A new sample of TrickBot has been discovered which checks the screen resolution of victim's machines in order to see if the malware is running inside a virtual machine.
In order to protect themselves and their systems when analyzing malware, security researchers often do so in a virtual machine. As a result of this, malware often employs anti-VM techniques to detect whether or not it is running in a virtual machine.
The anti-VM techniques used by malware include looking for particular processes, windows services, machine names and checking network card MAC addresses or CPU features.
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux
A new sample of TrickBot has been discovered which checks the screen resolution of victim's machines in order to see if the malware is running inside a virtual machine.
In order to protect themselves and their systems when analyzing malware, security researchers often do so in a virtual machine. As a result of this, malware often employs anti-VM techniques to detect whether or not it is running in a virtual machine.
The anti-VM techniques used by malware include looking for particular processes, windows services, machine names and checking network card MAC addresses or CPU features.
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux