davhojt
d9b0e61192
|
2 years ago | |
---|---|---|
.. | ||
audit | 2 years ago | |
README.md | 2 years ago |
README.md
Malware
Introduction
The best way to understand malware is to be a Malware Developer. Its time to thing like black hat to understand how the ransomware work like (WannaCry).
Guidelines
You need to develop a ransomware that encrypt all the files with your extension and add a text file in the desktop with "All of your files have been encrypted,To unlock them contact me with your encryption code in this email@email.com, your encryption code is : {xxxxxxxxxxxxxxx}". a random encryption code must be placed in the text file, you must use this encryption code to provide an decrypting program. a decryption program is generated for each victim using the number generated after the encrypting (the encryption code).
Your Malware and decryption program must be developed to work in Windows environment. The programs should not detect with Windows Defender and in more than 80% of Security vendors in virustotal, yes it's hard but your program will be useless if it's detected!
This project is carried out on a virtual machine (in your malware analysis lab). You are free to choose your virtual machine, it must be windows-based. (but in the audit you will use an official windows virtual machine!) You are free to choose the programming language for your programs.
Advice
Avoid running this malware on your own machine at all costs, or you may find yourself in a world of encryption pain.
https://docs.microsoft.com/en-us/windows/win32/api/bcrypt/ https://docs.microsoft.com/en-us/windows/win32/fileio/file-management-functions
Submission and audit
Files that must be inside your repository:
-
Your program source code.
-
a README.md file, Which clearly explains how to use the program.
-
Don’t hesitate to double check the names of your folders and files to ensure they are correct!
⚠️ These methods and tools are for educational purposes only, so that you have a better understanding of how to protect against similar vulnerabilities. You must ensure that you do not attempt any exploit-type activity without the explicit permission of the owner of the machine, system or application. Failure to obtain permission risks breaking the law.