nprimo
4a42d8f1db
|
2 years ago | |
---|---|---|
.. | ||
audit | 2 years ago | |
README.md | 2 years ago |
README.md
Evasion
Objective
The goal of this project is to understand the methods of hackers who bypass anti-viruses, so also to understand how antivirus works in a little more advanced way than mal-track.
Guidelines
You will need to develop a windows program
The windows program will have to give us the possibility to encrypt another program
Increase its size by 101mb
Add an increment of an int to 100001
Look at the time, do a sleep of 101 seconds, look at the time to check that 101 seconds has passed, if the 101 seconds have not elapsed, do not decrypt the binary and do not execute it
This project is carried out on a virtual machine (in your malware analysis lab). You are free to choose your virtual machine, it must be windows-based. (but in the audit you will use an official windows virtual machine!) You are free to choose the programming language for your program.
Advice
https://wikileaks.org/ciav7p1/cms/files/BypassAVDynamics.pdf
https://0x00sec.org/c/cryptology/
Submission and audit
Files that must be inside your repository:
- Your program source code.
- a README.md file, Which clearly explains how to use the program.
Don’t hesitate to double check the names of your folders and files to ensure they are correct!