Created
November 23, 2012 04:27
-
-
Save deadbits/4134004 to your computer and use it in GitHub Desktop.
malware strings with (most) junk removed
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
GET ^&&%$%$^%$#^&**(*((&*^%$##$%^&*(*&^%$%^&*.htmGET ^*%%RTG*(&^%FTGYHJIJ%^&*()*&*^&%RDFG(JKJH.aspGET *(&*^TGH*JIHG^&*(&^%*(*)OK)(*&^%$EDRGF%&^.htmlGET ^&&%$%$^%$#^&**(*((&*^%$##$%^&*(*&^%$%^&*.htmGET ^*%%RTG*(&^%FTGYHJIJ%^&*()*&*^&%RDFG(JKJH.aspGET *(&*^TGH*JIHG^&*(&^%*(*)OK)(*&^%$EDRGF%&^.htmlGET ^*%%RTG*(&^%FTGYHJIJ%^&*()*&*^&%RDFG(JKJH.aspGET *(&*^TGH*JIHG^&*(&^%*(*)OK)(*&^%$EDRGF%&^.htmlGET ^&&%$%$^%$#^&**(*((&*^%$##$%^&*(*&^%$%^&*.htmGET ^*%%RTG*(&^%FTGYHJIJ%^&*()*&*^&%RDFG(JKJH.aspGET *(&*^TGH*JIHG^&*(&^%*(*)OK)(*&^%$EDRGF%&^.htmlGET ^*%%RTG*(&^%FTGYHJIJ%^&*()*&*^&%RDFG(JKJH.aspGET *(&*^TGH*JIHG^&*(&^%*(*)OK)(*&^%$EDRGF%&^.htmlGET ^*%%RTG*(&^%FTGYHJIJ%^&*()*&*^&%RDFG(JKJH.aspGET ^&&%$%$^%$#^&**(*((&*^%$##$%^&*(*&^%$%^&*.htmGET ^&&%$%$^%$#^&**(*((&*^%$##$%^&*(*&^%$%^&*.htmGET ^*%%RTG*(&^%FTGYHJIJ%^&*()*&*^&%RDFG(JKJH.aspGET *(&*^TGH*JIHG^&*(&^%*(*)OK)(*&^%$EDRGF%&^.htmlGET ^&&%$%$^%$#^&**(*((&*^%$##$%^&*(*&^%$%^&*.htmGET ^*%%RTG*(&^%FTGYHJIJ%^&*()*&*^&%RDFG(JKJH.aspGET ^&&%$%$^%$#^&**(*((&*^%$##$%^&*(*&^%$%^&*.htmGET ^*%%RTG*(&^%FTGYHJIJ%^&*()*&*^&%RDFG(JKJH.aspGET *(&*^TGH*JIHG^&*(&^%*(*)OK)(*&^%$EDRGF%&^.htmlGET ^&&%$%$^%$#^&**(*((&*^%$##$%^&*(*&^%$%^&*.htmGET ^*%%RTG*(&^%FTGYHJIJ%^&*()*&*^&%RDFG(JKJH.aspGET *(&*^TGH*JIHG^&*(&^%*(*)OK)(*&^%$EDRGF%&^.htmlGET ^*%%RTG*(&^%FTGYHJIJ%^&*()*&*^&%RDFG(JKJH.aspGET *(&*^TGH*JIHG^&*(&^%*(*)OK)(*&^%$EDRGF%&^.htmlGET ^&&%$%$^%$#^&**(*((&*^%$##$%^&*(*&^%$%^&*.htmGET ^*%%RTG*(&^%FTGYHJIJ%^&*()*&*^&%RDFG(JKJH.aspGET *(&*^TGH*JIHG^&*(&^%*(*)OK)(*&^%$EDRGF%&^.htmlGET ^*%%RTG*(&^%FTGYHJIJ%^&*()*&*^&%RDFG(JKJH.aspGET *(&*^TGH*JIHG^&*(&^%*(*)OK)(*&^%$EDRGF%&^.htmlGET ^*%%RTG*(&^%FTGYHJIJ%^&*()*&*^&%RDFG(JKJH.aspGET ^&&%$%$^%$#^&**(*((&*^%$##$%^&*(*&^%$%^&*.htmGET ^&&%$%$^%$#^&**(*((&*^%$##$%^&*(*&^%$%^&*.htmGET ^*%%RTG*(&^%FTGYHJIJ%^&*()*&*^&%RDFG(JKJH.aspGET *(&*^TGH*JIHG^&*(&^%*(*)OK)(*&^%$EDRGF%&^.htmlGET ^&&%$%$^%$#^&**(*((&*^%$##$%^&*(*&^%$%^&*.htmGET ^*%%RTG*(&^%FTGYHJIJ%^&*()*&*^&%RDFG(JKJH.aspGET ^&&%$%$^%$#^&**(*((&*^%$##$%^&*(*&^%$%^&*.htmGET ^*%%RTG*(&^%FTGYHJIJ%^&*()*&*^&%RDFG(JKJH.aspGET *(&*^TGH*JIHG^&*(&^%*(*)OK)(*&^%$EDRGF%&^.htmlGET ^&&%$%$^%$#^&**(*((&*^%$##$%^&*(*&^%$%^&*.htmGET ^*%%RTG*(&^%FTGYHJIJ%^&*()*&*^&%RDFG(JKJH.aspGET *(&*^TGH*JIHG^&*(&^%*(*)OK)(*&^%$EDRGF%&^.htmlGET ^*%%RTG*(&^%FTGYHJIJ%^&*()*&*^&%RDFG(JKJH.aspGET *(&*^TGH*JIHG^&*(&^%*(*)OK)(*&^%$EDRGF%&^.htmlGET ^&&%$%$^%$#^&**(*((&*^%$##$%^&*(*&^%$%^&*.htmGET ^*%%RTG*(&^%FTGYHJIJ%^&*()*&*^&%RDFG(JKJH.aspGET *(&*^TGH*JIHG^&*(&^%*(*)OK)(*&^%$EDRGF%&^.htmlGET ^*%%RTG*(&^%FTGYHJIJ%^&*()*&*^&%RDFG(JKJH.aspGET *(&*^TGH*JIHG^&*(&^%*(*)OK)(*&^%$EDRGF%&^.htmlGET ^*%%RTG*(&^%FTGYHJIJ%^&*()*&*^&%RDFG(JKJH.aspGET ^&&%$%$^%$#^&**(*((&*^%$##$%^&*(*&^%$%^&*.htmGET ^&&%$%$^%$#^&**(*((&*^%$##$%^&*(*&^%$%^&*.htmGET ^*%%RTG*(&^%FTGYHJIJ%^&*()*&*^&%RDFG(JKJH.aspGET *(&*^TGH*JIHG^&*(&^%*(*)OK)(*&^%$EDRGF%&^.htmlGET ^&&%$%$^%$#^&**(*((&*^%$##$%^&*(*&^%$%^&*.htmGET ^*%%RTG*(&^%FTGYHJIJ%^&*()*&*^&%RDFG(JKJH.aspGET ^&&%$%$^%$#^&**(*((&*^%$##$%^&*(*&^%$%^&*.htmGET ^*%%RTG*(&^%FTGYHJIJ%^&*()*&*^&%RDFG(JKJH.aspGET *(&*^TGH*JIHG^&*(&^%*(*)OK)(*&^%$EDRGF%&^.htmlGET ^&&%$%$^%$#^&**(*((&*^%$##$%^&*(*&^%$%^&*.htmGET ^*%%RTG*(&^%FTGYHJIJ%^&*()*&*^&%RDFG(JKJH.aspGET *(&*^TGH*JIHG^&*(&^%*(*)OK)(*&^%$EDRGF%&^.htmlGET ^*%%RTG*(&^%FTGYHJIJ%^&*()*&*^&%RDFG(JKJH.aspGET *(&*^TGH*JIHG^&*(&^%*(*)OK)(*&^%$EDRGF%&^.htmlGET ^&&%$%$^%$#^&**(*((&*^%$##$%^&*(*&^%$%^&*.htmGET ^*%%RTG*(&^%FTGYHJIJ%^&*()*&*^&%RDFG(JKJH.aspGET *(&*^TGH*JIHG^&*(&^%*(*)OK)(*&^%$EDRGF%&^.htmlGET ^*%%RTG*(&^%FTGYHJIJ%^&*()*&*^&%RDFG(JKJH.aspGET *(&*^TGH*JIHG^&*(&^%*(*)OK)(*&^%$EDRGF%&^.htmlGET ^*%%RTG*(&^%FTGYHJIJ%^&*()*&*^&%RDFG(JKJH.aspGET ^&&%$%$^%$#^&**(*((&*^%$##$%^&*(*&^%$%^&*.htmGET ^&&%$%$^%$#^&**(*((&*^%$##$%^&*(*&^%$%^&*.htmGET ^*%%RTG*(&^%FTGYHJIJ%^&*()*&*^&%RDFG(JKJH.aspGET *(&*^TGH*JIHG^&*(&^%*(*)OK)(*&^%$EDRGF%&^.htmlGET ^&&%$%$^%$#^&**(*((&*^%$##$%^&*(*&^%$%^&*.htmGET ^*%%RTG*(&^%FTGYHJIJ%^&*()*&*^&%RDFG(JKJH.asp | |
ios::eofbit set | |
ios::failbit set | |
ios::badbit set | |
string too long | |
invalid string position | |
Unknown exception | |
(8PX | |
700WP | |
`h```` | |
ppxxxx | |
(null) | |
__GLOBAL_HEAP_SELECTED | |
__MSVCRT_HEAP_SELECT | |
runtime error | |
TLOSS error | |
SING error | |
DOMAIN error | |
