Simple yet powerful windows malware for educational purposes. This project is uncomplicated and easy to do or understand , targeting entry level developers, It should improve your knowledge and study for malware analysis and malware research.
-
.NET - Both client and server coded in Visual Basic .NET, Framework 2.0 dependency.
-
Connection - Encrypted connection , And using pastebin.com RAW as ip:port , Instead of noip.com DNS
-
Spreading - Infecting all files and folders on USB drivers , Also spread over pinned applications on taskbar
-
Bypass - Low AV detection and undetected startup
-
Lightweight - About 20 KB
-
Anti Virtual Machines - Uninstall itself if the machine is virtual to avoid scanning or analyzing
-
And more - Ransomware , passwords recovery , RDP , Bitcoin grabber , Downloader
To open project you need:
1- Visual Studio 2017+
2- This repository
- Open "Project\Server_0.5\Lime Worm Project.sln"
- Set Compiler to "Release" mode
- On Solution Explorer, Right click on "Solution Lime Worm Project" and press "Rebuild Solution"
- Execute "Server_0.5\Server_0.5\bin\Release\Lime Worm.exe"
- Using "Builder" tab, create your worm.
This project was tested only on local lab. I do not know if it will work on external lab.
Server tested on Windows 10, Client tested on virtual machine windows 7, on the same LAN.
- While using injection method, spreading won't work unless the worm.exe is running elevated privilege
- While using ransomware, restore point won't be deleted unless the worm.exe is running elevated privilege
- NYAN CAT
I, the creator, am not responsible for any actions, and or damages, caused by this software.
You bear the full responsibility of your actions and acknowledge that this software was created for educational purposes only.
This software's main purpose is NOT to be used maliciously, or on any system that you do not own, or have the right to use.
By using this software, you automatically agree to the above.
This project is licensed under the MIT License - see the LICENSE file for details