0xToxin/BlackRock_KLBanker_strings.py

## BlackRock_KLBanker_strings.py
import malduck, base64
stringsArr = ["l6PjPku2W0NahCbd36HRrMt3OvjY3svw1l1VAr63795ZSuvoliYrT76jhbTr4DE8", "4WRsAYF5K2xRj+RDB0sKxkw/o2ydLwGi6hIsHroFCdSiRcRHYtZnvb0vCwvSX/gZZm0XrYdyIRihnH0golgTnw==", "kmzDkgXFNZdRuTuEfEqezXxHNC1Rwm0b4ue46PIMCepKi1QIqIq7E2+SGtocFtO8", "6R8tAX5y2sTw3n3BbYUlkjyTeUc5Ofw54meqCSi4mH+9ZYfEB2131KxLGdN69eJK", "Jr6UMUJ0YhXKRkEIpLCp24bTPyxnJWdtVXhOC7+0AyWQWTSPZjyonsULOO2ZOWF/", "xGJJoWLWFMxSxoB8htqGOmYX/TMOIA7Bzko0YYF5Y9EhBvslJyDCKS/rwfro++UP", "SC2owWo4MmTJBghMVtfnpRbs8+qH52p4DmwW3eIP6czxHpW5sHkepVpqH6Gbrahj", "ZfRqRkS4CHiLOSm7xkYtAOZnOtCJ0PUrE0LtPXqgMk3caiFq5kvaQaEnMn9JJVK2", "NEbscDY49aJvF7kL06jKIDFb9jj1YlLzMyWZMl544mrTzoKm+lGEDBWdryGyQrHR", "ojKSz0v47RFdKwl9S6O1zHupe7ZenfrEAR/9rgOrwHwmYNOslKo3MjFCDs9DPNuY","Y4HSgrFfpnLhMfKBVsjyPZD0QPwUKKbg6dWnoqwo5G8E2KM+5S+UyNU/P8conXK4", "EDZYNxVIULdr5D3RKLvWJwjhhmvR8xT4v0KfwrYiSwA54E+o1hpLK2Wk0BIQbwEb", "I0gpZ9ePYvBLfpMhjUvizL3CYp5lh1y9AnM30RW7o0zh4qjMMq0Q/bxLWkR7B7e5", "oR9rs61M+SrQkpnQ21S5AnRhHz3eyDk8Sti9cABB8/gkAfaAEWRg/DY9kOcJDuHv", "Y2U8u7XAzFit5tRfU6k+J1Tly24fOkdY5AP9h/ZcddjjeWMiCUc0CIx+vT0iThqi", "ADRXpeRJ0Go792tm1wFmjzRpjV57GtTCTtFVH5ghhEzs1yg5Xofgus1yuQW0CiWw", "cJDOHLCTjf24Jgs5Y1IUCYNi6+lXWkBNpj3ZVvQGD2qyA+2wYC3JjigbYSNfx3hH", "0wpj5CyqQFhKEDXNX+JPFeeJGwz/rrnMhyTOxVlrDLKExhNznTMpoweEybQUO/+L", "o5WjObAZIsCheDZxCM5K35WxHT7Aq5v6MXvB110PKM4vpQgv9gHVZ01exJGxRJft", "an+k0weN81R+ZNwHqbZ638dKvt9uoYHXNei5gCvKgw7U+CspiBymR2iBepMmo43Z","m9osFZaxh+LNeZskFbmY42mj/M9/78dsw0Y09dnlmvQHNsIc7JIoiUUFgKq1+yXp", "Q/dZKbn6naMkn2IKZgWOXvQKIH0CSHirW9WBvHaGEB8UoqRisrDVAqX59eTwYgBq", "RpN4ffLfJHFKjIhmwSPOZq0RBaVgxL82LFwbNfl0OrhN2EI6I/l+U5jMf3xSzRcO", "YSY5tyT3SyHua5uwPAHId5fOcw1DjEYD+s03PaXNtOBddzINvH4y6a4Ccpir8G1I", "KgWQNMv3MNumbovOfgAxdEFboi02m/aBOHzDdF6Blp40pCpFfIKccL30WU8cFI0L", "j15ZlelHRT7uS9JfkG8JHH2z4EZvGmfIh5/4+eGgwpipK5jxZuVr3IP+EjC2cgtp", "/OnWeegeb+wv1a0rA7b0TIir+0Tmh/IPCUpaXH7YXYcSrqZG++h+PQYukhL3Ni0N", "GWphNHzF7mPIlfH9469EibgvEOc9Vyiqhsu9iQoE8Lo7MulqpC2UZxO5hAvKPgC/", "a99Y9Yl4Lujr9XNMm/9rZGcq91+OxugrEg7yBLEn4dL/hgdwm770b6L97h8k6UMr", "AT0b+8rEPXmxDBFm+gHxra4fg+5lOpDgUrrypUFaQQriV03hxNdmBo67PP3kjOUv","aFRO7DMPyARotPBGhVH9QYRtxEkunCUue01BuMHSL8P6KD8zJPT8c9bqCrxpmFVscMcFsp7fFtXvM1+kIdx7Xw==", "aFRO7DMPyARotPBGhVH9QYRtxEkunCUue01BuMHSL8P6KD8zJPT8c9bqCrxpmFVscMcFsp7fFtXvM1+kIdx7Xw==", "qh7JCRu6U5xLyPrGW510TeZJBdE9sJ1w6ZDiYtlU6xp4x+HCTK53f6HNpbr74MxVlQ/786Lt5lmdyEvbbYEr5yUYC07Fo9gqDf9B53BAMlKtWBD/oXTmWgWq/cwhtKIkmTERTkxr49oJxl+4MQt5E5oH3CYrF0+ixqhxss3QTkccZE6KgVeZdK4jJruk26MXH4csG02e0lIGK0HYsJgKOccjSxNOEdqUqZpVRki2W41Q8PMeekqY3i5cEyj+Meq/75bSLmaMIU0h68cT1CxyIvfqaG3NQOlBYDaNW4XT66skZnHkXXy97P+fHVSx/nl/wZDKLGYjiNsvqTP4M48+yo0qt8RGyY5gTekuDUkm9FYuow+rCxiu0uuS7z1zdgNfJwfctP+VoKU1iKADnQN3OgBSW0pcryYtUAyyl3kPEBZFfg82FJ9qru5UFFAEgSooBVfgCNuN+YwUwnXi2OsBcEaOMaV9f+CSxra8vceXsyrcPC1gD2AT+JGryCu0n21CQ57n6JymD6YyjL/GOEGzpYE06DTt5oHL8HHClxoJU5//P4n6lPnj+wZMq/kyn++vf7de02rHehqrbyGW6jfy/95oviQO759CNctkhpKBvJi9rroKLOPgwT4LRJC0MNCwD+J8QVomwZIl/SSFivvg6w==", "aUD356FC9+cSs6VxERHOXMBWdjLteHW8HuZcWd3MC2+ZAfBKw2slICSi9TdnByDgj/A7OWGBTIlP6Ye2A5dH5w==","rb0cc7ak/fHJoPiS0r9GgsrdynsSnlfPpVKOP5uzdlI=","rJjQIQncKN9tQX4eEsGyKsPAl4tImJDyC7TkuJ6Lz6pNse58O6roCStUZ1yYx3b8WtE8OimBW+RsLeB2eKafY6U9e2g5Qg/dpVMuAjo/lkuhCZ7vDE74EFyDu5ZTs1Dx","BcNQagZVZUeYtYn/VsEjRrb5YoR9FRg9NRJ3EmZWZ1Q=","eCJSqGmnWTl3B6lfrqYp3aUUEGg9qp14Iq8cD901w4U=","Ppb1QelPuWzhGKI2gscfvuknm+d9G3VuoDSqNMFzGOM=","+gifE1hJGOWXuUMx7WfH2fYsIGBVqEXw2s9yNaOPNic=","YQZe1w6nnrVpGi8RmMabGcUhoHEXXy72sF7WTTaCZnJhRQqGarwn4cz4aA+8iQy1","a5IsyQAn7MnNwxmaZyZnOuG4cau7JWA6jRui0WhkjqamCOHbObSADJHbgQVde6eJ","NTk54AoZdxy7tGCGVIP8u3GpslrLmAGuBsG7gpIZ12w=","oIgIjiNffKrZVgY4KTQQcHND4asIIjXdv1xSF97j87qXr+Q1IP9JF/nkpbMPDFN4","0Z7ESGlrRVuaAdls6bxPWsWvNhFs7/rdSuQaPqzp1ok=","yc4Dqqhr8uj1oCh6hLV912F7Gj4vE46tYms27AfFhYk=","/I/pzKYqAB+sMGF9VLm5Zhk3XlZpKO76SV6Xyj1Ztu0=","cy7uBB7iUpP8/KE44sOcBMf1GmjXdoF9jNXE5+C/jGTcOzq3y585ZGpIwqj7KPq9","tHLVTcHINsosx3yKKwe+bGz4DGGDIn3hTt2F1FjWHmI=","4ScCY9+Ht9nl5KDVOk/4neJYqRpnVWXtNzTO6sAros0=","d1Y1OeDKCiES1qUzin4E9+8OeHsLxL19eV/qmOap3W6uD8XEUBq+mfLjfwHZTrYMuubTq3WctxGqoCsi6asacw==","HB79ryJdJJRxDPAWzXS13pkYCamkZL6wUHwzaM0oYNU=","/XXgBIcZ9aAn6qvN8pqsW/o/dfux2u/icq5RRNQVa6E=","4paXTCxyykaIbj8qgmVuafQr0P9y85mbc+donIBQl38=","8vVfzbQP6sjI26SU6iwkVq0AypFVHshHBuIR8vyWq5Q=","2VqvsjATuskOfkOEkDpCb5T8NtDItUAmJrF8lTDAPZY=","jvQ1MLWrxohxTZR2LbriPSfrUAtYTaJW6mYyIncBCto=","4UmOpLykR1shvzK+f0I4ShG2Uhoc9ehDebVjFy/iUwQ=","iFjBgxx4VOc0odj+S6y6t0XDfe3ung9JZHsI+UPXMrLYJSYhK5IMmfPHG2rwMWXVc1cL3sldXfWS/7aUxadVTWVIY0uoCM9XLmPxIXYRZTs=","5jFsWYhsxxmVsnMGY55Q5Gk2n22pijzxAdmSKYwTnOIsUhtSkM+lk61YQLCmnUSKdfVED9Dl7dhW4mxM/cEKpTEfghEXW5Bs5k4B+ZlyruTMZmM+EgeoeO/mf9zbIsIAh9Fwz1yio1s+nFp9a4XeN6RiLIM4K9loA5q+nqzWFws=","89JK0eHepVt4puCkH5pt9cojJ4V/ufF+UYUIJBW6yVOgMdQ/IAOgpYLhqfMJGp5zZJkrtweKd4x0D2ttM4MUKvM8Edm2lTVy7GgAGF8VNBsEqmxk8GL2DyXeFPm72zMTYlM8Ic4kVI4UuWulYEYIbg==","uMQV84X1JXovdu5aH692s2t4AghznjZA+RrOm6iZbHU=","FQPSws9gDOtcDBZ4L6NKecj9zYuiAQxfi+sgh2GITJE=","3VGRiK7xFdTMgS4O226ZE20T9KN+Sc4dJQ+A5Bg++Jk=","KASjDQA7FcOTljmC0PVBUJnBNB7cburrVCK3df0fsdk=","j9jnXUDNxG7xO5IHRcE0qcII/7XiJafcpB6xf916dHu98/mp+Rd6OiA8hJFVQs1vliShXAnffiX7z+EVknY8qw==","v+hlJADEjgn9jcpoHkbXUG5mjUJz6hQT+QUHraRJzfw=","r66KVBltXCeaXQ65wc2C4RkPXfGw9+ZT56x7/I6476g=","Dg2GQUw+A4AOnguBvBcTjcjybiZkZWCOeuZoV3pyFdo=","eumjC6OGdvpXm1rLwKuNefOhcv/LE+gNIPx+1c1/xPI=","sC6zp6p0ui2QzFHKcfq6vYl6CZ3U2Vo7yW1LgKFTJ6Q="]

