Gimmiv DLL
The DLL looks really interesting. Interesting in a sense that even though the code is reaaally easy to read, it’s a rare find since it’s riddled with bad programming. It’s a wonder these guys even managed to make a malware that actually compiles.
Instead of using stuff like arrays to check for various registry keys the guys decided to implement each check into it’s own function with only the registry key basically changing. The also have two almost identical functions to check whether avp (kaspersky) is running.
Here’s a nice piece of shoddy code also:
I really really thought I’d see something new and cool but even though this is “new”, it most certainly isn’t cool. They could’ve propably drop the size to under 50% of what it’s now by just doing it the right way. They keep checking the registry key’s and processes over and over in different places instead of just checking once and keeping a flag somewhere. And their code is riddled with functions that are never called.
Is this really how low the bar has become? And to the author(s) of Gimmiv: I don’t mean to nasty but please, WTF?!?