Search the Community
Showing results for tags 'indetectable' or ''.
-
Malware indetectable, with AV bypass techniques, anti-disassembly, etc. GhostShell In this malware, are used some techniques to try bypass the AVs, VMs, and Sandboxes, with only porpuse to learning more. I'm not responsible for your actions. Bypass Techniques Anti-Debugger To try bypass the Debuggers, I'm using the "IsDebuggerPresent()" of "Windows.h" librarie to checks if a debugger is running. Anti-VM / Anti-Sandbox / Anti-AV Enumerate Process Function Enumerates all process running on the system, and compares to the process in the black-list, if found a process and this is equal to any process in the black-list returns -1 (identified). Sleep Acceleration Check Function First, gets the current time, and sleeps 2 minutes, then, gets the time again, and compare, if the difference is less than 2, returns -1 (identified). Mac Address Check Function Gets the system mac address and compare to the macs, in the black-list, if the system mac address is equal to any mac in the black-list returns -1 (identified). [HIDE][Hidden Content]]
-
- 6
-
- ghostshell
- malware
-
(and 5 more)
Tagged with:
-
Buenas, mi pregunta es esa, como dejar indetectable un crypter, he mirado videos que son reviejos, y no sabría si todavía funcionan el Avfucker, Dsplit, rit, hexing etc... o que me recomiendan?