![]() Software packing is a method of compressing or encrypting an executable.Īdversaries may attempt to get a listing of security software, configurations, defensive tools, and sensors that are installed on the system. Possibly tries to implement anti-virtualization techniques Installs hooks/patches the running processĪdversaries may check for the presence of a virtual machine environment (VME) or sandbox to avoid potential detection of tools and activities. ![]() ![]() Windows processes often leverage application programming interface (API) functions to perform tasks that require reusable system resources. Windows Management Instrumentation (WMI) is a Windows administration feature that provides a uniform environment for local and remote access to Windows system components.įound a reference to a WMI query string known to be used for VM detection
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |