Usually, GDI Trojans works with Threading system:
//Shaking HANDLE hBB1 = HeapCreate(HEAP_NO_SERIALIZE | HEAP_CREATE_ENABLE_EXECUTE, sizeof(char) * 8192 * 64, 0); HANDLE hPML1 = HeapCreate(HEAP_NO_SERIALIZE | HEAP_CREATE_ENABLE_EXECUTE, sizeof(char) * 8192 * 64, 0); HANDLE hBytebeat1 = CreateThread(NULL, NULL, &Bytebeats::Bytebeat1, hBB1, NULL, NULL); HANDLE hPayload1 = CreateThread(NULL, NULL, &GDIPayloads::GDIPayload1, hPML1, NULL, NULL); Sleep(1000 * 15); //15 Seconds //Shaders HANDLE hPML2 = HeapCreate(HEAP_NO_SERIALIZE | HEAP_CREATE_ENABLE_EXECUTE, sizeof(char) * 8192 * 64, 0); HANDLE hPayload2 = CreateThread(NULL, NULL, &GDIPayloads::GDIPayload2, hPML2, NULL, NULL); Sleep(1000 * 10); //10 Seconds System::EndPayload(hPayload2, hPML2); System::EndPayload(hBytebeat1, hBB1); //Icons HANDLE hBB2 = HeapCreate(HEAP_NO_SERIALIZE | HEAP_CREATE_ENABLE_EXECUTE, sizeof(char) * 8192 * 64, 0); HANDLE hPML3 = HeapCreate(HEAP_NO_SERIALIZE | HEAP_CREATE_ENABLE_EXECUTE, sizeof(char) * 8192 * 64, 0); HANDLE hBytebeat2 = CreateThread(NULL, NULL, &Bytebeats::Bytebeat2, hBB2, NULL, NULL); HANDLE hPayload3 = CreateThread(NULL, NULL, &GDIPayloads::GDIPayload3, hPML3, NULL, NULL); Sleep(1000 * 5); //5 Seconds //PatBlt HANDLE hPML4 = HeapCreate(HEAP_NO_SERIALIZE | HEAP_CREATE_ENABLE_EXECUTE, sizeof(char) * 8192 * 64, 0); HANDLE hPayload4 = CreateThread(NULL, NULL, &GDIPayloads::GDIPayload4, hPML4, NULL, NULL); Sleep(1000 * 15); //15 Seconds //AlphaBlend HANDLE hPML5 = HeapCreate(HEAP_NO_SERIALIZE | HEAP_CREATE_ENABLE_EXECUTE, sizeof(char) * 8192 * 64, 0); HANDLE hPayload5 = CreateThread(NULL, NULL, &GDIPayloads::GDIPayload5, hPML5, NULL, NULL); Sleep(1000 * 15); //15 Seconds
Threading is a way to run 2 or more functions at same time, like a visual payload along with a bytebeat function.
Nenhum comentário:
Postar um comentário