LordNoteworthy/al-khaser
Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
C++GPL-2.0
Issues
- 1
Bug in commit 0c22e74
#266 opened by hadarnir33 - 0
Anti-debugging attacks
#260 opened by Charles2333 - 1
ldt_trick invalid detection method same results on 2 VM and 2 bare-metal (win+linux)
#259 opened by adeliktas - 2
Debugger Detection BUG
#254 opened by YHSanSheng - 0
Anti-VM Fix Issue
#258 opened by FaLC10 - 5
put into malware
#257 opened by mishav78 - 3
Mouse movement
#256 opened by samogost - 1
can embed in golang?
#250 opened by Phuong39 - 0
False positives
#251 opened by thewolfram - 16
Copy of the exe
#187 opened by dashjuvi - 0
Enhancement support request
#249 opened by gotspatel - 1
Ability to run a specific subset of checks
#247 opened by weewoo22 - 4
Is dyncheck.com signature exists?
#242 opened by Miracle-doctor - 1
- 11
- 1
[anti-debug]NtSetInformationThread_ThreadHideFromDebugger uses a wrong parameter when calling NtQueryInformationThread.
#230 opened by co-neco - 0
Anti-Debug: LocalSize(0)
#233 opened by recvfrom - 2
Anti-VM: Hyper-V / Windows Sandbox MAC
#229 opened by recvfrom - 0
Hyper-V RAW network protocol detection
#232 opened by gsuberland - 3
Using PoolTags to Fingerprint Hosts
#231 opened by hfiref0x - 4
New hostnames / usernames checked for by malware
#227 opened by recvfrom - 4
Check this twitter thread
#186 opened by seifreed - 2
Anti-VM: in instruction (VMWare)
#228 opened by recvfrom - 6
[Question] - Anti-Antivirus Checks?
#192 opened by recvfrom - 3
How to obtain exe file of this?
#222 opened by sobuj53 - 1
Anti-VM: smsw
#225 opened by recvfrom - 14
- 3
Anti-VM - VM identifiers in disk enums
#191 opened by recvfrom - 3
Anti-Sandbox Check - Known hostnames / usernames
#189 opened by recvfrom - 1
Anti-Debugging Check - Known Window Names
#193 opened by recvfrom - 2
Anti-VM: XSETBV check
#213 opened by Ynob2000 - 1
LDT false positive
#214 opened by Ynob2000 - 1
Anti-VM: Screen Resolution
#216 opened by Sqeegie - 1
How to compile
#218 opened by hubertyang88 - 1
- 3
- 4
psapi is missing in windows xp
#198 opened by cattrace - 1
GetFileAttributes can‘t find '.sys' files.
#201 opened by elfbin-2 - 1
A mistake in ' check_adapter_name()'
#202 opened by elfbin-2 - 1
Anti vm
#203 opened by bumblebee2511 - 1
The Trap Flag
#180 opened by dererror33 - 2
Anti-Sandbox Check - Known ProductIDs
#190 opened by recvfrom - 6
Anti-Sandbox Check - Known file names
#188 opened by recvfrom - 1
Update Process Debug Object Handle detection trick
#195 opened by gsuberland - 4
hello I can't download
#185 opened by CoderDYK - 4
ScyllaHide
#181 opened by dererror33 - 0
Dreadnought
#178 opened by dererror33 - 1
Propose VMProtect/Oreans VM branch
#175 opened by dererror33 - 4
KUSER_SHARED_DATA time checks
#168 opened by dererror33 - 1
New anti-VM WMI checks
#172 opened by gsuberland