key = b'8521'

for string in stringsArr:
    md5Key = malduck.md5(key)
    b64Data = base64.b64decode(string)
    iv = b64Data[0:16]
    encData = b64Data[16:]
    decData = malduck.unpad(malduck.aes.cbc.decrypt(md5Key,iv,encData))
    print(decData.decode())


'''
OUTPUT:
aigodmoney009.access.ly
freelascdmx979.couchpotatofries.org
439mdxmex.damnserver.com
897midasgold.ddns.me
disrupmoney979.ditchyourip.com
kakarotomx.dnsfor.me
skigoldmex.dvrcam.info
i89bydzi.dynns.com
infintymexbrock.geekgalaxy.com
brockmex57.golffan.us
j1d3c3mex.homesecuritypc.com
myfunbmdablo99.hosthampster.com
irocketxmtm.hopto.me
hotdiamond777.loginto.me
imrpc7987bm.mmafan.biz
dmrpc77bm.myactivedirectory.com
jxjmrpc797bm.mydissent.net
askmrpc747bm.mymediapc.net
myinfintyme09.geekgalaxy.com
infintymex747.geekgalaxy.com
infintymexb.geekgalaxy.com
jinfintymexbr.geekgalaxy.com
minfintymexbr.geekgalaxy.com
cinfintymex.geekgalaxy.com
9mdxmex.damnserver.com
ikmidasgold.ddns.me
rexsrupmoney979.ditchyourip.com
kktkarotomx.dnsfor.me
megaskigoldmex.dvrcam.info
izt89bydzi.dynns.com
zeedinfintymexbrock.geekgalaxy.com
zeedinfintymexbrock.geekgalaxy.com
OFF|NAO|dia06mx.est-a-la-maison.com|8022|BIENVENIDOSALABANCAENLNEABBVAMXICO|BIENVENIDOSALABANCAENLNEABBVAMXICO|INDEXBBVANET|BBVANETCASH|SANTANDERMXICOSPARTEDELABANCAELECTRNICA|SANTANDERM|BANCOSANTANDERSGOO|BANCONACIONALDEMXICOCITIBANAMEX|BANCANETCITIBANAMEXCOM|BANAMEX|BANORTEELBANCOFUERTEDEMXICO|BANORTEELBANCOFUERTEDEMXICO|BINANCECORRETORADECRIPTOMOEDASPARABITCOINETHEREUMEALTCOINS|COMPREEVENDABITCOINRAPIDAMENTEPAXFUL|BITSOMSQUEUNEXCHANGEDECRIPTOUNASOLUCINCOMPLETA
Configurando las actualizaciones de Windows.
/
 completado. No apagues el equipo.Para no corromper su sistema operativo.
