Exetools  

Go Back   Exetools > General > x64 OS
Reload this Page VirtualBox Hardened Loader x64 (kernelmode.info)
Register Forum Rules FAQ Calendar Mark Forums Read

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 03-16-2015, 06:12
Insid3Code's Avatar
Insid3Code Insid3Code is offline
Family
  
Join Date: May 2013
Location: Algeria
Posts: 84
Rept. Given: 47
Rept. Rcvd 60 Times in 30 Posts
Thanks Given: 24
Thanks Rcvd at 108 Times in 56 Posts
Insid3Code Reputation: 60
Quote:
Originally Posted by user1 View Post
May I ask to explain a bit more?
When you try to analyze a suspicious file (malware), usually you do it in a virtual machine, and in case where the suspicious file uses some tricks to detect your virtual analysis lab, based on its strings or hardware signature, here you need to make a custom configuration or patch some strings/hardware signature to avoid virtual machine detection.

EP_X0FF has made a great job by releasing and sharing (tut and tool with source) VM detection mitigation for (VirtualBox)
__________________
Computer Forensics
Reply With Quote
The Following 2 Users Gave Reputation+1 to Insid3Code For This Useful Post:
niculaita (03-23-2015), user1 (03-16-2015)
The Following 3 Users Say Thank You to Insid3Code For This Useful Post:
Indigo (07-19-2019), softgate (04-02-2015), user1 (04-03-2015)
Reply

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Hybrid Mode Hybrid Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
kernelmode.info (The End of Adventure) Insid3Code General Discussion 10 04-01-2018 07:21
DSEFix x64 (kernelmode.info) Insid3Code x64 OS 1 05-15-2017 01:53
[C/C++] UACME (kernelmode.info) Insid3Code Source Code 0 03-29-2015 18:32
[C/C++ ] VMDE (kernelmode.info) Insid3Code Source Code 0 03-18-2015 20:47
WinObjEx64 (kernelmode.info) Insid3Code Community Tools 1 03-02-2015 00:04


All times are GMT +8. The time now is 13:42.

Aaron's homepage - Top

Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( Since 1998 )