Skip to content

My second largest project yet, A very simple, but intuitive Malware builder!!!

License

Notifications You must be signed in to change notification settings

DefinetlyNotAI/MalwareBuilder

Repository files navigation

md_logo

MALWARE BUILDER

❯ A Python-based tool for creating and managing malware for educational purposes.

license last-commit repo-top-language repo-language-count
OpenSSF Best Practices Score GitHub Repo Size GitHub Tag

🔗 Table of Contents


📍 Overview

❯ MalwareBuilder is a Python-based tool designed for educational purposes to demonstrate various malware functionalities. It includes features to disable system components, create spam accounts, and more.

Important

Use responsibly and for educational purposes only.

LEGAL DISCLAIMER: This tool is intended for educational and research purposes only. Misuse of this tool may violate computer crime laws. Users are solely responsible for how they use this software.

SYSTEM IMPACT: This tool can make significant changes to system settings that may require manual recovery or system reinstallation if the cure functionality fails.

This tool is still in BETA and may contain bugs or not work as intended. PLEASE TEST IN A VIRTUAL MACHINE.


👾 Features

❯ The tool includes the following features:

  • Disable Registry
  • Disable MsConfig
  • Disable TaskManager
  • Disable Time
  • Disable Group Policy
  • Disable Windows Explorer
  • Disable NotePad
  • Create Multiple Spam Windows Accounts
  • Disable Windows Firewall
  • Create Multiple Spam Error Windows messages
  • Disable Windows Update
  • Disable Windows Defender (Not possible, but attempted)
  • Create Multiple Files/Folders in Desktop
  • Disable DHCP Client
  • Disable Taskbar
  • Disable Start Menu
  • Disable CMD
  • Disable Powershell (Not possible, but attempted)
  • Disable Run
  • Disable Control Panel
  • Disable System Restore
  • Destroy Desktop Icons
  • Hide Windows Clock (Untested)
  • Swap Mouse Buttons
  • Remove Folder Options
  • Disable HID Devices completely (Untested)
  • Turn Off Monitor (Temporary)
  • Crazy Mouse
  • Crazy Taskbar
  • Disable Audio Service
  • Corrupt Clipboard
  • Destroy Windows (Untested)
  • Lock Cursor
  • Auto Startup
  • Move File to New location
  • Crash Windows
  • Bug out Windows GUI
  • Teleport all windows
  • Close all applications

Note

Even when testing all features simultaneously, the native windows antivirus did not flag the exe's as malicious.


📁 Project Structure

└── MalwareBuilder/
    ├── MalwareBuilder.py
    ├── MalwareCode.py
    ├── config.ini
    └── requirements.txt

📂 Project Index

MALWARE BUILDER/
__root__
MalwareBuilder.py ❯ Main script to build and manage malware features.
config.ini ❯ Configuration file for selecting features.
MalwareCode.py ❯ Contains the implementation of malware features.
requirements.txt ❯ List of dependencies required for the project.

🚀 Getting Started

☑️ Prerequisites

Before getting started with MalwareBuilder, ensure your runtime environment meets the following requirements:

  • Programming Language: Python
  • Package Manager: Pip
  • Operating System: Windows

Tip

MalwareBuilder uses PyInstaller to create an executable file.

PyInstaller may produce a VERY LARGE executable file, if run from the public version of Python. It is recommended to use PyInstaller with a virtual environment to reduce the size of the executable file.

This happens because PyInstaller includes every library you have, which is not necessary for most applications.

In experience, Without a virtual environment, the executable file was 2.4GB each. With a venv, the executable file was 37MB each.

⚙️ Installation

Install MalwareBuilder using the following method:

Build from source:

  1. Clone the MalwareBuilder repository:
git clone https://github.com/DefinetlyNotAI/MalwareBuilder
  1. Navigate to the project directory:
cd MalwareBuilder
  1. Install the project dependencies:

Using pip  

pip install -r requirements.txt

🤖 Usage

Run MalwareBuilder using the following command:

python MalwareBuilder.py

The script will dynamically generate the .py files for the selected features and compile them into an executable file. After which you will get 2 executable files, one for the malware and one for the cure.

Warning

The cure file is not guaranteed to work, and may not work at all.

The cure file is a file that is supposed to reverse the effects of the malware file.

Not enough tests were made, and some features don't have a functionality to reverse the effects. (Noted by a None in the config.ini)

Running Infect.exe for the first time:

  1. The executable will read the target location from config.ini
  2. It will copy itself and the config.ini file to that location
  3. The malware will be configured to run at system startup

Subsequent behavior:

  1. On system startup, the malware runs silently (no visible windows)
  2. It verifies its location matches the config.ini specification
  3. If locations match: executes configured malware features
  4. If locations don't match: repeats first-time setup process

Warning

This process modifies system startup configuration and may persist across reboots unless properly removed using the cure file.


🔰 Contributing

Contributing Guidelines
  1. Fork the Repository: Start by forking the project repository to your GitHub account.
  2. Clone Locally: Clone the forked repository to your local machine using a git client.
    git clone https://github.com/DefinetlyNotAI/MalwareBuilder
  3. Create a New Branch: Always work on a new branch, giving it a descriptive name.
    git checkout -b new-feature-x
  4. Make Your Changes: Develop and test your changes locally.
  5. Commit Your Changes: Commit with a clear message describing your updates.
    git commit -m 'Implemented new feature x.'
  6. Push to GitHub: Push the changes to your forked repository.
    git push origin new-feature-x
  7. Submit a Pull Request: Create a PR against the original project repository. Clearly describe the changes and their motivations.
  8. Review: Once your PR is reviewed and approved, it will be merged into the main branch. Congratulations on your contribution!
Contributor Graph

contribs


🎗 License

This project is protected under the MIT License. For more details, refer to the LICENSE file.