This repository contains a malware implementation targeting Windows systems. The malware captures screenshots and uploads them to a remote server. It also copies itself to a hidden directory and adds itself to the startup items to ensure persistence.
Before running the malware, build it using the following command to prevent the console window from appearing: go build -ldflags -H=windowsgui main.go
Execute the following command to run the malware: go run malware.go
The malware performs the following actions:
- Screenshot Capture: Captures the screen and saves it as a JPEG image.
- Copying: Copies itself to a hidden directory in the user's home directory.
- Adding to Startup: Adds itself to the startup items to ensure it runs on system boot.
- Upload Data: Uploads the captured screenshot along with the MAC address of the system to a remote server.
- Ensure that you have Go installed on your system to build and run the malware.
- Make sure to set up the remote server correctly with the
file.phpscript for data handling.
This repository is for educational purposes only. Misuse of the code in this repository may violate laws and regulations. The author takes no responsibility for any illegal use of this code.