Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/Print3M/Anti-VM
Windows-based implementation of several anti-vm techniques used in malware development.
https://github.com/Print3M/Anti-VM
anti-virtualization anti-vm cpp malware-development winapi
Last synced: 3 days ago
JSON representation
Windows-based implementation of several anti-vm techniques used in malware development.
- Host: GitHub
- URL: https://github.com/Print3M/Anti-VM
- Owner: Print3M
- Created: 2023-09-15T20:07:48.000Z (over 1 year ago)
- Default Branch: main
- Last Pushed: 2023-09-15T20:09:18.000Z (over 1 year ago)
- Last Synced: 2025-02-02T05:41:16.110Z (13 days ago)
- Topics: anti-virtualization, anti-vm, cpp, malware-development, winapi
- Language: C++
- Homepage:
- Size: 4.88 KB
- Stars: 6
- Watchers: 1
- Forks: 1
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- awesome-anti-virtualization - Anti-VM - based implementation of several anti-vm techniques used in malware development. (:wrench: Tools / Media)
README
# Anti-VM techniques
Basic implementation of several anti-vm techniques (Windows) for educational purpose. They rely on checking different parts of OS and hardware to find out if the script is running in a VM.
## Implemented techniques
- [x] CPU hypervisor bit (CPUID)
- [x] CPU id string (CPUID)
- [x] CPU brand string (CPUID)
- [x] BIOS manufacturer string
- [X] BIOS version string
- [x] Screen resolution
- [x] Amount of physical memory
- [x] Number of CPU cores
- [x] Amount of disk space
## To be implemented
- [ ] Global Descriptor Table location
- [ ] Local Descriptor Table location
- [ ] Interrupt Descriptor Table location
- [ ] ACPI VM-based string checks
- [ ] VM-based hostnames and usernames
- [ ] VM-based MAC addresses