Skip to content

envyofblood/ihatemyself

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

37 Commits
winpwnage
winpwnage
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
ihatemyself.py
ihatemyself.py
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

ihatemyself

python3_support

Brief Summary

Payloads

  • It works simple:
  • Bypasses UAC then restarts itself to change registry, and copy itself to C:\Windows, as well as creating a powershell script to prevent user from closing the process.
  • Restarts PC.
  • After the reboot, it will delete ntoskrnl.exe and hal.dll and overwrite MBR with a custom message, then create visual effects such as making your screen black.

Registry payloads

  • Disables CTRL+Alt+Delete
  • Disables regedit.exe
  • Swaps mouse buttons.
  • Puts itself on startup (wininit, reference from Endermanch on YT!)
  • Allows powershell scripts to be ran from terminal.
  • Enables LUA, which runs any program with administrative privileges.

Persistence

  • Simple. It creates a powershell script that launches upon startup and monitors the malware's process. If malware process or powershell closed, it will throw BSOD.
  • If tried to delete malware or powershell script from file directory, it will throw BSOD.

DISCLAIMER

  • This tool is provided for educational and research purposes only. The authors of this project are no way responsible for any misuse of this tool.
  • Please credit me if you are using this in your project.

Contributions

  • All contributions are welcome!

Credits:

About

A simple trojan made for Windows in Python.

Topics

windows malware trojan malware-analysis malware-development malware-sample trojan-malware python-malware python-trojan

Resources

Readme

License

MIT license
Activity

Stars

11 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases 1

Compiled version Latest
Mar 2, 2024

Packages

 
 
 

Contributors

Languages