User
PC
Ligado
IP
Mensagem mostrada
_modal_win_update
_modal_inicial
_modal_Recorte_Tela
_modal_loading
modal_error
modal_tocalm
_blcoqueio_tempo_determinado
/s /t 0
shutdown
mailto:teste@teste.com?subject=teste&body=teste
{DOWN}
{UP}
{TAB}
http://
/16Psyche.txt
/kepler186f.txt
\\1.bat
cmd /min /C "set __COMPAT_LAYER=RUNASINVOKER && start "" %1"
cmd /min /C REG ADD "HKCU\Control Panel\Desktop" /v Win8DpiScaling /t REG_DWORD /d 0x00000001 /f
cmd /min /C REG ADD "HKCU\Control Panel\Desktop" /v LogPixels /t REG_DWORD /d 0x00000060 /f
taskmgr.exe
taskmgr
Magnifier
MagnifierWindow
http://cnt-blackrock.geekgalaxy.com
?op=
&us=
&nm=
&vs=
VisaoAPP
'''
	import malduck, base64
	stringsArr = ["l6PjPku2W0NahCbd36HRrMt3OvjY3svw1l1VAr63795ZSuvoliYrT76jhbTr4DE8", "4WRsAYF5K2xRj+RDB0sKxkw/o2ydLwGi6hIsHroFCdSiRcRHYtZnvb0vCwvSX/gZZm0XrYdyIRihnH0golgTnw==", "kmzDkgXFNZdRuTuEfEqezXxHNC1Rwm0b4ue46PIMCepKi1QIqIq7E2+SGtocFtO8", "6R8tAX5y2sTw3n3BbYUlkjyTeUc5Ofw54meqCSi4mH+9ZYfEB2131KxLGdN69eJK", "Jr6UMUJ0YhXKRkEIpLCp24bTPyxnJWdtVXhOC7+0AyWQWTSPZjyonsULOO2ZOWF/", "xGJJoWLWFMxSxoB8htqGOmYX/TMOIA7Bzko0YYF5Y9EhBvslJyDCKS/rwfro++UP", "SC2owWo4MmTJBghMVtfnpRbs8+qH52p4DmwW3eIP6czxHpW5sHkepVpqH6Gbrahj", "ZfRqRkS4CHiLOSm7xkYtAOZnOtCJ0PUrE0LtPXqgMk3caiFq5kvaQaEnMn9JJVK2", "NEbscDY49aJvF7kL06jKIDFb9jj1YlLzMyWZMl544mrTzoKm+lGEDBWdryGyQrHR", "ojKSz0v47RFdKwl9S6O1zHupe7ZenfrEAR/9rgOrwHwmYNOslKo3MjFCDs9DPNuY","Y4HSgrFfpnLhMfKBVsjyPZD0QPwUKKbg6dWnoqwo5G8E2KM+5S+UyNU/P8conXK4", "EDZYNxVIULdr5D3RKLvWJwjhhmvR8xT4v0KfwrYiSwA54E+o1hpLK2Wk0BIQbwEb", "I0gpZ9ePYvBLfpMhjUvizL3CYp5lh1y9AnM30RW7o0zh4qjMMq0Q/bxLWkR7B7e5", "oR9rs61M+SrQkpnQ21S5AnRhHz3eyDk8Sti9cABB8/gkAfaAEWRg/DY9kOcJDuHv", "Y2U8u7XAzFit5tRfU6k+J1Tly24fOkdY5AP9h/ZcddjjeWMiCUc0CIx+vT0iThqi", "ADRXpeRJ0Go792tm1wFmjzRpjV57GtTCTtFVH5ghhEzs1yg5Xofgus1yuQW0CiWw", "cJDOHLCTjf24Jgs5Y1IUCYNi6+lXWkBNpj3ZVvQGD2qyA+2wYC3JjigbYSNfx3hH", "0wpj5CyqQFhKEDXNX+JPFeeJGwz/rrnMhyTOxVlrDLKExhNznTMpoweEybQUO/+L", "o5WjObAZIsCheDZxCM5K35WxHT7Aq5v6MXvB110PKM4vpQgv9gHVZ01exJGxRJft", "an+k0weN81R+ZNwHqbZ638dKvt9uoYHXNei5gCvKgw7U+CspiBymR2iBepMmo43Z","m9osFZaxh+LNeZskFbmY42mj/M9/78dsw0