Virtual Machine Detection

0001-01-01

Virtual Machine Detection techniques are a class of anti-analysis techniques used by malware that detect if it is being run within a Virtual Machine.

Analysts and sandboxes tend to analyze samples within virtual machines to prevent causing harm to their workstations. If malware determines that it is being run under a virtual machine, it can take evasive actions, making analysis more difficult.


Links to this note