Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6402	Sept. 11, 2024, 10:09 a.m.	Sept. 11, 2024, 10:11 a.m.

Size	14.5KB
Type	ASCII text, with CRLF line terminators
MD5	`a5a98320f9ac5232423dbde020b8af40`
SHA256	`cb6c92921e3bc58250684d6bd5dda9b92d22917f2d5e7b137c9694907309e986`
CRC32	`7FEDB504`
ssdeep	`384:40JkjQ0eWgc1pVR8YSwSPJmxNSiMFpWRD:fGjQ0e21pf8SmW28`
Yara	None matched

wscript.exe "C:\Windows\System32\wscript.exe" C:\Users\test22\AppData\Local\Temp\scan_documet_027839.vbs
3044

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
164.124.101.2	Active	Moloch

No Suricata Alerts

No Suricata TLS

Time & API	Arguments	Status	Return	Repeated
GetComputerNameW Sept. 11, 2024, 10:09 a.m.	computer_name: TEST22-PC	1	1	0

ALYac	Trojan.GenericKD.74048014
VIPRE	Trojan.GenericKD.74048014
Arcabit	Trojan.Generic.D469E20E
Symantec	Scr.Malcode!gen102
ESET-NOD32	PowerShell/TrojanDownloader.Agent.HLI
TrendMicro-HouseCall	Backdoor.VBS.REMCOS.YXEIIZ
Avast	Script:SNH-gen [Trj]
Kaspersky	HEUR:Trojan.Script.Generic
BitDefender	Trojan.GenericKD.74048014
NANO-Antivirus	Trojan.Script.ExpKit.ewethy
MicroWorld-eScan	Trojan.GenericKD.74048014
Rising	Trojan.Obfus/JS!1.10268 (CLASSIC)
Emsisoft	Trojan.GenericKD.74048014 (B)
DrWeb	Trojan.DownLoader47.36028
TrendMicro	Backdoor.VBS.REMCOS.YXEIIZ
FireEye	Trojan.GenericKD.74048014
Sophos	Mal/VBSObfs-A
Ikarus	Trojan-Downloader.PowerShell.Agent
Google	Detected
MAX	malware (ai score=87)
Gridinsoft	Trojan.U.Remcos.tr
Microsoft	Trojan:Win32/Leonem
GData	Trojan.GenericKD.74048014
Varist	VBS/Agent.BQO
Tencent	Win32.Trojan-Downloader.Downloader.Kcnw
huorong	Trojan/VBS.GuLoader.ar
Fortinet	VBS/Agent.AF40!tr
AVG	Script:SNH-gen [Trj]

scan_documet_027839.vbs