Skip to content

Latest commit

 

History

History
64 lines (57 loc) · 2.6 KB

README.md

File metadata and controls

64 lines (57 loc) · 2.6 KB

INFORMATION

Contact

Encoder

  • IDE: Visual Studio 2013 (Ultimate)
  • Language: C# (.NET)
  • OS Support: Windows XP, Windows 7, Windows 8, Windows 10
  • Components: .NET Framework 4.5+
  • Details: This malware encrypts all files on disk C/D/E/I...etc
  • Additionally: This malware using AES-256 cipher. ATTENTION! I didn't implement the encryption key storage function!
  • Info: Please, open this malware in the virtual machine. Thanks.

SHELLBUILDER

  • IDE: Visual Studio 2013 (Ultimate)
  • Language: C# (.NET)
  • OS Support: Windows XP, Windows 7, Windows 8, Windows 10
  • Components: .NET Framework 4.5+
  • Details: This utility will convert any file to shellcode, which can extract the LOADER component.
  • Additionally: This utility using BASE64 hash-function to create shellcode.
  • Info: Utility IS NOT dangerous. You can run and test without Virtual Machine!

BOOTLOADER

  • IDE: Visual Studio 2013 (Ultimate) OR Dev-C++ AND FLAT-Assembler(FASM)
  • Language: C++ AND Assembler
  • OS Support: Windows 2000, Windows XP, Windows 7, Windows 8, Windows 10
  • Components: Microsoft Visual C++
  • Details: This malware patched Master Boot Record
  • Additionally: ATTENTION! This malware is VERY dangerous because it modifies the OS boot modules
  • Info: Please, open this malware in the virtual machine. Thanks.

LOADER

  • IDE: Visual Studio 2013 (Ultimate)
  • Language: C# (.NET)
  • OS Support: Windows XP, Windows 7, Windows 8, Windows 10
  • Components: .NET Framework 4.5+
  • Details: This malware - it's a simple dropper. He's extracted bootkit and encoder in the TEMP folder and execute them
  • Additionally: ATTENTION! Malware works is very quickly. Infects OS in a couple of minutes and modifies the registry keys!
  • Info: Please, open this malware in the virtual machine. Thanks.

FRAMEWORKS

  • It's a simple package where the utilitis necessary for compilation and for the successful operation of the malware are located.

WORM

  • IDE: Visual Studio 2013 (Ultimate)
  • Language: C# (.NET)
  • OS Support: Windows XP, Windows 7, Windows 8, Windows 10
  • Components: .NET Framework 4.5+
  • Details: This malware infected files which useing .NET Framework
  • Additionally: ATTENTION! Malware works is very quickly. Infects OS in a couple of minutes and modifies the registry keys!
  • Info: Please, open this malware in the virtual machine. Thanks.