There are 5 repositories under sandbox-evasion topic.
Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
Evasions encyclopedia gathers methods used by malware to evade detection when run in virtualized environment. Methods are grouped into categories for ease of searching and understanding. Also provided are code samples, signature recommendations and countermeasures within each category for the described techniques.
Sandbox evasion code snippets developped in Golang
I completely russified and modified njrat and added an interface I am not criminally responsible for what you do with my program
Sandbox/Heuristic PowerShell Bypass
The RDP-Stealer is C++ malware that targets Remote Desktop Protocol (RDP) processes. It acts as a keystroke logger, capturing credentials provided by users in RDP and sending back encrypted data to a C2 server.