This Java program provides a controlled, safe simulation environment to study common malware activities. It is designed for educational purposes to observe and log typical malicious behaviors without performing any actual harmful actions on the host system.
The simulation covers the following core malware activities:
| Behavior Type | Simulated Action | Description |
|---|---|---|
| File System | Create, Modify, Delete | Logs the creation, modification, and deletion of files in typical malware target locations (e.g., C:\Windows\Temp). No actual files are created, modified, or deleted. |
| Registry | Persistence Mechanism | Logs a virtual attempt to set a Run key in the Windows Registry (HKCU\Software\Microsoft\Windows\CurrentVersion\Run) for persistence. No actual registry changes are made. |
| Network | Command & Control (C2) | Simulates a local C2 server and a beaconing attempt from the "malware" to the C2 server on 127.0.0.1:9999. No external network connections are made. |
| Process | Process Injection | Logs virtual attempts to inject into a small number of running processes (PIDs). No actual process injection occurs. |
- Java Development Kit (JDK) 11 or higher.
- Apache Maven (for building and dependency management).
- Navigate to the project directory:
cd malwaresim - Build the project (this will download the necessary Gson library):
mvn clean install
- Run the simulation:
java -jar target/malwaresim-1.0-SNAPSHOT-jar-with-dependencies.jar
The simulation generates two log files in the project root directory:
simulation_log.txt: A simple, human-readable text file of all logged events.simulation_log.json: A structured JSON file containing all log entries, suitable for automated analysis.
The project successfully meets all defined technical requirements and objectives, providing a safe, logged simulation of the specified malware behaviors. The code has been fixed to ensure proper compilation and execution, and the logging system is robust, providing both text and structured JSON output.