Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Sign up
Appearance settings
This repository was archived by the owner on Aug 29, 2021. It is now read-only.

mcdulltii/psmalware

Folders and files

NameName
Last commit message
Last commit date

Latest commit

History

6 Commits

Repository files navigation

PSMalware

Purely-Powershell Malware.

Only caught by UAC.

Bypasses AV as of 2019.

Includes

  • Bypass
  • Register Alterations
  • Persistence
  • Event Clears
  • Encoding
  • Compression
  • Splitting
  • String formatting

Version 1

  • Runs only on host computer.
  • Kills execution within a VM.
  • Payload: Stop-computer

Version 2

  • Allows VM execution.
  • Includes 3 execution halts for easier reversing.
  • More obfuscation, encoding, string formats.
  • Payload: Stop-computer

AltStyle によって変換されたページ (->オリジナル) /