name hider

1. #include <windows.h>
2.  
3. void mainP()
4. {
5.     unsigned long address;
6.  
7.     // Could be injected earlier than expected
8.  
9.     do
10.     {
11.         address = (unsigned long)GetModuleHandle("AVA.exe");
12.         Sleep(100);//Not to overload the CPU
13.     } while (address == NULL);
14.  
15.     Beep(750, 300);
16.  
17.     address = address + 0x02355B84;
18.  
19.     while (*(unsigned long*)address == NULL) Sleep(100);//Not to overload the CPU
20.  
21.     address = *(unsigned long*)address + 0x90;
22.  
23.     while (*(unsigned long*)address == NULL) Sleep(100);//Not to overload the CPU
24.  
25.     address = *(unsigned long*)address + 0x28;
26.  
27.     while (*(unsigned long*)address == NULL) Sleep(100);//Not to overload the CPU
28.  
29.     int x = wcslen((wchar_t*)address) - 1;
30.  
31.     for (int i = 0; i < x; i++)
32.     {
33.         *(wchar_t*)(address + 2 * i) = 0;
34.     }
35. }
36.  
37. bool WINAPI DllMain(HINSTANCE hDLLInst, DWORD fdwReason, LPVOID lpvReserved)
38. {
39.     DisableThreadLibraryCalls(hDLLInst);
40.  
41.     if (fdwReason == DLL_PROCESS_ATTACH)
42.     {
43.         if (CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)mainP, NULL, 0, NULL) == NULL) // Creating a new thread in the process "AVA"
44.         {
45.             MessageBox(NULL, "Couldn't create a thread to execute within the virtual address space of the calling process.", "ERROR", MB_OK | MB_ICONERROR);
46.             return false;
47.         }
48.     }
49.     else if (fdwReason == DLL_PROCESS_DETACH)
50.     {
51.         // No need for anything here
52.  
53.     }
54.  
55.     return true;
56. }