Professional Documents
Culture Documents
MALWARES
THAT ACTIVATE THEMSELVES ONLY
AFTER TESTING IS COMPLETED, AND
LIVE IMPLEMENTATION IS DONE.
(ALSO KNOWN AS SANDBOX-
EVADING-MALWARES)
www.benchmarksixsigma.com
SANDBOX
www.benchmarksixsigma.com
New feature development, patch
testing, vulnerability detection,
bug fixing, and code
improvements are a few of the
multiple uses of a sandbox.
www.benchmarksixsigma.com
SANDBOX EVADING
MALWARE
Sandbox-evading-malware is a
new type that can detect if it’s
inside a sandbox or virtual
environment. This malware
doesn’t execute its malicious
code until they’re outside the
controlled environment.
www.benchmarksixsigma.com
REAL WORLD EXAMPLES OF
SANDBOX EVADING MALWARE
www.benchmarksixsigma.com
In mid of 2018, a new version
of malware called the
RogueRobin trojan was
detected in the Middle East.
This government organisation-
based malware was spread via
email in an attached RAR
archive.
www.benchmarksixsigma.com
Protection from sandbox-evading
malware:
1. Dynamically change sleep
duration.
2. Simulate human interactions.
3. Add real environmental and
hardware artifacts.
4. Perform static in addition to
dynamic analysis.
5. Use fingerprint analysis
www.benchmarksixsigma.com
6. Use behavior-based analysis.
7. Customize your sandboxing.
8. Add kernel analysis.
9. Implement machine learning.
10. Consider content disarm and
reconstruction (CDR) as an
extra security layer.
www.benchmarksixsigma.com
INQUIRE NOW!
www.benchmarksixsigma.com
https://tinyurl.com/BSSinquire