discord-malware-detector's Introduction

Discord Malware Detector 🚙

make discord skidz angry

DMD is a program that reads the content of a given file and looks for common things that are found in token stealers.

Features

decodes base64 strings
looks for malicious regexps
looks for suspicious words
looks for webhooks URL
looks for pastebin.com links

Create your own grabber

Grabbers are stored in /grabbers/. To create your own, just create a file (ex: my_grabber.py). Then just copy this template:

import re
from typing import List, Tuple

from core.abc import Grabber

class My_Grabber(Grabber):
    def __init__(self, content: str) -> None:
        super().__init__(content)

    def analyse(self) -> Tuple[str, bool]:
        self.regex = re.compile(
            r'()', # your regular expression here, do not forget the ( ) 
            re.IGNORECASE
        )

        return (
            'Grabber name', 
            self._analyse(self.regex) # self._alalys() is a bool value, so you can use other ways (checksums, 'string' if self.content etc.)
        )

for sure in main.py you need to import your matcher with from grabbers.my_grabber import MyGrabber then add it to the matchers list:

grabbers = (
    ...,
    MyGrabber
)

Create your own matcher

Matchers are stored in /matchers/. To create your own, just create a file (ex: my_matcher.py). Then just copy this template:

import re
from typing import List, Tuple

from core.abc import Matcher

class MyMatcher(Matcher):
    def __init__(self, content: str) -> None:
        super().__init__(content)

    def find(self) -> List[Tuple[int, str, str]]:
        self.regex = re.compile(
            r'()', # your regular expression here, do not forget the ( ) 
            re.IGNORECASE
        )
        
        return self._find(
            regex=self.regex,
            type='' # result type (ex: discord webhook?, suspect word? etc, can be whatever you want)
        )

for sure in main.py you need to import your matcher with from modules.my_module import MyMatcher then add it to the matchers list:

matchers = (
    ...,
    MyMatcher
)

s/o to...

Vichy for the idea
sql for the new webhook regex.

discord-malware-detector's People

Contributors

Stargazers

Watchers

discord-malware-detector's Issues

destory_v4.exe

is that a spammer or something lol i didnt run itjsut asking

I know that this project wasn't supposed to be anything advanced, but with some little tweaks it could detect any stupid grabber that is based on reading *.ldb and *.log files (which is a majority).

For example, by using NTAPI it's possible to get all process' handles and look for disk file handles that are discord's *.ldb or *.log files. With python it can be too slow to check every unknown process, but as a "single focus detection mechanism" this method should work great. That's true that the malware needs to be ran, but with disabled network and VM it shouldn't be an issue.

I guess that could be easily done with psutil module, but I am not a Python programmer.

import psutil

TARGET = "shittygrabber.exe"

for proc in psutil.process_iter():
    if proc.name() == TARGET:
        print(proc.open_files())

Recommend Projects

traumatism / discord-malware-detector Goto Github PK

discord-malware-detector's Introduction

Discord Malware Detector 🚙

make discord skidz angry

Features

Create your own grabber

Create your own matcher

s/o to...

discord-malware-detector's People

Contributors

Stargazers

Watchers

Forkers

discord-malware-detector's Issues

destory_v4.exe

Upgrade possibility

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent