Possibly checks for the presence of an adware detecting tool The input sample contains a known anti-VM trick References security related windows services Possibly tries to implement anti-virtualization techniques Possibly checks for the presence of an Antivirus engine Possibly checks for the presence of a forensics/monitoring tool Queries the internet cache settings (often used to hide footprints in index.dat or internet cache) Queries the display settings of system associated file extensions Reads terminal service related keys (often RDP related)
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |