Skip to content
/ Malcrow Public

A Malware Scarecrow for Windows 10/11 with a user-friendly touch.

License

MIT license
26 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Babyhamsta/Malcrow

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

24 Commits
Malcrow
Malcrow
 
 
.gitattributes
.gitattributes
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
Malcrow.sln
Malcrow.sln
 
 
README.md
README.md
 
 

Repository files navigation

image

Malcrow is a application that creates fake processes and registry keys. It does this in an attempt to prevent certain types of malware from running on your computer. In a sense it mocks an analysis environment which most malware attempts to avoid running in to prevent any reversing of the malware itself. This is why it's concidered a malware scarecrow.

The idea was put together after testing around with another malware scarecrow that I saw. This was the semi famous Cyber Scarecrow (https://www.cyberscarecrow.com/). I like the idea of the software but I didn't like the idea that they weren't open source for a project like this.

The goal of this program is to be a better version of Cyber Scarecrow and to be open source.

What does Malcrow do currently?

Malcrow does the following things currently:

  • Auto creates, shuffles the hash, and runs the fake processes based on what settings you have set (Hash shuffling is to prevent detections from malware)
  • Uses very little CPU/RAM power with the fake processes
  • Monitors all the created background processes and provides CPU/RAM usage on main screen
  • All fake processes close automatically if the main processes gets terminated
  • All fake processes auto delete after closing (if not terminated)
  • Creates registry keys and stores them in a local file so they can be deleted on next launch if process is terminated

Will Malcrow keep me safe?

This is subjective but in a sense yes.. but only from certain malware families. It's a good backup software to have running to help prevent malware from running but by no means does it replace a anti-virus. Nor should you look at Malcrow as an anti-virus.

Will Malcrow affect other software?

Yes, there is a high potential to affect other software depending on what settings you have. Settings such as decompiler/dumping tools could cause software to not run. This is easy to remedy though, simply stop Malcrow, untoggle certain software, and restart Malcrow.

Is Malcrow Malware?

No Malcrow is not malware, Malcrow can often times be picked up by anti-viruses due to the nature of how it acts. The shuffling of hashes (to prevent detection from Malware itself), tracking of it's fake processes, and monitoring of process CPU/RAM can cause false detections which is what Malcrow faces. You are more than welcome to the source code of Malcrow, it is free and available for everyone. You do not have to use my pre-builds provided. Both the main UI source code and fake process source codes are available on this REPO.

About

A Malware Scarecrow for Windows 10/11 with a user-friendly touch.

Topics

analysis sandbox malware cybersecurity malware-analysis malware-research scarecrow anti-sandbox anti-vm sandbox-detection deception-defense

Resources

Readme

License

MIT license
Activity

Stars

26 stars

Watchers

1 watching

Forks

2 forks
Report repository

Releases 1

Initial Release V1.0.0 Latest
Oct 30, 2024

Packages

No packages published

Contributors 2

  •  
  •  

Languages