<![CDATA[VX Heaven]]> //vxheaven.org/forum/index.php Thu, 22 Jun 2017 00:51:04 +0000 PunBB <![CDATA[[Spanish]How to write Fully Undetectable malware]]> //vxheaven.org/forum/viewtopic.php?id=3770&action=new Okay so someone sent me this seems to be in spanish, anyway the titles says it all

P.S: Anyone knows how to translate this , spanish is my 4th language soo an english version would be nice ^^

Thu, 22 Jun 2017 00:51:04 +0000 //vxheaven.org/forum/viewtopic.php?id=3770&action=new
<![CDATA[Trojan.Skimer]]> //vxheaven.org/forum/viewtopic.php?id=3769&action=new Hi all!
Does anybody have a sample of ATM trojan horse named "Skimer"?

Wed, 14 Jun 2017 13:15:37 +0000 //vxheaven.org/forum/viewtopic.php?id=3769&action=new
<![CDATA[Chasnah Virus]]> //vxheaven.org/forum/viewtopic.php?id=3768&action=new Anyone have chasnah virus?

Sun, 11 Jun 2017 14:29:54 +0000 //vxheaven.org/forum/viewtopic.php?id=3768&action=new
<![CDATA[vxheaven facing technical difficulties ?]]> //vxheaven.org/forum/viewtopic.php?id=3767&action=new So I wanted to ask why the forum goes down many time ? Lack of storage on the server ? and if there anyway someone can help!

Fri, 09 Jun 2017 15:45:52 +0000 //vxheaven.org/forum/viewtopic.php?id=3767&action=new
<![CDATA[Rensenware]]> //vxheaven.org/forum/viewtopic.php?id=3765&action=new So I heard about this new ransomware which makes you play Touhou 2. Does anyone have a sample of this? It's called "Rensenware"

Wed, 03 May 2017 21:02:21 +0000 //vxheaven.org/forum/viewtopic.php?id=3765&action=new
<![CDATA[0/35 FUD Ransomware]]> //vxheaven.org/forum/viewtopic.php?id=3764&action=new Here is the last part of my development video https://www.youtube.com/watch?v=-i3crJOJNbE
i left some parts out (for example the decryption part but its EZ) due the cutting but its understandable if you want to recode it

Fri, 28 Apr 2017 13:23:55 +0000 //vxheaven.org/forum/viewtopic.php?id=3764&action=new
<![CDATA[Talking Virus (Microsoft Sam)]]> //vxheaven.org/forum/viewtopic.php?id=3762&action=new Today, I will show you how the talking virus (I forgot to upload this on April Fools Day)

It talks repeatly until you restart or turn off your PC (Even task manager doesn't stop it even though it doesn't disable it.)

Harm level: Annoying, but harmless

Use this to joke on your friends (NOTE: if u want the source code of it then rename the file to a .txt)

NOTE: The virus only works if its literally named: "talking voice". (Without Quotes)

Heres the File:

Sun, 09 Apr 2017 23:40:21 +0000 //vxheaven.org/forum/viewtopic.php?id=3762&action=new
<![CDATA[Undeleteable Virus (Worm)]]> //vxheaven.org/forum/viewtopic.php?id=3761&action=new Today I created a worm virus thats UNDELETEABLE

Threat Level: Harmless, but harmful if opened (be careful)

Removal level: Possible, but HARD

Hey guys heres a RANDOM virus I made (took me 1-3 months)

What the virus does: Nothing its just undeleteable  its only harmful cause it infects files (only .vbs)


Sun, 09 Apr 2017 23:33:39 +0000 //vxheaven.org/forum/viewtopic.php?id=3761&action=new
<![CDATA[W32/simile]]> //vxheaven.org/forum/viewtopic.php?id=3760&action=new I am trying to study w32/simile, anyone can tell me how to get it? Can it be compiled under windows? Thanks.

Mon, 03 Apr 2017 09:38:47 +0000 //vxheaven.org/forum/viewtopic.php?id=3760&action=new
<![CDATA[NGVCK code section get many 0's]]> //vxheaven.org/forum/viewtopic.php?id=3759&action=new I used the latest version of ngvck 0.45 to generate variants of malware. However, When I use IDA pro to look at the code section of the files generated, there are just a few hex bytes, the rest are all 0's. Is it normal or I did something wrong when generating the malware? Thank you.

