Hi I think looking at leaked source codes from the bigger malware groups is a great way to learn. As a beginner you will leave your comfort zone which might be scary at first but it will teach you many things. First: you will encounter many libraries and apis that you don't understand. The secret is just to search the apis up on google and then work your way like that through the code. I'm a huge fan of deep diving into source codes until I fully understand how it works. It might take a few days or even a few weeks until you really understand a whole source code for a piece of malware. I also recommend learning abit about reversing, since it teaches you how lower level stuff works. In terms of free resources I can recommend OALabs on YouTube and "AGDC Services" on YouTube. When programming your projects don't be afraid to use ChatGPT, all of my friends and me myself use it when we don't know how to implement a certain concept, infact it is estimated that 40% of code pushed onto GitHub in 2023 was AI generated so don't be afraid and learn how to use these tools
and in terms of cryptography and encryption, you don't need to fully understand how Chacha, Salsa or Serpent works. In fact it probably requires atleast 1-2 years of advanced university level maths to understand. Most of the Malware developers don't know much about cryptography themselves, they are just in for the money. Take a look at Conti or Babuk for example, they've both copy-pasted cryptography implementations from university professors into their code. If you want to focus solely on the Development side and you are at the beginning you might want to look into the PE-file structure and look how pe parsing works (Like how Malware authors walk the Export Address table of a DLL and hash the apis for example). Good luck Resources:
- OALabs
- AGDC Services
- https://github.com/corkami/docs/blob/master/PE/PE.md
- https://medium.com/@nebdar/malware-analysis-dridex-and-showcasing-api-hashing-3dd428930670
