6 ENUMERATING HARDWARE AND NETWORK CONFIGURATIONS
Hardware information, such as CPU speed and RAM allotment, and networking configurations, such as the MAC and IP addresses of the host’s network interfaces, can indicate to malware that it’s operating in a lab environment. Additionally, malware can use these pieces of information to establish context within its operating environment. In this chapter, we’ll discuss the techniques that malware might use to gather this information and evade detection.
Hardware and Device Configurations
System hardware configurations can provide valuable information to a malware sample that it can use to determine ...
Get Evasive Malware now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
