I Open-Sourced a Malware Project I Had Sitting in My Archive

I finally open-sourced a project that’s been sitting in my archive for a while. 😊 ⭐

A while back I was trying to bypass Windows Defender to run malicious code. After a lot of research I pulled it off. Once I had the bypass working, I wrote a full malware piece — purely for myself. That long process is now available publicly, for educational purposes only.

Here’s what it can do:

1. C2 (Command & Control) Channel — Management through a Telegram bot. Bypasses network firewall port restrictions and gives full remote control of the machine.

2. Hardware Telemetry (Microphone & Camera) — Using Windows Multimedia API (winmm.dll) and WinRT, the machine’s microphone and camera activate silently in the background. No notification, no indicator light.

3. Async Keylogger & Clipboard — Every keystroke and clipboard action (text, image, or file copy) is logged fully asynchronously.

4. File System Monitoring — Local directories like Downloads and Documents are watched 24/7. Any new or modified file is forwarded automatically via Telegram.

5. Reverse Shell & Command Execution — Opens a TCP reverse shell directly to the C2 server. PowerShell commands sent through C2 are executed on the system and output is returned.

6. Live Screenshots — High-quality screenshots taken at any time without the user knowing.

7. ASAR Packaging Bypass — Disguises itself as a legitimate Electron app. On execution, malicious code is copied to %TEMP% and run from there, evading heuristic scanners.

Note: This project is shared strictly for educational, analysis, and cybersecurity research purposes (Proof of Concept). Using this for unauthorized access, data theft, or any illegal activity is strictly prohibited.

Star it if you find it useful ⭐

Link: https://lnkd.in/dmfThE55