Tag: check point
-
VB2016 paper: Defeating sandbox evasion: how to increase successful emulation rate in your virtualized environment
In order to analyse a potentially malicious binary, an important first step is to run it in a specialised virtual environment, or sandbox environment, and see what it does – if it exhibits some known malicious behaviour, it is probably worth blocking it. However, malware authors are wise to this analysis technique, and most pieces…