Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that malware families do.
The project is free and open source; the code of all the anti-analysis techniques is publicly available. Pafish executables for Windows (x86 32-bit and 64-bit) can be downloaded from the releases page.
The goal of this project is to collect techniques commonly observed in malware samples to evade analysis systems. This allows analysts to study them and test whether the analysis environments are properly implemented.
Pafish is written in C and can be built with Mingw-w64
and make
.
The wiki page "How to build" contains detailed instructions.
Alberto Ortega and many awesome contributors.