R6028 | |
- unable to initialize heap | |
R6027 | |
- not enough space for lowio initialization | |
R6026 | |
- not enough space for stdio initialization | |
R6025 | |
- pure virtual function call | |
R6024 | |
- not enough space for _onexit/atexit table | |
R6019 | |
- unable to open console device | |
R6018 | |
- unexpected heap error | |
R6017 | |
- unexpected multithread lock error | |
R6016 | |
- not enough space for thread data | |
abnormal program termination | |
R6009 | |
- not enough space for environment | |
R6008 | |
- not enough space for arguments | |
R6002 | |
- floating point not loaded | |
Microsoft Visual C++ Runtime Library | |
Runtime Error! | |
Program: | |
<program name unknown> | |
GetLastActivePopup | |
GetActiveWindow | |
MessageBoxA | |
user32.dll | |
WSASocketA | |
WS2_32.dll | |
ExitProcess | |
CreateProcessA | |
CopyFileA | |
DeleteFileA | |
GetModuleFileNameA | |
GetSystemDirectoryA | |
CloseHandle | |
GetCurrentProcess | |
ResumeThread | |
CreateThread | |
Sleep | |
ExpandEnvironmentStringsA | |
WriteFile | |
CreateFileA | |
GetTempPathA | |
FreeLibrary | |
GetProcAddress | |
LoadLibraryA | |
GlobalMemoryStatus | |
GetVersionExA | |
GetComputerNameA | |
GetCurrentProcessId | |
GetTickCount | |
HeapAlloc | |
GetProcessHeap | |
KERNEL32.dll | |
DispatchMessageA | |
TranslateMessage | |
GetMessageA | |
UpdateWindow | |
ShowWindow | |
CreateWindowExA | |
RegisterClassA | |
LoadCursorA | |
LoadIconA | |
PostQuitMessage | |
ExitWindowsEx | |
DefWindowProcA | |
wsprintfA | |
USER32.dll | |
StartServiceCtrlDispatcherA | |
SetServiceStatus | |
RegisterServiceCtrlHandlerA | |
StartServiceA | |
CloseServiceHandle | |
OpenServiceA | |
CreateServiceA | |
OpenSCManagerA | |
DeleteService | |
AdjustTokenPrivileges | |
LookupPrivilegeValueA | |
OpenProcessToken | |
ADVAPI32.dll | |
MultiByteToWideChar | |
RtlUnwind | |
GetModuleHandleA | |
GetStartupInfoA | |
GetCommandLineA | |
GetVersion | |
RaiseException | |
HeapFree | |
TerminateProcess | |
HeapReAlloc | |
HeapSize | |
UnhandledExceptionFilter | |
FreeEnvironmentStringsA | |
FreeEnvironmentStringsW | |
WideCharToMultiByte | |
GetEnvironmentStrings | |
GetEnvironmentStringsW | |
SetHandleCount | |
GetStdHandle | |
