Search Evasion Techniques
Names, Techniques, Definitions, Keywords
Search Result
4 item(s) found so far for this keyword.
User Interaction (Are you human?) Sandbox Evasion
You can get an advantage against sandboxes by using user interaction techniques. For example, The average user has a username and password and as long as the user you are targeting does not enter their password correctly, you can prevent your malware execution and bypass the possible sandbox control.
COM Hijacking Process Manipulating
COM hijacking is a technique used by adversaries to insert malicious code into the Windows operating system through the Microsoft Component Object Model (COM).
COM is a system that allows software components to interact with each other, and adversaries can abuse this system to execute their own code in place of legitimate software. To achieve this, they alter references …
Virtualization/Sandbox Evasion: User Activity Based Checks Defense Evasion [Mitre]
Adversaries may employ various user activity checks to detect and avoid virtualization and analysis environments. This may include changing behaviors based on the results of checks for the presence of artifacts indicative of a virtual machine environment (VME) or sandbox. If the adversary detects a VME, they may alter their malware to disengage from the victim or conceal the core …
BlockInput Others
As per Microsoft's documentation, BlockInput function "prevents keyboard and mouse input events from reaching applications," effectively restricting user interaction with the system.
Malware occasionally employs this tactic to hinder analysis by debuggers or other analysis tools throughout the process' runtime. To deactivate the block, the program must make a live call to BlockInput with the parameter 0. Windows automatically …