Sandbox detection popularity

How common is it to find Sandbox detection in a malware? Recently, I've tested a pack of malware from malwarebazar in a vm to check how many an antivirus would detect, and I didn't really see many that would "realize" that they were run on a vm and stop. Is it more focused on detecting an analyzing software? From what I've read, checking for vm tools was a popular mechanism not so long ago.

submitted by /u/freir96
[link] [comments]

from hacking: security in practice https://ift.tt/rnubSJ1

Comments