Usr6 Posted August 28, 2014 Report Share Posted August 28, 2014 http://dl.packetstormsecurity.net/papers/virus/BypassAVDynamics.pdf"In this first example, we just allocate and fill 100 Mega Bytes of memory. This is enough to discourage any emulation AV out there.""Attempt to access Web domains which does not exist. In the real world, it fails. In an AV, it will work since the AV will use its own simulated page." etc. merita citit, 21 pagini. 2 Quote Link to comment Share on other sites More sharing options...
Ganav Posted August 28, 2014 Report Share Posted August 28, 2014 Inca un exemplu era sa faci un sleep(200);la inceputul aplicatiei. Astfel AV-ul opreste programul dupa un interval mai scurt de timp. Quote Link to comment Share on other sites More sharing options...
Nytro Posted August 28, 2014 Report Share Posted August 28, 2014 Super. Banale dar eficiente. Quote Link to comment Share on other sites More sharing options...
