Search Evasion Techniques
Names, Techniques, Definitions, Keywords
Search Result
2 item(s) found so far for this keyword.
System Binary Proxy Execution: Control Panel Defense Evasion [Mitre]
Adversaries may abuse control.exe to proxy execution of malicious payloads. The Windows Control Panel process binary (control.exe) handles execution of Control Panel items, which are utilities that allow users to view and adjust computer settings.
Control Panel items are registered executable (.exe) or Control Panel (.cpl) files, the latter are actually renamed dynamic-link library (.dll) files that export a …
Detecting Virtual Environment Files Sandbox Evasion
Some files are created by Virtualbox and VMware on the system.
Malware can check the different folders to find Virtualbox artifacts like VBoxMouse.sys.
Malware can check the different folders to find VMware artifacts like vmmouse.sys, vmhgfs.sys.
Some Files Example
Below is a list of files that can be detected on virtual machines:
- "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\agent.pyw", …