Disk Trash Avoid Avenue Exp (DTAAE) is a malware made especially for the Viewer Made Malware series
DTAAE is a malware developed in C# designed to destroy data while bypassing antivirus defenses.
This is a lightweight, fast, and direct piece of malware with no flashy effects or gimmicks β just pure destructive capability.
Tested Platforms:
- Windows 7
- Windows 10
- Compatibility with XP or Windows 11 is unverified, might not work.
DTAAE was tested against 14 antivirus programs, all of which failed to stop it. (Note: Results may vary in the future.)
| Antivirus Name | Virus Won | Virus Lost |
|---|---|---|
| Avast | β | β |
| MalwareBytes | β | β |
| AVG | β | β |
| Nod32 | β | β |
| Kaspersky | β | β |
| Bitdefender | β | β |
| Avira | β | β |
| TotalAV | β | β |
| Panda | β | β |
| Emsisoft | β | β |
| Windows Defender | β | β |
| TrendMicro | β | β |
| Norton | β | β |
| McAfee | β | β |
DTAAEβs attack unfolds in 3 rapid stages, making it extremely difficult to counter or quarantine once detected:
The malware marks itself a Critical Process, making sure that its termination triggers a BSOD (Blue Screen of Death). This mechanism also crashes the system after the destruction is complete.
DTAAE denies access to the C: drive for all processes (excluding itself). Since DTAAE doesnβt directly access files and C: is merely a partition, this step ensures antivirus tools are crippled.
The malware clears the first 5 MB of the disk, effectively destroying the MBR (Master Boot Record) or GPT (GUID Partition Table). In some cases, parts of a partition may also be deleted.
Note: This destruction is difficult to recover from, unlike tools like MEMZ that utilize Windows installer ISOs for recovery. However, there is a concern of GPT Backup Headers which are located at the end of the disk which store the GPT headers as a backup.
All three stages are executed within seconds, leaving minimal time for counteraction.
β οΈ WARNING: DTAAE is highly dangerous. For this reason, it will only be distributed to verified creators in the Viewer Made Malware series.
- Download the ZIP file from this repository.
- Extract the ZIP using the key provided via email or Discord by the developer.
- A second ZIP file will appear; its password can be found in the comments section of the file under
paasuwoodo.Tip: Use WinRAR to view file comments.
- Extract the final ZIP on a virtual machine (VM) without internet access to prevent unintended distribution.
- Generally, try to avoid all public sandboxes like Any.Run, Intezer Analyzer, or VirusTotal.
- Make sure your VM has .NET Framework 3.5 installed.
- Check this via βTurn Windows Features On or Offβ on your VM.
- Before running DTAAE, create a file named
GabeIsCute.X3on the C: drive of your VM.- This prevents accidental execution of the malware.
- You're ready! Have fun experimenting responsibly! π
If you find DTAAE being distributed without my permission, please report it immediately via the Issues page.
Made by Gabolate (Gabe) β:3 | 2024.