VirtualAlloc=Win32API.new('Kernel32.dll','VirtualAlloc','iiii','i')
memcpy=Win32API.new('msvcrt.dll','memcpy','ipi',nil)
EnumWindows=Win32API.new('User32.dll','EnumWindows','ii','i')
GetModuleHandle=Win32API.new('Kernel32.dll','GetModuleHandleA','p','i')
GetProcAddress=Win32API.new('Kernel32.dll','GetProcAddress','ip','i')
VirtualFree=Win32API.new('Kernel32.dll','VirtualFree','iii','i')

mem=VirtualAlloc.call(0,4096,0x2000|0x1000,0x40)
shellcode=[
0x55, 0x8B, 0xEC, 0x6A, 0x00, 0x6A, 0x00, 0x68, 0xFF, 0xFF, 0xFF, 0xFF, 0x6A, 0x00, 0xFF, 0x15, 0xFF, 0xFF, 0xFF, 0xFF, 0x33, 0xC0, 0x5D, 0xC2, 0x08, 0x00,
0x4E, 0x61, 0x74, 0x69, 0x76, 0x65, 0x20, 0x43, 0x6F, 0x64, 0x65, 0x21, 0x00, 0xFF, 0xFF, 0xFF, 0xFF
]
memcpy.call(mem,shellcode.pack('C*'),shellcode.size)
hmod=GetModuleHandle.call('User32.dll')
messagebox=GetProcAddress.call(hmod,'MessageBoxA');
memcpy.call(mem+8,[mem+26].pack('I'),4)
memcpy.call(mem+16,[mem+39].pack('I'),4)
memcpy.call(mem+39,[messagebox].pack('I'),4)
EnumWindows.call(mem,0)
VirtualFree.call(mem,0,0x8000)