark Lab

Disconnect the infected host from the internet and the local network immediately to stop the scanner from finding other targets.