Writing my first malware
Learning about malware
Introduction
In the last year of Epitech (a French IT school), we had to do a project called T-SEC-901. It's a project for people who want to learn more about security and malware.
I'm more interested in Cloud nowadays, but I still wanted to do create a malware.
The project
The subject was to create a malware that can be executed on a Windows machine and should be able to communicate with a C2 server and execute commands.
Stormwave
I've decided to call my malware Stormwave.
When I started the project I said to myself that a malware is just a program that does something without the user's consent. A malware can move files, delete files, make http requests, wait for a specific date to do something, etc. At the end, it's just a program. But a program that you don't want to have on your computer.
So I started to write a program that can do some of the things I've mentioned above. The main goal was to create an agent talking to a C2 server. Not focusing on evading antivirus or anything else. Just a simple agent that can execute commands.
The agent
In 2024 there are a lot of languages that can be used to create a malware. I've decided to use Golang. I'm not enough comfortable with languages where you have to manage memory, so Golang seems to be a solid choice.
The first thing I've done was to make an infinite loop that will send a request to the C2 server every 10 seconds.
I was surprised to see that Golang doesn't have while loops lol.
To compile and run the program I just wanted to use the go run command but for some fucking reason it didn't work.
I've learned that go use modules, I just remember of these words: $GOPATH go mod init go.mod.
So to make a simple infinite loops it takes a lot of time.
Make a request to the C2 server was pretty easy btw.