Bypass Antivirus Dynamic Analysis

Usr6 · August 28, 2014

http://dl.packetstormsecurity.net/papers/virus/BypassAVDynamics.pdf

"In this first example, we just allocate and fill 100 Mega Bytes of memory. This is enough to discourage any emulation AV out there."

"Attempt to access Web domains which does not exist. In the real world, it fails. In an AV, it will work since the AV will use its own simulated page." etc. :))

merita citit, 21 pagini.

Ganav · August 28, 2014

Inca un exemplu era sa faci un

sleep(200);

la inceputul aplicatiei. Astfel AV-ul opreste programul dupa un interval mai scurt de timp.

Nytro · August 28, 2014

Super. Banale dar eficiente.

Sign In

Bypass Antivirus Dynamic Analysis

Recommended Posts

Usr6

Ganav

Nytro

Join the conversation

Browse

Activity

Pages