GitHub - LordNoteworthy/al-khaser: Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
![Joe Security on Twitter: "[Evasion] #VBA #Macro #Droppers include more and more Anti-VM and Anti-Sandbox tricks: ▷ WMI Win32_Process name and count checks ▷ AppGetNames name checks ▷ WMI Win32_Bios / ComputerSystem Joe Security on Twitter: "[Evasion] #VBA #Macro #Droppers include more and more Anti-VM and Anti-Sandbox tricks: ▷ WMI Win32_Process name and count checks ▷ AppGetNames name checks ▷ WMI Win32_Bios / ComputerSystem](https://pbs.twimg.com/media/DsX3POaWkAEOESH.jpg)
Joe Security on Twitter: "[Evasion] #VBA #Macro #Droppers include more and more Anti-VM and Anti-Sandbox tricks: ▷ WMI Win32_Process name and count checks ▷ AppGetNames name checks ▷ WMI Win32_Bios / ComputerSystem
![Marcelo Rivero on Twitter: "#Locky #Ransomware affilID: 5 with anti-VM trick. When you close the Word document, AutoClose function starts Powershell -URl /admin.php?f=1 https://t.co/NogZxiofo4" / Twitter Marcelo Rivero on Twitter: "#Locky #Ransomware affilID: 5 with anti-VM trick. When you close the Word document, AutoClose function starts Powershell -URl /admin.php?f=1 https://t.co/NogZxiofo4" / Twitter](https://pbs.twimg.com/media/DIiHOkBVwAEO_41.png:large)