Y09dnlmvQHNsIc7JIoiUUFgKq1+yXp", "Q/dZKbn6naMkn2IKZgWOXvQKIH0CSHirW9WBvHaGEB8UoqRisrDVAqX59eTwYgBq", "RpN4ffLfJHFKjIhmwSPOZq0RBaVgxL82LFwbNfl0OrhN2EI6I/l+U5jMf3xSzRcO", "YSY5tyT3SyHua5uwPAHId5fOcw1DjEYD+s03PaXNtOBddzINvH4y6a4Ccpir8G1I", "KgWQNMv3MNumbovOfgAxdEFboi02m/aBOHzDdF6Blp40pCpFfIKccL30WU8cFI0L", "j15ZlelHRT7uS9JfkG8JHH2z4EZvGmfIh5/4+eGgwpipK5jxZuVr3IP+EjC2cgtp", "/OnWeegeb+wv1a0rA7b0TIir+0Tmh/IPCUpaXH7YXYcSrqZG++h+PQYukhL3Ni0N", "GWphNHzF7mPIlfH9469EibgvEOc9Vyiqhsu9iQoE8Lo7MulqpC2UZxO5hAvKPgC/", "a99Y9Yl4Lujr9XNMm/9rZGcq91+OxugrEg7yBLEn4dL/hgdwm770b6L97h8k6UMr", "AT0b+8rEPXmxDBFm+gHxra4fg+5lOpDgUrrypUFaQQriV03hxNdmBo67PP3kjOUv","aFRO7DMPyARotPBGhVH9QYRtxEkunCUue01BuMHSL8P6KD8zJPT8c9bqCrxpmFVscMcFsp7fFtXvM1+kIdx7Xw==", "aFRO7DMPyARotPBGhVH9QYRtxEkunCUue01BuMHSL8P6KD8zJPT8c9bqCrxpmFVscMcFsp7fFtXvM1+kIdx7Xw==", "qh7JCRu6U5xLyPrGW510TeZJBdE9sJ1w6ZDiYtlU6xp4x+HCTK53f6HNpbr74MxVlQ/786Lt5lmdyEvbbYEr5yUYC07Fo9gqDf9B53BAMlKtWBD/oXTmWgWq/cwhtKIkmTERTkxr49oJxl+4MQt5E5oH3CYrF0+ixqhxss3QTkccZE6KgVeZdK4jJruk26MXH4csG02e0lIGK0HYsJgKOccjSxNOEdqUqZpVRki2W41Q8PMeekqY3i5cEyj+Meq/75bSLmaMIU0h68cT1CxyIvfqaG3NQOlBYDaNW4XT66skZnHkXXy97P+fHVSx/nl/wZDKLGYjiNsvqTP4M48+yo0qt8RGyY5gTekuDUkm9FYuow+rCxiu0uuS7z1zdgNfJwfctP+VoKU1iKADnQN3OgBSW0pcryYtUAyyl3kPEBZFfg82FJ9qru5UFFAEgSooBVfgCNuN+YwUwnXi2OsBcEaOMaV9f+CSxra8vceXsyrcPC1gD2AT+JGryCu0n21CQ57n6JymD6YyjL/GOEGzpYE06DTt5oHL8HHClxoJU5//P4n6lPnj+wZMq/kyn++vf7de02rHehqrbyGW6jfy/95oviQO759CNctkhpKBvJi9rroKLOPgwT4LRJC0MNCwD+J8QVomwZIl/SSFivvg6w==", "aUD356FC9+cSs6VxERHOXMBWdjLteHW8HuZcWd3MC2+ZAfBKw2slICSi9TdnByDgj/A7OWGBTIlP6Ye2A5dH5w==","rb0cc7ak/fHJoPiS0r9GgsrdynsSnlfPpVKOP5uzdlI=","rJjQIQncKN9tQX4eEsGyKsPAl4tImJDyC7TkuJ6Lz6pNse58O6roCStUZ1yYx3b8WtE8OimBW+RsLeB2eKafY6U9e2g5Qg/dpVMuAjo/lkuhCZ7vDE74EFyDu5ZTs1Dx","BcNQagZVZUeYtYn/VsEjRrb5YoR9FRg9NRJ3EmZWZ1Q=","eCJSqGmnWTl3B6lfrqYp3aUUEGg9qp14Iq8cD901w4U=","Ppb1QelPuWzhGKI2gscfvuknm+d9G3VuoDSqNMFzGOM=","+gifE1hJGOWXuUMx7WfH2fYsIGBVqEXw2s9yNaOPNic=","YQZe1w6nnrVpGi8RmMabGcUhoHEXXy72sF7WTTaCZnJhRQqGarwn4cz4aA+8iQy1","a5IsyQAn7MnNwxmaZyZnOuG4cau7JWA6jRui0WhkjqamCOHbObSADJHbgQVde6eJ","NTk54AoZdxy7tGCGVIP8