View Single Post
  #1  
Old 03-18-2015, 20:47
Insid3Code's Avatar
Insid3Code Insid3Code is offline
Family
 
Join Date: May 2013
Location: Algeria
Posts: 80
Rept. Given: 45
Rept. Rcvd 60 Times in 30 Posts
Thanks Given: 23
Thanks Rcvd at 100 Times in 53 Posts
Insid3Code Reputation: 60
[C/C++ ] VMDE (kernelmode.info)

Virtual Machines Detection Enhanced from kernelmode.info
Yes, as you've already noticed! I appreciate all projects coded by EP_X0FF

Quote:
VMDE source adapted to 2015 and posted on github. Do not consider it as fully functional vm detector, as it was a part of our with rinn work later used to develop VBox andtidetection patch.
Quote:
System Requirements
Windows XP/Vista/7/8/8.1/10, no admin rights required.

Build
VMDE comes with full source code. In order to build from source you need Microsoft Visual Studio 2013 U4 and later versions.

Authors
(c) 2013 - 2015 VMDE Project
Quote:
For more info see hxxp://www.heise.de/security/artikel/VM-Erkennung-in-Malware-2131459.html, local copy of vmde.pdf can be found in Output directory.
PHP Code:
https://github.com/hfiref0x/VMDE 
__________________
Computer Forensics
Reply With Quote
The Following User Gave Reputation+1 to Insid3Code For This Useful Post:
TQN (03-20-2015)
The Following 2 Users Say Thank You to Insid3Code For This Useful Post:
΢Цһ (05-23-2015), nimaarek (09-11-2017)