Quote:
Originally Posted by user1
May I ask to explain a bit more?
|
When you try to analyze a suspicious file (malware), usually you do it in a virtual machine, and in case where the suspicious file uses some tricks to detect your virtual analysis lab, based on its strings or hardware signature, here you need to make a custom configuration or patch some strings/hardware signature to avoid virtual machine detection.
EP_X0FF has made a great job by releasing and sharing (tut and tool with source) VM detection mitigation for (
VirtualBox)