Skip to content

SmithWichle/Malware-Source-Codes

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
 
 
 
 

Repository files navigation

Malware-Source-Codes

Overview

This repository contains various malware source codes for educational and research purposes. It is intended for cybersecurity professionals, researchers, and students to study and analyze different malware types and their behaviors. Understanding how malware operates is crucial in developing effective countermeasures and enhancing overall cybersecurity.

Why I Created This Repository

The primary motivation behind creating this repository is to provide a comprehensive resource for those interested in studying malware. By analyzing real-world malware samples, one can gain insights into their methods of infection, persistence, and evasion techniques. This knowledge is essential for developing better security tools and strategies to protect against cyber threats.

How I Did It

The malware samples in this repository were collected, decompiled, and analyzed using a variety of tools and techniques. Some of the key tools and methods used include:

dnSpy: A .NET debugger and assembly editor, useful for decompiling and debugging .NET applications. https://github.com/dnSpy/dnSpy/releases/tag/v6.1.8

IDA Pro : A powerful disassembler and debugger for analyzing compiled code. https://hex-rays.com/IDA-pro/

Ghidra: An open-source reverse engineering tool developed by the NSA, useful for decompiling and analyzing binaries. https://github.com/NationalSecurityAgency/ghidra/releases

OllyDbg: An x86 debugger that is handy for analyzing executable files. https://www.softpedia.com/get/Programming/Debuggers-Decompilers-Dissasemblers/OllyDbg.shtml#download

Wireshark: A network protocol analyzer used to capture and examine network traffic. https://www.wireshark.org/#downloadLink

VirusTotal: An online service for scanning files and URLs for viruses, trojans, and other kinds of malware. https://www.virustotal.com/

hybrid Analysis: Running malware in a controlled environment to observe its behavior without risking real systems. https://www.hybrid-analysis.com/

The process involved:

Collection: Gathering malware samples from various sources.

Decompilation: Using tools like dnSpy and Ghidra to decompile the binaries.

Analysis: Studying the decompiled code to understand the malware's functionality and behavior.

Documentation: Documenting the findings and organizing the source codes in a structured manner within this repository.

Disclaimer

This repository is strictly for educational and research purposes only. The use of the source codes contained within this repository for malicious purposes is illegal and unethical. The repository owner is not responsible for any misuse of the information provided.