Search Evasion Techniques
Names, Techniques, Definitions, Keywords
3 item(s) found so far for this keyword.
Virtualization/Sandbox Evasion: Time Based Evasion Defense Evasion [Mitre]
Adversaries may employ various time-based methods to detect and avoid virtualization and analysis environments. This may include enumerating time-based properties, such as uptime or the system clock, as well as the use of timers or other triggers to avoid a virtual machine environment (VME) or sandbox, specifically those that are automated or only operate for a limited amount of time. …
System Binary Proxy Execution: Control Panel Defense Evasion [Mitre]
Adversaries may abuse control.exe to proxy execution of malicious payloads. The Windows Control Panel process binary (control.exe) handles execution of Control Panel items, which are utilities that allow users to view and adjust computer settings.
Control Panel items are registered executable (.exe) or Control Panel (.cpl) files, the latter are actually renamed dynamic-link library (.dll) files that export a CPlApplet …
Constant Blinding Data Obfuscation
Constant blinding can be employed by malware authors to obfuscate their malicious code, making it harder for security researchers and antivirus software to detect and analyze the malware. By using constant blinding techniques, the malware code can be concealed, increasing its chances of evading detection and maintaining persistence on the target system.
Here's how constant blinding can be utilized in …