You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

1.9 KiB

Malware

Introduction

The best way to understand malware is to be a Malware Developer. Its time to thing like black hat to understand how the ransomware work like (WannaCry).

Guidelines

You need to develop a ransomware that encrypt all the files with your extension and add a text file in the desktop with "All of your files have been encrypted,To unlock them contact me with your encrption code in this email@email.com, your encrption code is : {xxxxxxxxxxxxxxx}". a random encryption code must be placed in the text file, you must use this encryption code to provide an decrypting program. a decryption program is generated for each victim using the number generated after the encrypting (the encryption code).

Your Malware and decryption program must be developed to work in Windows environment. The programs should not detect with Windows Defender and in more than 80% of Security vendors in virustotal, yes it's hard but your program will be useless if it's detected!

This project is carried out on a virtual machine (in your malware analysis lab). You are free to choose your virtual machine, it must be windows-based. (but in the audit you will use an official windows virtual machine!) You are free to choose the programming language for your programs.

Advice

Avoid developing this malware in your own operating system or you will cry lonely in the corner!

This program is for educational use only, Do not use it for evil purposes, If you do this, we will not visit you in prison!

https://docs.microsoft.com/en-us/windows/win32/api/bcrypt/ https://docs.microsoft.com/en-us/windows/win32/fileio/file-management-functions

Submission and audit

Files that must be inside your repository:

  • Your program source code.

  • a README.md file, Which clearly explains how to use the program.

  • Don’t hesitate to double check the names of your folders and files to ensure they are correct!