Giters

Print3M / Anti-VM

Windows-based implementation of several anti-vm techniques used in malware development.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

anti-vmcppmalware-developmentwinapianti-virtualization

Anti-VM techniques

Basic implementation of several anti-vm techniques (Windows) for educational purpose. They rely on checking different parts of OS and hardware to find out if the script is running in a VM.

Implemented techniques

  • CPU hypervisor bit (CPUID)
  • CPU id string (CPUID)
  • CPU brand string (CPUID)
  • BIOS manufacturer string
  • BIOS version string
  • Screen resolution
  • Amount of physical memory
  • Number of CPU cores
  • Amount of disk space

To be implemented

  • Global Descriptor Table location
  • Local Descriptor Table location
  • Interrupt Descriptor Table location
  • ACPI VM-based string checks
  • VM-based hostnames and usernames
  • VM-based MAC addresses

About

Windows-based implementation of several anti-vm techniques used in malware development.

anti-vmcppmalware-developmentwinapianti-virtualization

Languages

Language:C++ 100.0%