Delikon
Released 20 years, 10 months ago. January 2004
Copyright © MegaSecurity
By Delikon
Informations
Author | Delikon |
Family | Delikon |
Category | Remote Access |
Version | Delikon |
Released Date | Jan 2004, 20 years, 10 months ago. |
Language | C |
Author Information / Description
A polymorph and encrypted VIRUS in C
By Delikon/
[email protected]
/ www.delikon.de /6.1.2004
This is my first try, to code a polymorph and encrypted virus.
1) The encryption is very simple only 1 byte xor encryption
2) The polymorphism is also very simply, the decryptor is padded with 1 - 6 nops.
The virus.zip archive includes the sourcecode(vc++) and binary from the virus and the dll which binds the cmd shell on the port 6002.
***********The Algorithm of the virus**************
the virus creates a new thread which search for file in the current folder and all folders below,
if it find .exe files which are bigger than 100k it will infect them.
if the virus has end searching it will check if there is a dll with the name b.dll in the system32 folder,
if there is one it will call the main function
if there is no dll, it will download the dll.
The advantage of this is that you can define always new features of your virus, without changing the virus code.
*********************ADD the url for the dll********************
open the virus2.exe and write the url at the end of the code like this
[virus-code][one NULL_Byte left]http://www.delikon.de/shelldll.dll
This DLL will bind a shell on port 6002.
Delikon
If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.