{"id":27140320,"url":"https://github.com/localsix/catmalware-education","last_synced_at":"2025-04-14T16:17:33.463Z","repository":{"id":286645920,"uuid":"962077832","full_name":"localsix/catmalware-education","owner":"localsix","description":"THIS CODE IS EXTREMELY DANGEROUS AND DESTRUCTIVE. IT IS DESIGNED TO DAMAGE YOUR COMPUTER SYSTEM AND MAKE IT UNBOOTABLE.","archived":false,"fork":false,"pushed_at":"2025-04-07T16:23:06.000Z","size":10,"stargazers_count":2,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-04-11T03:49:25.907Z","etag":null,"topics":["cpp","malware","trojan","windows"],"latest_commit_sha":null,"homepage":"","language":"C++","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/localsix.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2025-04-07T16:02:01.000Z","updated_at":"2025-04-09T02:09:05.000Z","dependencies_parsed_at":"2025-04-07T17:23:27.119Z","dependency_job_id":null,"html_url":"https://github.com/localsix/catmalware-education","commit_stats":null,"previous_names":["localsix/catmalware-education"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/localsix%2Fcatmalware-education","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/localsix%2Fcatmalware-education/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/localsix%2Fcatmalware-education/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/localsix%2Fcatmalware-education/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/localsix","download_url":"https://codeload.github.com/localsix/catmalware-education/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248530021,"owners_count":21119582,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cpp","malware","trojan","windows"],"created_at":"2025-04-08T05:51:41.351Z","updated_at":"2025-04-12T06:33:42.001Z","avatar_url":"https://github.com/localsix.png","language":"C++","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Catmalware Education\n\n## ⚠️ WARNING ⚠️\n\n**THIS CODE IS EXTREMELY DANGEROUS AND DESTRUCTIVE. IT IS DESIGNED TO DAMAGE YOUR COMPUTER SYSTEM AND MAKE IT UNBOOTABLE.**\n\n**DO NOT RUN THIS CODE ON ANY SYSTEM YOU CARE ABOUT. IT ATTEMPTS TO:**\n- Delete the Master Boot Record (MBR)\n- Remove the bootloader\n- Delete critical Windows system files\n- Force a system restart that will likely result in an unbootable system\n\nThis code is being shared for **EDUCATIONAL PURPOSES ONLY** to understand destructive malware techniques. Running this code will almost certainly result in complete data loss and system damage.\n\n## Overview\n\nCatmalware is a Windows GDI (Graphics Device Interface) manipulation program that combines visual/audio effects with destructive system operations. It demonstrates techniques used by malware to create disruptive visual effects while simultaneously damaging critical system components.\n\n## Technical Details\n\n### Visual \u0026 Audio Effects\n\nThe program creates multiple threads to generate various graphical and audio effects:\n\n* Random colored circles, ellipses, lines, and rectangles across the screen\n* Screen content manipulation using BitBlt, StretchBlt, and PlgBlt operations\n* Text overlay displaying \"Localsix66!!!\" in random screen locations\n* Random cursor drawing across the screen\n* Algorithmic sound generation using Windows audio APIs\n* Random beep sounds at various frequencies\n\n### System Damage Functions\n\nThe program contains several highly destructive functions:\n\n* `deleteMBR()` - Attempts to erase the Master Boot Record\n* `deleteWinSxS()` - Attempts to delete the critical Windows WinSxS directory\n* `removeBootloader()` - Attempts to corrupt the Windows bootloader\n\n## Code Structure\n\nThe code uses a multi-threaded approach:\n1. Creates 29 separate threads for different visual and audio effects\n2. After running the effects, executes the destructive functions\n3. Forces a system restart, which will likely fail due to the damaged boot components\n\nKey technologies used:\n- Windows GDI for screen manipulation\n- Windows multimedia API for sound generation\n- Low-level disk access for MBR manipulation\n- Windows system commands for bootloader corruption\n\n## Educational Value\n\nThis code demonstrates:\n1. How malware can combine visual payloads with destructive functions\n2. GDI manipulation techniques for screen effects\n3. Multi-threaded programming in a Windows environment\n4. System critical components targeted by destructive malware\n\n## Ethical Notice\n\nThis code should be studied in a secure, isolated environment like a virtual machine intended for malware analysis. The author does not condone using this code for malicious purposes. Creating or distributing malware is illegal in most jurisdictions and unethical in all circumstances.\n\n## Safe Analysis Alternatives\n\nInstead of running this code, consider:\n- Reviewing the code in a text editor to understand its techniques\n- Removing the destructive functions before testing any visual components\n- Using a dedicated malware analysis virtual machine with no network connection\n- Taking screenshots of the code for documentation\n\n## License\n\nThis code is shared under strict academic and research-only purposes. No permission is granted for execution, modification for malicious purposes, or distribution as functional malware.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flocalsix%2Fcatmalware-education","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Flocalsix%2Fcatmalware-education","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flocalsix%2Fcatmalware-education/lists"}