Anti Sandbox and Anti Virtual Machine Tool

The project is maked for malware researcher.

cuckoo_detection.exe should be run in your Virtual Machine. If any Virtual track is found, it will be shown and also .txt file will be created in your Virtual Machine like "Virtual track name.txt".

When the tool is run in Cuckoo Sandbox, result is shown below; (7 April 2016) (Link : https://malwr.com/analysis/OWZmMWYzNmJkNDM3NGExMWFjODY2MGE2OWZmZjQzZjE/)

Example of VMware result is shown below;

Example of virtualbox result is shown below;

VirtualBox Detection

• Files
• Regedit
• Folder
• Services
• Mac
• Bios
• Window

VMWare Detection

• Files
• Folder
• Regedit
• Services
• Mac
• Bios
• Window
• Magic
• Memory
• Version
• IDTR, LDTR, TR, SMSW, I/O Port

QEMU Detection

• Regedit
• Bios
• CPU

Cuckoo Sandbox Detection

• Files
• Folder
• Port
• Hooked Function
• Core Number
• Pipe
• Modules

Some Sandboxes Detection

Anubis , Thread Expert , Cuckoo , Sandboxie , CWSandbox

• Computer Name
• Core Number
• Modules
• Check internet
• Disk spaces
• Files

Analysis Tools Detection

• Immunity Debugger
• Ollydbg
• Ida Pro
• Regshot
• Fiddler
• Wireshark
• Process Monitor
• Process Hacker
• Process Explorer