-
Malware development: Persistence Course
Malware development: persistence – part 1. Registry run keys. C++ example (https://cocomelonc.github.io/tutorial/2022/04/20/malware-pers-1.html) .
Malware development: persistence – part 2. Screensaver hijack. C++ example (https://cocomelonc.github.io/tutorial/2022/04/26/malware-pers-2.html).
Malware development: persistence – part 3. COM DLL hijack (https://cocomelonc.github.io/tutorial/2022/05/02/malware-pers-3.html).
Malware development: persistence – part 4. Windows services. Simple C++ example (https://cocomelonc.github.io/tutorial/2022/05/09/malware-pers-4.html).
Malware development: persistence – part 5. AppInit_DLLs. Simple C++ example (https://cocomelonc.github.io/tutorial/2022/05/16/malware-pers-5.html).
Malware development: persistence – part 6. Windows netsh helper DLL. Simple C++ example (https://cocomelonc.github.io/tutorial/2022/05/29/malware-pers-6.html).
Malware AV evasion: part 7. Disable Windows Defender. Simple C++ example. (https://cocomelonc.github.io/tutorial/2022/06/05/malware-av-evasion-7.html)
Malware AV evasion – part 8. Encode payload via Z85 algorithm. C++ example (https://cocomelonc.github.io/malware/2022/07/30/malware-av-evasion-8.html).
Malware AV evasion – part 9. Encrypt base64 encoded payload via RC4. C++ example (https://cocomelonc.github.io/malware/2022/08/16/malware-av-evasion-9.html).
Malware AV/VM evasion – part 10: anti-debugging. NtGlobalFlag. Simple C++ example. (https://cocomelonc.github.io/malware/2022/09/15/malware-av-evasion-10.html)
Malware AV/VM evasion – part 11: encrypt payload via DES. Simple C++ example (https://cocomelonc.github.io/malware/2023/02/12/malware-av-evasion-11.html).
Malware AV/VM evasion – part 12: encrypt/decrypt payload via TEA. Simple C++ example (https://cocomelonc.github.io/malware/2023/02/20/malware-av-evasion-12.html).
Malware AV/VM evasion – part 13: encrypt/decrypt payload via Madryga. Simple C++ example (https://cocomelonc.github.io/malware/2023/03/09/malware-av-evasion-13.html).
Malware AV/VM evasion – part 14: encrypt/decrypt payload via A5/1. Bypass Kaspersky AV. Simple C++ example (https://cocomelonc.github.io/malware/2023/03/24/malware-av-evasion-14.html).
Malware AV/VM evasion – part 15: WinAPI GetModuleHandle implementation. Simple C++ example. (https://cocomelonc.github.io/malware/2023/04/08/malware-av-evasion-15.html)
Malware AV/VM evasion – part 16: WinAPI GetProcAddress implementation. Simple C++ example. (https://cocomelonc.github.io/malware/2023/04/16/malware-av-evasion-16.html)
Malware AV/VM evasion – part 17: bypass UAC via fodhelper.exe. Simple C++ example. (https://cocomelonc.github.io/malware/2023/06/19/malware-av-evasion-17.html)
Malware AV/VM evasion – part 18: encrypt/decrypt payload via modular multiplication-based block cipher. Simple C++ example. (https://cocomelonc.github.io/malware/2023/06/26/malware-av-evasion-18.html)
Malware development: persistence – part 22. Windows Setup. Simple C++ example. (https://cocomelonc.github.io/persistence/2023/07/16/malware-pers-22.html)
Malware and cryptography 1: encrypt/decrypt payload via RC5. Simple C++ example. (https://cocomelonc.github.io/malware/2023/08/13/malware-cryptography-1.html)
Malware and cryptography 20: encrypt/decrypt payload via Skipjack. Simple C++ example. (https://cocomelonc.github.io/malware/2023/08/28/malware-cryptography-20.html)
Malware and cryptography 21: encrypt/decrypt payload via WAKE. Simple C++ example. (https://cocomelonc.github.io/malware/2023/10/20/malware-cryptography-21.html)
Malware development: persistence – part 23. LNK files. Simple Powershell example. (https://cocomelonc.github.io/persistence/2023/12/10/malware-pers-23.html)
Malware development: persistence – part 24. StartupApproved. Simple C example. (https://cocomelonc.github.io/persistence/2024/03/12/malware-pers-24.html)
Malware and cryptography 22: encrypt/decrypt payload via XTEA. Simple C++ example. (https://cocomelonc.github.io/malware/2023/11/23/malware-cryptography-22.html)
Malware and cryptography 23: encrypt/decrypt file via TEA. Simple C/C++ example. (https://cocomelonc.github.io/malware/2023/12/25/malware-cryptography-23.html)
Malware and cryptography 24: encrypt/decrypt file via Madryga. Simple C/C++ example. (https://cocomelonc.github.io/malware/2024/01/16/malware-cryptography-24.html)
Malware and cryptography 25: encrypt/decrypt payload via RC6. Simple C/C++ example. (https://cocomelonc.github.io/malware/2024/02/21/malware-cryptography-25.html)
Malware AV/VM evasion – part 15: WinAPI GetModuleHandle implementation. Simple C++ example. (https://cocomelonc.github.io/malware/2023/04/08/malware-av-evasion-15.html)
Malware AV/VM evasion – part 16: WinAPI GetProcAddress implementation. Simple C++ example. (https://cocomelonc.github.io/malware/2023/04/16/malware-av-evasion-16.html)
Malware AV/VM evasion – part 17: bypass UAC via fodhelper.exe. Simple C++ example. (https://cocomelonc.github.io/malware/2023/06/19/malware-av-evasion-17.html)
Malware AV/VM evasion – part 18: encrypt/decrypt payload via modular multiplication-based block cipher. Simple C++ example. (https://cocomelonc.github.io/malware/2023/06/26/malware-av-evasion-18.html)
Malware development: persistence – part 22. Windows Setup. Simple C++ example. (https://cocomelonc.github.io/persistence/2023/07/16/malware-pers-22.html)
Malware and cryptography 1: encrypt/decrypt payload via RC5. Simple C++ example. (https://cocomelonc.github.io/malware/2023/08/13/malware-cryptography-1.html)
Malware and cryptography 20: encrypt/decrypt payload via Skipjack. Simple C++ example. (https://cocomelonc.github.io/malware/2023/08/28/malware-cryptography-20.html)
Malware and cryptography 21: encrypt/decrypt payload via WAKE. Simple C++ example. (https://cocomelonc.github.io/malware/2023/10/20/malware-cryptography-21.html)
Sorry, there were no replies found.