[转载]I-Worm\Win32.Voltage 病毒源代码

文章作者：DR-EF

I-Worm\Win32.Voltage 病毒源代码
; I-Worm\Win32.Voltage by DR-EF (c) 2004,Version 2.2
; --------------------------------------------------
;
; Virus Name:Win32.Voltage
; Virus Size:22k
; Type:PE\RAR Infector\Mail worm
; Author:DR-EF
;
; Virus Features:
; ---------------
; - use the registry shell spawning technice to infect exe files
; 　when they executed
; - encrypted by 2 layers
; - use EPO
; - polymorphic engine can generate diffrent instructions for the
; 　same action,mixed with junk code + using SEH to jump to host
; - infect rar files by adding infected file\dropper
; - anti debugging features
;
; Mail Worm Features:
; -------------------
; - 5 messages,subjects,filenames
; - SMTP engine + base64 encoder
; - collect mails from WAB & temporary internet files
; - spoof mailfrom
;
; Fixed Bugs From Old Versions:
; -----------------------------
; - search kernel base with SEH walker instead of last stack method
; - dont set code flag at last section,only read/write
; - fixed bug with image size of infected files
; - removed 1 section in the dropper (wvltg.exe)
; - replaced the CheckFileName function