Catalog

One 、 brief introduction ：

1.1、 sketch

1.2、 Constitute thought ：

Two 、 Realization

2.1、 Bundle multiple files into an executable program

2.2、 Release the final composite file and run

2.3、 Judge when to bind 、 Decomposition procedure

One 、 brief introduction ：

1.1、 sketch

Combine the Trojan horse and other files into an executable file to confuse the enemy . Many Trojans have their own file binding function , You can also use file bundles used by a large number of people , Combine multiple files into one file , So that the Trojan horse will not be found , File binders are used by most people , Let's talk about the preparation of file bundler .

---

Merge multiple files into one final executable , After running this final composite file , It is equivalent to running multiple files before merging . This program is often used in Trojan program merging , Take the example code of a file bundler

1.2、 Constitute thought ：

When merging files , Create a new binary , First write the data and file length of your own bundled program , Then write the data and file length of the first file you want to bind , Then directly write the data and file length of the second file you want to bind …… Finally, you can directly write the data of the last file you want to bind （ File length is not required ）.

---

When decomposing and releasing the final composite file , That is, reverse the above method

Open the final synthesis file , Read the length of the original bundle program file , Move the file pointer to its own bundled program data , Read the length of the first bound file , Then read the file data of its length and write it to “ New file l1” in , Then read the length of the second bound file , Then read the data of its length and write it to “ New file 2 ” in …… Until the data of the last bound file is directly read and written to the last new file .

Two 、 Realization

2.1、 Bundle multiple files into an executable program

First, get the file length of its own bundled program and the file length of the first file to be bundled , Enumerate whether the first file to be bundled has an icon , If so, use it as the icon of the final generated file , Otherwise, use the default icon brought by its own bundled program as the icon of the final generated file . Write its own bundled program data and its file length in the new binary file , Then write the data of the first file to be bound and its file length , Finally, write the data of the second file directly .

---

The specific code implementation of the merging program function is as follows ：

2.2、 Release the final composite file and run

Open your own file , Get the file length of its own bundled program , You can position the file pointer to the location of the first bound file , Read its file length and its data , Write the read data into the first new file . Again , By adding the length of the read self bundling program file and the length of the first bundled file to the number of bytes holding the length values of these two files , It can be confirmed
Bit the location of the second bound file , Read its data , Write to the second new file . meanwhile , Run these two files , Finally, delete these two files .

---

The specific implementation of the code for releasing the final synthetic file is as follows ：

2.3、 Judge when to bind 、 Decomposition procedure

Because this program uses its own binding program as the file header to generate the final composite file by attaching the bound file to it . therefore , As long as you know the file length of your bundled program , Then initialize the dialog function OnlnitDialog(） It can be judged whether it is the final synthetic document （ Do you want to release the internal binding file ）. This routine uses VC6. 0 Generated by static connection
Release edition , File size is 184KB .

---

The specific implementation of the code to determine whether to bundle or release files is as follows ：