u3GpslrLmAGuBsG7gpIZ12w=","oIgIjiNffKrZVgY4KTQQcHND4asIIjXdv1xSF97j87qXr+Q1IP9JF/nkpbMPDFN4","0Z7ESGlrRVuaAdls6bxPWsWvNhFs7/rdSuQaPqzp1ok=","yc4Dqqhr8uj1oCh6hLV912F7Gj4vE46tYms27AfFhYk=","/I/pzKYqAB+sMGF9VLm5Zhk3XlZpKO76SV6Xyj1Ztu0=","cy7uBB7iUpP8/KE44sOcBMf1GmjXdoF9jNXE5+C/jGTcOzq3y585ZGpIwqj7KPq9","tHLVTcHINsosx3yKKwe+bGz4DGGDIn3hTt2F1FjWHmI=","4ScCY9+Ht9nl5KDVOk/4neJYqRpnVWXtNzTO6sAros0=","d1Y1OeDKCiES1qUzin4E9+8OeHsLxL19eV/qmOap3W6uD8XEUBq+mfLjfwHZTrYMuubTq3WctxGqoCsi6asacw==","HB79ryJdJJRxDPAWzXS13pkYCamkZL6wUHwzaM0oYNU=","/XXgBIcZ9aAn6qvN8pqsW/o/dfux2u/icq5RRNQVa6E=","4paXTCxyykaIbj8qgmVuafQr0P9y85mbc+donIBQl38=","8vVfzbQP6sjI26SU6iwkVq0AypFVHshHBuIR8vyWq5Q=","2VqvsjATuskOfkOEkDpCb5T8NtDItUAmJrF8lTDAPZY=","jvQ1MLWrxohxTZR2LbriPSfrUAtYTaJW6mYyIncBCto=","4UmOpLykR1shvzK+f0I4ShG2Uhoc9ehDebVjFy/iUwQ=","iFjBgxx4VOc0odj+S6y6t0XDfe3ung9JZHsI+UPXMrLYJSYhK5IMmfPHG2rwMWXVc1cL3sldXfWS/7aUxadVTWVIY0uoCM9XLmPxIXYRZTs=","5jFsWYhsxxmVsnMGY55Q5Gk2n22pijzxAdmSKYwTnOIsUhtSkM+lk61YQLCmnUSKdfVED9Dl7dhW4mxM/cEKpTEfghEXW5Bs5k4B+ZlyruTMZmM+EgeoeO/mf9zbIsIAh9Fwz1yio1s+nFp9a4XeN6RiLIM4K9loA5q+nqzWFws=","89JK0eHepVt4puCkH5pt9cojJ4V/ufF+UYUIJBW6yVOgMdQ/IAOgpYLhqfMJGp5zZJkrtweKd4x0D2ttM4MUKvM8Edm2lTVy7GgAGF8VNBsEqmxk8GL2DyXeFPm72zMTYlM8Ic4kVI4UuWulYEYIbg==","uMQV84X1JXovdu5aH692s2t4AghznjZA+RrOm6iZbHU=","FQPSws9gDOtcDBZ4L6NKecj9zYuiAQxfi+sgh2GITJE=","3VGRiK7xFdTMgS4O226ZE20T9KN+Sc4dJQ+A5Bg++Jk=","KASjDQA7FcOTljmC0PVBUJnBNB7cburrVCK3df0fsdk=","j9jnXUDNxG7xO5IHRcE0qcII/7XiJafcpB6xf916dHu98/mp+Rd6OiA8hJFVQs1vliShXAnffiX7z+EVknY8qw==","v+hlJADEjgn9jcpoHkbXUG5mjUJz6hQT+QUHraRJzfw=","r66KVBltXCeaXQ65wc2C4RkPXfGw9+ZT56x7/I6476g=","Dg2GQUw+A4AOnguBvBcTjcjybiZkZWCOeuZoV3pyFdo=","eumjC6OGdvpXm1rLwKuNefOhcv/LE+gNIPx+1c1/xPI=","sC6zp6p0ui2QzFHKcfq6vYl6CZ3U2Vo7yW1LgKFTJ6Q="]

	key = b'8521'

	for string in stringsArr:
	md5Key = malduck.md5(key)
	b64Data = base64.b64decode(string)
	iv = b64Data[0:16]
	encData = b64Data[16:]
	decData = malduck.unpad(malduck.aes.cbc.decrypt(md5Key,iv,encData))
	print(decData.decode())


	'''
	OUTPUT:
	aigodmoney009.access.ly
	freelascdmx979.couchpotatofries.org
	439mdxmex.damnserver.com
