How Malware Detects Virtualized Environment And Its Countermeasures
Refrains to inject code inside applications. Keep malicious code encrypted. Do not connect with C&C servers OR connect with Decoy C&C servers. This article will focus on how malware detects their environment and how these malware actions can be traced. Note: This is specific to detection of VMware environment. Below are the some of the techniques used by malware to detect the virtualized environment? Registry Check: Whenever we spawn a new VM using VMware product, In the guest OS there are many entries related to VMware....