ioc[.]one - OSINT Cyber Threat Intelligence Database

Anti VM Tricks | Malware VM Detection Techniques

Tags

country:	United States Of America
attack-pattern:	Data Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Powershell - T1086

Show in Graph

Common Information

Type	Value
UUID	5ed64b19-2502-406e-bcd8-500054c507f8
Fingerprint	ae2d09d98dffa354
Analysis status	DONE
Considered CTI value	1
Text language
Published	Sept. 22, 2016, midnight
Added to db	Jan. 18, 2023, 11:41 p.m.
Last updated	Nov. 18, 2024, 1:38 a.m.
Headline	Anti VM Tricks \| Malware VM Detection Techniques
Title	Anti VM Tricks \| Malware VM Detection Techniques
Detected Hints/Tags/Attributes	41/2/18

Source URLs

	Redirection	Url
Details	Source	https://www.sentinelone.com/blog/anti-vm-tricks/

URL Provider

Details	Provider	Source level domain
Details	sentinelone.com	www.sentinelone.com

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	8		www.maxmind.com
Details	Domain	21		comcast.net
Details	Domain	1		hispeed.ch
Details	Domain	228		system.io
Details	Domain	339		system.net
Details	Domain	1		silkflowersdecordesign.com
Details	Domain	372		wscript.shell
Details	File	29		vbaproject.bin
Details	File	6		activex1.bin
Details	File	15		www.max
Details	File	1209		powershell.exe
Details	File	1		worddata.dat
Details	sha256	1		048fc07fb94a74990d2d2b8e92c099f3f986af185c32d74c857b07f7fcce7f8e
Details	sha256	1		19d884d3b688abf8e284d3bc6a06817096d15592bcd73f85a0e4b79749f2a744
Details	IPv4	12		123.123.123.123
Details	Url	1		https://www.maxmind.com/geoip/v2.1/city/me
Details	Url	1		https://www.maxmind.com/en/locate-my-ip-address
Details	Url	1		http://silkflowersdecordesign.com/admin/worddata.dat