How to Spread Virus

07:06  Unknown  No comments







1. File Binding. 
2. Hide exe into excel file.  
3. Office 2003 Macro bypasser:  
4. File name phising 
5. False Linking.  

1. File Binding): 
File binding is a process to bind two exe files into one. When binded exe is exeuted, both the 
exe’s are executed at the same time. 

We have 2 default binder programs: 
1. iexpress.exe (ship with xp+vista) 
Goto run and type: iexpress 

and select 1 option : create a self extraction directive file next select 1
st

option next give package title-my prg or any next  select no prompt  select donot 
display a license  add 2 files (one virus or Trojan file, and 2 any software like winamp.exe) 
next  select install program  winamp.exe and post install command  select 
server.exe(virus) Selct default next no message select Browse to save a final exe file. 
And next  final.exe created. 

When we are binding the exe’s, the limitation is that it makes a third type of icon which can 
be detected so to change icon we use resource hacker program for getting the orginal icon.To 
change icon use  resource hacker  program.  

Don’t use custom binders from internet because they are detected as virus by many anti 
viruses. 

Limitation of iexpress: 
Iexpress can only bind  exe file format into final exe, not any other extension like excel, PDF 
file. 





2. Hide exe into excel file.  



Extract excelhack.exe  to c drive and put 2 files, one sever.exe(virus) and another is excel 
file(bill.xls) in the same folder then open dos prompt and then type the command given below: 

c:\>excelhack.exe bill.xls server.exe [enter]  

Limitation of this exploit: Work only in office 2003 




3. Office 2003 Macro bypasser:  

Download: www.thesecretofhacking.com/sw/ch2/macrobypasser.reg   
and send it to the targeted system which will enable macro  feature, which will be helpful to infect 
victim system. 

4. File name phising 

Open Dos Prompt and just rename the file and create a archive with help of winrar software. 

C:\> ren server.exe  photo1226.jpeg-www.myspace.com  



5. False Linking.  

It is one of the special methods of infecting a target system, where we change the name of 
server.exe into bill.xls with the help of “  c:\> ren server.exe bill.xls ” 
But before that we make the shortcut of server.exe on same folder and after that open shortcut 
property and set “ C:\windows\system32\cmd.exe /c bill.xls” . 

Then if anybody clicks on  bill.xls.lnk it will automatically tun the server.exe which will  
infect the target system easily. 

Posted in:

0 comments:

Post a Comment