-
-
[转帖]Mapping potential usage of Virtual Machine Environment (VME) detection
-
发表于:
2020-12-2 06:42
1488
-
[转帖]Mapping potential usage of Virtual Machine Environment (VME) detection
Mapping potential usage of Virtual Machine Environment (VME) detection
To evade detection and analysis by security researchers, malware may check if it is running under a virtualized environment such as virtual machine in VirtualBox and VMWare. If these checks indicate that it is being run in a VM, the malware will simply not run, and in some cases, delete itself to prevent analysis.
A common approach to analyse potentially malicious software is dynamic analysis. The binary is executed in an analysis environment, usually a Virtual Machine (VM), and its behaviour in the system is inspected.
https://debugactiveprocess.medium.com/mapping-possible-functions-to-identify-virtual-machine-environent-vme-25a02be96dc4
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课
