Visual Basic 6.0
1 form and 1 Module
Form -> BrontokForm
Module -> API
Begin VB.Form BrontokForm
Caption = “Brontok.A”
ForeColor = &H8000000F&
ScaleMode = 1
BeginProperty Font
Name = “”
Size = 195323.4944
Charset = 29
Weight = 774
EndProperty
Begin VB.Timer TmrBrontok
Enabled = 0 ´False
Interval = 2000
Left = 2160
Top = 0
Width = 57352
Height = 1
End
End
Project Name : Brontok.vbp, put directory:
F:VPROJECTREHABRe-1BRONTOK.A
procedure & function
Form_QueryUnload(Cancel As Integer, UnloadMode As Integer)
TmrBrontok_Timer()
Subr_004()
CekKoneksiInternet()
ManipulasiExec()
Subr_007()
KeluarDong()
BronReg()
CopyAppData()
DownloadVir()
StartDong()
StartUp()
DecTeks()
MutMutex()
MutCr()
DownloadFile()
CekUpdate()
InfekNetwork()
Judul()
CekRemDisk()
BikinFile()
GetEmailFile()
CekValidMail()
GetTeks()
CekKar()
ListMail()
GetTargetMBhs()
GavMailer()
BrontokMail()
Subr_031()
DataEmail()
DownMIME()
FindFilesAPI()
ListFileGav()
InfekFile()
SmallAttack()
MinggirLoe()
GetHostByNameAlias()
StripNulls()
BikinKredit()
Api function :
Read n write function :
Declare Function RegOpenKeyExA Lib “advapi32.dll” ()
Declare Function RegSetValueExA Lib “advapi32.dll” ()
Declare Function RegCloseKey Lib “advapi32.dll” ()
Declare Function RegCreateKeyExA Lib “advapi32.dll” ()
Declare Function Sleep Lib “kernel32″ ()
get Special Folder:
Declare Function SHGetPathFromIDList Lib “shell32.dll” ()
Declare Function SHGetSpecialFolderLocation Lib “shell32.dll” ()
read the web page
Declare Function InternetOpenA Lib “wininet.dll” ()
Declare Function InternetOpenUrlA Lib “wininet.dll” ()
Declare Function InternetReadFile Lib “wininet.dll” ()
Declare Function InternetCloseHandle Lib “wininet.dll” ()
Get Window captions :
Declare Function GetWindowTextA Lib “user32″ ()
Declare Function GetWindowTextLengthA Lib “user32″ ()
Get HWND Window aktif :
Declare Function GetForegroundWindow Lib “user32″ ()
Shutdown, Reboot, LogOff Windows:
Declare Function ExitWindowsEx Lib “user32″ ()
Declare Function GetCurrentProcess Lib “kernel32″ ()
Declare Function OpenProcessToken Lib “advapi32″ ()
Declare Function LookupPrivilegeValueA Lib “advapi32″ ()
Declare Function AdjustTokenPrivileges Lib “advapi32″ ()
Get all Media file.like Removable Disk, CD-Rom dll:
Declare Function GetDriveTypeA Lib “kernel32″ ()
Declare Function ShellExecuteA Lib “shell32.dll” ()
Declare Function RtlMoveMemory Lib “kernel32″ ()
Winsock API:
Declare Function closesocket Lib “wsock32.dll” ()
Declare Function connect Lib “wsock32.dll” ()
Declare Function htons Lib “wsock32.dll” ()
Declare Function inet_addr Lib “wsock32.dll” ()
Declare Function recv Lib “wsock32.dll” ()
Declare Function send Lib “wsock32.dll” ()
Declare Function socket Lib “wsock32.dll” ()
Declare Function gethostbyname Lib “wsock32.dll” ()
Declare Function WSAStartup Lib “wsock32.dll” ()
Declare Function WSACleanup Lib “wsock32.dll” ()
Declare Function WSAAsyncSelect Lib “wsock32.dll” ()
Function connect with file :
Declare Function FindFirstFileA Lib “kernel32″ ()
Declare Function FindNextFileA Lib “kernel32″ ()
Declare Function GetFileAttributesA Lib “kernel32″ ()
Declare Function FindClose Lib “kernel32″ ()
To Be Continue