Fri, 31 Mar 2017 01:57:26 +0000 //vxheaven.org/forum/viewtopic.php?id=3759&action=new
<![CDATA[After Kaspesky OS.....Cisco OS]]> //vxheaven.org/forum/viewtopic.php?id=3758&action=new Well seems like Cisco are building their own OS too for their routers...

http://www.crn.com/news/networking/3000 … ing-os.htm

"Cisco has built a new network operating system that will allow users to run its most sophisticated networking features on older and lower-cost Cisco routers and switches, according to a report."

BTW I wanted to know according to you guys, why do companies focus now on building OS'es for their Routers/IoT (and stuff like that) I mean is it because botnets (Like Mirai) are having a huge impact on the net? Maybe Worms ? Any thoughts ? .-.

Thu, 30 Mar 2017 20:49:59 +0000 //vxheaven.org/forum/viewtopic.php?id=3758&action=new
<![CDATA[Batter batch virus (infect every directory on computer).]]> //vxheaven.org/forum/viewtopic.php?id=3757&action=new Still have no PC. This is my update virus, its very dangerous so not responsible for damages. Not finished yet but it basically recursively infects files in all directories in an infinite loop. Don't av scan it please, I would like to finish it before it gets detected.
I know converting the batch file into an exe can make it more detectable, ignore that it uses advance bat to exe converter. The final version will be pure batch and could cause a major flaw in windows computers. Not anything as bad as the I love you virus. But I will hopefully add a worm to the code as well.

Things that the virus will do;

Registry start. (The computer will have to restart for the virus to take action)

Creates a vbs file to run itself invisible.

All files created by the virus will be hidden with the "Attrib +s +h" command.

All of the code within the virus runs in an infinite for loop though all the directories from "UserProfile%\Desktop" to "C:\". if ran as admin then the loop will restart at the
desktop directory after the current directory reaches "C:\", and if not ran as admin then the loop will restart after the current directory is equal to " C:\Users".

Note - the admin part of the loop wont work due to the computer having to restart. Don't want the virus
To request for admin each time the PC starts. This will be fixed in the future.

If the payload date is set then the virus will trash thousands of folders infinitely trough every directory
On the computer from the desktop directory to "C:\" if ran as admin, other wise if not admin "C:\Users".

If the payload date is set the virus will constantly make your desktop disappear and reappear to annoy the fuck out of you.

The virus will delete many picture file formats in every directory on the computer.
Note - in the future it will delete all files that don't have the key word " Infected" inside them, a.k.a
Every file expect from the virus and important files that work along with the virus.
For example, the invisible.vbs file that the virus creates.

The virus will infect (overwrite with a copy of itself) every exe file and batch file on the computer that hasn't already been infected.(findstr uses the key word "infected to detect if files are infected or not).

The virus will delete files on the root of flash drives.

That's all for now, enjoy.


Sat, 25 Mar 2017 22:07:34 +0000 //vxheaven.org/forum/viewtopic.php?id=3757&action=new
<![CDATA[GoBot2; Another Go Based Botnet...]]> //vxheaven.org/forum/viewtopic.php?id=3755&action=new Just uploaded to my Github, Getting out of the area.... Here is something to laugh at.


Wed, 15 Mar 2017 19:34:30 +0000 //vxheaven.org/forum/viewtopic.php?id=3755&action=new
<![CDATA[nobody replies to jpanic anymore]]> //vxheaven.org/forum/viewtopic.php?id=3754&action=new Why do you all hate me? I want answers!

Mon, 13 Mar 2017 00:21:14 +0000 //vxheaven.org/forum/viewtopic.php?id=3754&action=new
<![CDATA[Preinstalled Malware in Android Phones]]> //vxheaven.org/forum/viewtopic.php?id=3753&action=new http://blog.checkpoint.com/2017/03/10/p … ile-users/

38 Android devices contained preinstalled malware. They were present on the phones before the customer recieved them. Next time I get a phone, first thing to do is re-flash it.

Sat, 11 Mar 2017 21:38:52 +0000 //vxheaven.org/forum/viewtopic.php?id=3753&action=new