(C++) Hiding Mechanisms by Thomas Roccia

Created the Tuesday 13 December 2022. Updated 1 year, 4 months ago.


The code uses the Windows API to open a registry key and create a new value within that key. The value is set to a binary data type, which could be used to store the malware itself. This code would need to be compiled and executed on a system to hide the malware in the registry.


            #include <Windows.h>

int main()
  // Open the registry key where the malware will be hidden
  HKEY hKey;
  RegOpenKeyEx(HKEY_LOCAL_MACHINE, "SOFTWARE\\MyMalware", 0, KEY_WRITE, &hKey);
  // Create a new value in the registry key to store the malware
  DWORD dwValue = 1;
  RegSetValueEx(hKey, "HiddenValue", 0, REG_DWORD, (LPBYTE)&dwValue, sizeof(dwValue));
  // Close the registry key
  // Return success
  return 0;