Writing my first malware

Learning about malware


Introduction

In the last year of Epitech (a French IT school), we had to do a project called T-SEC-901. It's a project for people who want to learn more about security and malware.

I'm more interested in Cloud nowadays, but I still wanted to do create a malware.

The project

The subject was to create a malware that can be executed on a Windows machine and should be able to communicate with a C2 server and execute commands.

Stormwave

I've decided to call my malware Stormwave.

When I started the project I said to myself that a malware is just a program that does something without the user's consent. A malware can move files, delete files, make http requests, wait for a specific date to do something, etc. At the end, it's just a program. But a program that you don't want to have on your computer.

So I started to write a program that can do some of the things I've mentioned above. The main goal was to create an agent talking to a C2 server. Not focusing on evading antivirus or anything else. Just a simple agent that can execute commands.

The agent

In 2024 there are a lot of languages that can be used to create a malware. I've decided to use Golang. I'm not enough comfortable with languages where you have to manage memory, so Golang seems to be a solid choice.

The first thing I've done was to make an infinite loop that will send a request to the C2 server every 10 seconds. I was surprised to see that Golang doesn't have while loops lol. To compile and run the program I just wanted to use the go run command but for some fucking reason it didn't work. I've learned that go use modules, I just remember of these words: $GOPATH go mod init go.mod. So to make a simple infinite loops it takes a lot of time.

Make a request to the C2 server was pretty easy btw.

What ive learned