popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

neverban_zBbnJe.vbs

  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6403_us Sept. 26, 2023, 6:16 p.m. Sept. 26, 2023, 6:18 p.m.
Size 1.6KB
Type ASCII text, with very long lines, with CRLF line terminators
MD5 08cbb6ece8ee6238c20a24691b0c6855
SHA256 7b83d3665f2829f45f8df4ff87b8adc3bc62b6c617df1184c795d61015d40cd3
CRC32 A9E78A66
ssdeep 24:6ULiOERxpeuowwS+cVAgrs0vhcqR0xuJhEvIr+LpswiQ4jvel/CPcXcTScdw:6e1EFp7TzNrZhJR0xuAJiQIYKDhw
Yara None matched

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
66.42.63.27 Active Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

host 66.42.63.27
Time & API Arguments Status Return Repeated

WSASend

 buffer: POST /wztvqgsw HTTP/1.1 Connection: Keep-Alive Accept: */* User-Agent: Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) Content-Length: 0 Host: 66.42.63.27:2351
socket: 500
0 0
ESET-NOD32 a variant of Generik.FRLABCZ
TrendMicro-HouseCall Trojan.JS.DARKGATE.YXDITZ
Avast Script:SNH-gen [Trj]
TrendMicro Trojan.JS.DARKGATE.YXDITZ
Ikarus Trojan.SuspectCRC
Microsoft Trojan:Script/Wacatac.B!ml
Google Detected
Rising Trojan.Undefined!8.1327C (TOPIS:E0:qW3ulbDPjXU)
Fortinet VBS/Agent.SJR!tr.dldr
AVG Script:SNH-gen [Trj]
Time & API Arguments Status Return Repeated

WSASend

 buffer: POST /wztvqgsw HTTP/1.1 Connection: Keep-Alive Accept: */* User-Agent: Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) Content-Length: 0 Host: 66.42.63.27:2351
socket: 500
0 0