Skip to content

Latest commit

 

History

History
15 lines (12 loc) · 466 Bytes

README.md

File metadata and controls

15 lines (12 loc) · 466 Bytes

Check-Sandbox

Determine if running in malware sandbox by checking various environmental factors. Checks were discovered from probing VirusTotal sandboxes by uploading various payloads that gathers information and uploads it to a 3rd party file host. It works on VT for now, but that can change as sandboxes evolve. However, I may add new detections in the future.

Checks implemented:

  • honey files
  • netstat
  • process memory
  • disk space

TODO

C# port

C port