How a malware can persist after an OS reset?

Question

Hello everyone, I'm a cybersecurity student and I am very interested in windows malwre for some time, and I dont know anything about that area,I want to create a program (once it is run) that persists after a system reset.I saw that rootkits can do this or by infecting firmware (UEFI / BIOS) but I'm very confused.so how does it work? do I need to exploit some vulnerabilites or it can be done on every computer/every system version? and is too hard to do?if you have any good resources on this or where can I start it would be very appreciated.Thanks for reading me, I hope you will enlighten me a little: p

runjake · Accepted Answer

TL;DR: Read into how others do it until you gain enough knowledge to come up with new methods yourself.
To be honest, I'd start with the Wikipedia articles[1] for the high-level fundamental overview and drill down into the linked technical documents[2] as curiosity takes you.
On many PC systems, you can compile an executable for the UEFI environment, place it onto the UEFI volume by mounting the partiton, and change a file to have it execute on startup.
On more secure systems, you'd utilize a chain of exploits to accomplish compromise.
Also check out security researcher blogs and read CVE reports[3].
1. https://en.wikipedia.org/wiki/Rootkit
2. https://www.trendmicro.com/en_us/research/15/g/hacking-team-...
3. http://cve.mitre.org/

Cheyana · Answer

So you're asking if someone can help you create malware?

markus_zhang · Answer

I remember someone on HN mentioned in a system programming post that his first system programming task is to create something that get persisted in RAM after re-boot. Maybe it's something that you can Google with.