Reverse Engineering an RDP and WebLogic Attack

It's quite amusing to see how many obfuscation layers it goes through, but also how many different security issues it relies on to propagate. Seems like there is a ton of thought put into it, but it's most probably just a collection of skiddie tools stacked on top of each other. Wonder what the end result is, anyone got a clue?