Search For Content
Search Result
4 item(s) found so far for this keyword.
Checking Screen Resolution
Sandbox environments typically do not function as standard user workspaces; as a result, they often maintain a minimum screen resolution of 800x600 or even lower. In practice, users seldom work with such limited screen dimensions. Malware may leverage this information, detecting the screen resolution to ascertain whether it is operating on a genuine user machine or within a sandbox environment.
Read moreChecking Hard Drive Size
Many user machines have hard drives that are larger than 80GB. A malware program can detect whether it is running in a virtual environment by checking the size of the hard drive. If the size is less than 80GB, it is likely that the program is running in a sandbox or virtual environment.
Read moreChecking Recent Office Files
Another way to detect if the malware is running in a real user machine is to check if some recent Office files was opened.
Read moreChecking Memory Size
Most modern user machines have at least 4GB of memory. Malware programs can detect whether they are running in a sandbox environment by checking the available memory size. If the available memory size is less than 4GB, it is likely that the program is running in a sandbox.
Read more