GetFileType | |
GetEnvironmentVariableA | |
HeapDestroy | |
HeapCreate | |
VirtualFree | |
GetLastError | |
SetFilePointer | |
FlushFileBuffers | |
SetUnhandledExceptionFilter | |
VirtualAlloc | |
IsBadWritePtr | |
LCMapStringA | |
LCMapStringW | |
GetStringTypeA | |
GetStringTypeW | |
IsBadReadPtr | |
IsBadCodePtr | |
GetCPInfo | |
GetACP | |
GetOEMCP | |
ReadFile | |
SetStdHandle | |
Windows Firewall | |
ttt<OO | |
sx<1236O | |
SVCH0ST.EXE | |
http | |
1002 | |
DDos | |
Service | |
%%comspec%% /c %s %s | |
@echo off | |
:start | |
if not exist ""%1"" goto done | |
del /F ""%1"" | |
del ""%1"" | |
goto start | |
:done | |
del /F %temp% | |
s.bat | |
del %temp% | |
.bat | |
%s\rs.bat | |
xicao | |
InternetReadFile | |
InternetCloseHandle | |
InternetOpenUrlA | |
InternetOpenA | |
wininet.dll | |
HTTP/1.1 | |
HttpSendRequestA | |
HttpOpenRequestA | |
InternetConnectA | |
open | |
c:\pagefile.pif | |
URLDownloadToFileA | |
ShellExecuteA | |
urlmon.dll | |
Shell32.dll | |
SeShutdownPrivilege | |
20070313 | |
Windows98 | |
Windows95 | |
WindowsNT | |
Windows2000 | |
WindowsXP | |
Windows2003 | |
\svchost.exe | |
%d.%d.%d.%d | |
Setsockopt SO_SNDTIMEO Error... | |
Setsockopt IP_HDRINCL Error... | |
Socket Setup Error... | |
fuckweb | |
/*(&*^TGH*JIHG^&*(&^%*(*)OK)(*&^%$EDRGF%&^.html | |
Cache-Control: no-cache | |
Referer: http://www.baidu.com | |
http:// | |
.?AVios_base@std@@ | |
.?AV?$basic_ios@DU?$char_traits@D@std@@@std@@ | |
.?AV?$basic_istream@DU?$char_traits@D@std@@@std@@ | |
.?AV?$basic_ostream@DU?$char_traits@D@std@@@std@@ | |
.?AV?$basic_streambuf@DU?$char_traits@D@std@@@std@@ | |
.?AV?$basic_filebuf@DU?$char_traits@D@std@@@std@@ | |
.?AV?$basic_ios@GU?$char_traits@G@std@@@std@@ | |
.?AV?$basic_istream@GU?$char_traits@G@std@@@std@@ | |
.?AV?$basic_ostream@GU?$char_traits@G@std@@@std@@ | |
.?AV?$basic_filebuf@GU?$char_traits@G@std@@@std@@ | |
.?AV?$basic_streambuf@GU?$char_traits@G@std@@@std@@ | |
.?AVexception@@ | |
.?AVruntime_error@std@@ | |
.?AVfailure@ios_base@std@@ | |
.?AVfacet@locale@std@@ | |
.?AV_Locimp@locale@std@@ | |
.?AVlogic_error@std@@ | |
.?AVlength_error@std@@ | |
.?AVout_of_range@std@@ | |
.?AVtype_info@@ |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment