From 0053814426ab0692f4d63fa4a1f9124371058d03 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?A=C3=A9na=20Aria?= <aena.aria@posteo.net>
Date: Thu, 26 Feb 2026 12:12:29 +0100
Subject: [PATCH] added antidebug with is_debugger_present

---
 Malware/Malware/Malware.cpp | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

diff --git a/Malware/Malware/Malware.cpp b/Malware/Malware/Malware.cpp
index 2b23c8c..07eec74 100644
--- a/Malware/Malware/Malware.cpp
+++ b/Malware/Malware/Malware.cpp
@@ -477,6 +477,14 @@ bool verif_checksum_prog(){
     return memcmp(hash, compareto, 32) == 0;
 }
 
+bool verify_debuggers(){
+    int res = false;
+    #ifdef _WIN32
+    CheckRemoteDebuggerPresent(GetCurrentProcess(), &res);
+    #endif
+    return res;
+}
+
 
 int main(int argc, char *argv[]) {
     if (((uint64_t)argc * argc + 1) == 0) return 0xDEAD;
@@ -489,8 +497,15 @@ int main(int argc, char *argv[]) {
     unsigned char h1[32], h2[32], h_leurre[32];
     uint64_t mask = 0;
 
+    bool valid = true;
     // TODO: UNCOMMENT THIS BEFORE SENDING AND VERIFY CHECKSUM!!!!!!!!!!!!!!!!!!!!!!!!!!
-    // bool valid = verif_checksum_prog();
+    // valid = verif_checksum_prog();
+    // if(!valid){
+    //     fake_exit(argv[1]);
+    // }
+
+    // bool debug = verify_debuggers();
+    // valid = valid && !debug;
     // if(!valid){
     //     fake_exit(argv[1]);
     // }