Skip to content
This repository has been archived by the owner on Aug 29, 2021. It is now read-only.

mcdulltii/psmalware

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
Version 1
Version 1
 
 
Version 2
Version 2
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
mal.png
mal.png
 
 

Repository files navigation

PSMalware

Purely-Powershell Malware.

Only caught by UAC.

Bypasses AV as of 2019.

Malware Rough Breakthrough

Includes

  • Bypass
  • Register Alterations
  • Persistence
  • Event Clears
  • Encoding
  • Compression
  • Splitting
  • String formatting

Version 1

  • Runs only on host computer.
  • Kills execution within a VM.
  • Payload: Stop-computer

Version 2

  • Allows VM execution.
  • Includes 3 execution halts for easier reversing.
  • More obfuscation, encoding, string formats.
  • Payload: Stop-computer

About

Powershell Malware

Topics

encoding powershell bypass payload fileless powershell-malware

Resources

Readme

License

GPL-3.0 license
Activity

Stars

6 stars

Watchers

0 watching

Forks

2 forks
Report repository

Languages