Update README.md

patch-1
Mr-Un1k0d3r 2016-09-29 08:37:01 -04:00 committed by GitHub
parent 9a4694f373
commit 5e7405e97e
1 changed files with 14 additions and 1 deletions

View File

@ -35,10 +35,23 @@ Example of a macro config file.
} }
``` ```
#Evasion technique #Evasion techniques
###### Domain check
The macro is fetching the USERDOMAIN environment variable and compare the value with a predefined one. If they match the final payload is executed. The macro is fetching the USERDOMAIN environment variable and compare the value with a predefined one. If they match the final payload is executed.
###### Disk check
The macro is looking for the total disk space. VMs and test machines use small disk most of the time.
###### Memory check
The macro is looking for the total memory size. Vms and test machine use less resources.
###### Uptime check
The macro is looking for the system uptime. Sandboxes will return a short uptime.
The python script will also generate obfuscated code to avoid heuristic detection The python script will also generate obfuscated code to avoid heuristic detection