mirror of https://github.com/a0rtega/pafish synced 2024-11-21 22:01:56 +03:00

Go to file

Alberto bdcdfc5678 Added LICENSE.txt		2013-03-23 18:03:28 +01:00
pafish	Submitted v024 (signed executable)	2013-02-23 22:18:28 +01:00
screenshots	Added v02 screenshots	2012-10-28 19:06:09 +01:00
CHANGELOG	Submitted v024 (signed executable)	2013-02-23 22:18:28 +01:00
LICENSE.txt	Added LICENSE.txt	2013-03-23 18:03:28 +01:00
pafish.exe	Submitted v024 (signed executable)	2013-02-23 22:18:28 +01:00
README.md	Added bitcoin wallet	2013-03-18 18:48:22 +01:00

README.md

Pafish

(Paranoid Fish)

Pafish is a demo tool that performs some anti(debugger/VM/sandbox) tricks. Most of them are often used by malware to avoid debugging and dynamic analysis.

The project is open source, you can read the code of all anti-analysis checks. You can also download the compiled executable (or compile it by yourself) and reverse engineer it, which is quite recommended.

Scope

Note that the aim of the project is not to implement complex VM detections.

The objective of this project is to collect usual tricks seen in malware samples. This allows us to study it, and test if our analysis environments are properly implemented.

Example of execution (v02).

Executable certificate

All releases from v024 will be shipped signed by the original development team. Consider everything without our certificate as unofficial, you can check it against the certificates present in the binaries from this repository.

Build

Pafish is written in C and developed with wxDev-C++.

Author

Alberto Ortega (@a0rtega - profile) - alberto[at]pentbox.net

Contributions

Bitcoins are really appreciated: 1DeSQzrEuQLUDjD25CX6yrchVuQnArWTeN

Feel free to send me malware samples or more tricks to add. GPG ID: 6A06CF5A