Update README.md

2016-09-29 08:37:01 -04:00 · 2016-09-29 08:37:01 -04:00 · 5e7405e97e
parent 9a4694f373
commit 5e7405e97e
1 changed files with 14 additions and 1 deletions
--- a/README.md
+++ b/README.md
@ -35,10 +35,23 @@ Example of a macro config file.
 }
 ```

-#Evasion technique
+#Evasion techniques
+
+###### Domain check

 The macro is fetching the USERDOMAIN environment variable and compare the value with a predefined one. If they match the final payload is executed.

+###### Disk check
+
+The macro is looking for the total disk space. VMs and test machines use small disk most of the time. 
+
+###### Memory check
+
+The macro is looking for the total memory size. Vms and test machine use less resources.
+
+######  Uptime check
+
+The macro is looking for the system uptime. Sandboxes will return a short uptime.
 The python script will also generate obfuscated code to avoid heuristic detection