• Home
  • Search
  • Map
  • Scan
  • Resources
    • Technique List
    • Snippet List
    • Detection Rule List
    • Featured Evasion API List
    • Contributors
    • Scanned Samples
  • Tools
  • About
  • API
    • Unprotect API
    • API Documentation
  • Avatar Login

Search Evasion Techniques

Names, Techniques, Definitions, Keywords

Clear

Search Result

12 item(s) found so far for this keyword.

Detecting Virtual Environment Artefacts Sandbox Evasion

Malware often checks for artifacts left by virtualization platforms to determine if it is running inside a virtual environment. Detecting such artifacts allows the malware to adapt its behavior, delay execution, or avoid exposing malicious functionality during analysis.

  • QEMU: QEMU registers artifacts in the Windows registry. For example, the key HARDWARE\DEVICEMAP\Scsi\Scsi Port 0\Scsi Bus 0\Target Id 0\Logical …

Checking Installed Software Sandbox Evasion

By detecting the presence of certain software and tools commonly used in sandbox environments, such as Python interpreters, tracing utilities, debugging tools, and virtual machine software like VMware, it is possible to infer the existence of a sandbox.

This inference is based on the premise that such tools are often found in sandbox setups used for dynamic malware analysis …

  • 1
  • 2

The #UnprotectProject is brought to you by 🇫🇷 DarkCoderSc and 🇫🇷 fr0gger_

Terms And Conditions | Cookie Policy | Cookies preferences | GDPR

Contribute Now