	897midasgold.ddns.me
	disrupmoney979.ditchyourip.com
	kakarotomx.dnsfor.me
	skigoldmex.dvrcam.info
	i89bydzi.dynns.com
	infintymexbrock.geekgalaxy.com
	brockmex57.golffan.us
	j1d3c3mex.homesecuritypc.com
	myfunbmdablo99.hosthampster.com
	irocketxmtm.hopto.me
	hotdiamond777.loginto.me
	imrpc7987bm.mmafan.biz
	dmrpc77bm.myactivedirectory.com
	jxjmrpc797bm.mydissent.net
	askmrpc747bm.mymediapc.net
	myinfintyme09.geekgalaxy.com
	infintymex747.geekgalaxy.com
	infintymexb.geekgalaxy.com
	jinfintymexbr.geekgalaxy.com
	minfintymexbr.geekgalaxy.com
	cinfintymex.geekgalaxy.com
	9mdxmex.damnserver.com
	ikmidasgold.ddns.me
	rexsrupmoney979.ditchyourip.com
	kktkarotomx.dnsfor.me
	megaskigoldmex.dvrcam.info
	izt89bydzi.dynns.com
	zeedinfintymexbrock.geekgalaxy.com
	zeedinfintymexbrock.geekgalaxy.com
	OFF\|NAO\|dia06mx.est-a-la-maison.com\|8022\|BIENVENIDOSALABANCAENLNEABBVAMXICO\|BIENVENIDOSALABANCAENLNEABBVAMXICO\|INDEXBBVANET\|BBVANETCASH\|SANTANDERMXICOSPARTEDELABANCAELECTRNICA\|SANTANDERM\|BANCOSANTANDERSGOO\|BANCONACIONALDEMXICOCITIBANAMEX\|BANCANETCITIBANAMEXCOM\|BANAMEX\|BANORTEELBANCOFUERTEDEMXICO\|BANORTEELBANCOFUERTEDEMXICO\|BINANCECORRETORADECRIPTOMOEDASPARABITCOINETHEREUMEALTCOINS\|COMPREEVENDABITCOINRAPIDAMENTEPAXFUL\|BITSOMSQUEUNEXCHANGEDECRIPTOUNASOLUCINCOMPLETA
	Configurando las actualizaciones de Windows.
	/
	completado. No apagues el equipo.Para no corromper su sistema operativo.
	User
	PC
	Ligado
	IP
	Mensagem mostrada
	_modal_win_update
	_modal_inicial
	_modal_Recorte_Tela
	_modal_loading
	modal_error
	modal_tocalm
	_blcoqueio_tempo_determinado
	/s /t 0
	shutdown
	mailto:teste@teste.com?subject=teste&body=teste
	{DOWN}
	{UP}
	{TAB}
	http://
	/16Psyche.txt
	/kepler186f.txt
	\\1.bat
	cmd /min /C "set __COMPAT_LAYER=RUNASINVOKER && start "" %1"
	cmd /min /C REG ADD "HKCU\Control Panel\Desktop" /v Win8DpiScaling /t REG_DWORD /d 0x00000001 /f
	cmd /min /C REG ADD "HKCU\Control Panel\Desktop" /v LogPixels /t REG_DWORD /d 0x00000060 /f
	taskmgr.exe
	taskmgr
	Magnifier
	MagnifierWindow
	http://cnt-blackrock.geekgalaxy.com
	?op=
	&us=
	&nm=
	&vs=
	VisaoAPP
	'''