Skip to content
/ sems Public
forked from AlicanAkyol/sems

Virtualbox, VirtualMachine, Cuckoo, Anubis, ThreatExpert, Sandboxie, QEMU, Analysis Tools Detection Tools

7 stars 131 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

GlacierW/sems

BranchesTags
 
 

Repository files navigation

Anti Sandbox and Anti Virtual Machine Tool

The project is maked for malware researcher.

cuckoo_detection.exe should be run in your Virtual Machine. If any Virtual track is found, it will be shown and also .txt file will be created in your Virtual Machine like "Virtual track name.txt".

When the tool is run in Cuckoo Sandbox, result is shown below; (7 April 2016) (Link : https://malwr.com/analysis/OWZmMWYzNmJkNDM3NGExMWFjODY2MGE2OWZmZjQzZjE/)

alt tag

Example of VMware result is shown below; alt tag

Example of virtualbox result is shown below; alt tag

VirtualBox Detection

  • Files
  • Regedit
  • Folder
  • Services
  • Mac
  • Bios
  • Window

VMWare Detection

  • Files
  • Folder
  • Regedit
  • Services
  • Mac
  • Bios
  • Window
  • Magic
  • Memory
  • Version
  • IDTR, LDTR, TR, SMSW, I/O Port

QEMU Detection

  • Regedit
  • Bios
  • CPU

Cuckoo Sandbox Detection

  • Files
  • Folder
  • Port
  • Hooked Function
  • Core Number
  • Pipe
  • Modules

Some Sandboxes Detection

Anubis , Thread Expert , Cuckoo , Sandboxie , CWSandbox

  • Computer Name
  • Core Number
  • Modules
  • Check internet
  • Disk spaces
  • Files

Analysis Tools Detection

  • Immunity Debugger
  • Ollydbg
  • Ida Pro
  • Regshot
  • Fiddler
  • Wireshark
  • Process Monitor
  • Process Hacker
  • Process Explorer

About

Virtualbox, VirtualMachine, Cuckoo, Anubis, ThreatExpert, Sandboxie, QEMU, Analysis Tools Detection Tools

Resources

Readme
Activity

Stars

7 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • C++ 100.0%