![]() Checks the presence of disk drives in the registry, possibly for anti-virtualization.Checks the version of Bios, possibly for anti-virtualization.Attempts to identify installed AV products by installation directory.Attempts to identify installed analysis tools by registry key.Stores JavaScript or a script command in the registry, likely for persistence or configuration.Installs itself for autorun at Windows startup.Creates a registry key or value with NUL characters to avoid detection with regedit.Creates or sets a registry key to a long series of bytes, possibly to store a binary or malware config. ![]() A process attempted to delay the analysis task by a long amount of time.Detects SunBelt Sandbox through the presence of a library.Detects Sandboxie through the presence of a library.Detects VirtualBox through the presence of a library.Executed a process and injected code into it, probably while unpacking. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |