🔥 ASSEMBLY VIRUS EXAMPLE + CODE EXPLANATION [MALWARE]

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
[Music] [Music] [Music] [Music] [Music] [Music] [Music] go [Music] hell hello hello hello in this video we are going to see how flat assembler virus looks like the longest source code and the smallest exify so you should understand why assembler is most favorite virus creators language algorith of override viruses is same in every case so first path of file virus needs access to his own code but first he needs path to file in this case we will use win appy function get com line gives us path to file then varus will be able to read file to the memory by Red file function but it have to be allocate enough memory self-reading virus size is already declared in code a different method like in C virus example but also very effective it's much faster allocate memory is mission for Malo is faster than win apppp allocate functions if virus have copy in memory then have to find files to infection it will be searching for EXA files of course in this case C as matter to find apps to infection it will be using find first file and find next file functions infection to open victim file create file to write write file and to close close handle it's really as simple as that so let's see step by step how it's working please remember this is an educational video so virus infects app only in local directory do not use these codes for your own safety [Music] these few lines of code gives us full reading path let's see how it's working like you can see it returns path but with quote marks it could be easily fixed by checking first sign of path just look at this [Music] code now we have correct path to file let's change name and [Music] check everything works [Music] fine now self-reading if virus have path to file is able to self read path to file must be in ECX register it's faster method than passing argument by Stack this video could be also an interesting assembler tutorial in comments in this file you could see similar code in C for better [Music] understanding opening file by create file this is how it look in [Music] C memory allocating by Malo rating [Music] F comparing rated bites to virus size these numbers must be equal if they are then virus is in [Music] memory if virus is in memory we should see M and z Let's test [Music] it virus into the memory this is how self looks like like in this case it's time to find some apps to infect here is structure when find data and that just 320 on declared bites there is no thing like structure in processor there is only memory and [Music] offset and under offset 2C 44 bytes from the structure starts is file name and this is everything what this virus needs so Basics directory operation using find first file and find next file similar this what you see in C in comments getting file name to epx register checking file name land to avoid Dot and double dot and five is the shortest file name with extension here I is checking big extension and small extension and if this is a exo file we have message to find our exaile that could be [Music] infected let's see how it's [Music] work everything works [Music] properly now let's go to infection infection is the simplest thing in this virus virus have to open exaile by create file write virus to file by WR file comparing wred bites to virus size these numbers must be equal if they are then virus infected x a [Music] file [Music] closey by close handle let's see one more time how it's look every exaile in virus directory is infected new virus has been created let's check how many antivirus systems is able to detect it only 12 from 71 not many but still better than sea virus [Music] and that's all thanks for watching stay safe and don't open suspicion X Files
Info
Channel: 0xD3struction
Views: 782
Rating: undefined out of 5
Keywords: Hacking, Cracking, Malware, Virus, Source, Code, Video, AI, IT, FASM, Example, Programming, Cpp, Python, Windows, Infection, Analysis, Exe, Tutorial, Kalilinux, Antyvirus, Test, Overwrite, WinApi, Demonstration, Api, Flat, Assembly, Executable, Self, Reading, Path, File, Computer, C++, Assembler, demonstration, Ethical, EthicalHacking, Linux, Kaspersky, Avast, 10, Viewer, Static, Mitm, Prevent, Advanced, Remnux, Debbuging, Security, types, of, ransomeware, Worms, Introduction, To, How, Is, Created, Latest, Detection, Most, Common, Works, 0xd3, struction
Id: lsSmEvai3jY
Channel Id: undefined
Length: 13min 22sec (802 seconds)
Published: Sun Dec 31 2023
Related Videos
you can learn assembly FAST with this technique (arm64 breakdown)
Low Level Learning
152K
This Insane Virus Trick Would Have Fooled Me - Watch Out!
ThioJoe
693K
💾 C VIRUS EXAMPLE + CODE EXPLANATION [MALWARE]
0xD3struction
678
💀 HOW HACKERS REWRITE EXE FILES ? [HACKING BASICS]
0xD3struction
484
I made the same game in Assembly, C and C++
Nathan Baggs
668K
everything is open source if you can reverse engineer (try it RIGHT NOW!)
Low Level Learning
1.3M
☢️ MALWARE ANALYSIS [REAL VIRUS] STATIC/DYNAMIC
0xD3struction
430
Why should I learn assembly language in 2020? (complete waste of time?)
Jacob Sorber
222K
I made an entire OS that only runs Tetris
jdh
1.6M
Computer Virus Reverse Engineering How Viruses Work
Dragon Zap Education
6.9K
How Hackers Write Malware & Evade Antivirus (Nim)
John Hammond
389K
Making a Game in Python with No Experience
Goodgis
1.6M
Assembly Language in 100 Seconds
Fireship
1.5M
Hacker's Gave me a Game and I Found a Virus
Low Level Learning
389K
StormWorm: Exploring the Infamous Polymorphic Computer Virus
upp
1.3K
☠️ HOW HACKERS READING EXE FILES [HACKING BASICS]
0xD3struction
3K
How I Debug DLL Malware (Emotet)
Anuj Soni
11K
you can become a GIGACHAD assembly programmer in 10 minutes (try it RIGHT NOW)
Low Level Learning
578K
3 PYTHON AUTOMATION PROJECTS FOR BEGINNERS
Internet Made Coder
1.5M
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.