Difference between revisions of "Ema-1000"

From ema
Jump to navigation Jump to search
 
Line 3: Line 3:
 
|Name=Screen Resolution Testing
 
|Name=Screen Resolution Testing
 
|Description=Sandboxes aren't used in the same manner as a typical user environment, so most of the time the screen resolution stays at the minimum 800x600 or lower. No one is actually working on a such small screen. Malware could potentially detect the screen resolution to determine if it's a user machine or a sandbox.
 
|Description=Sandboxes aren't used in the same manner as a typical user environment, so most of the time the screen resolution stays at the minimum 800x600 or lower. No one is actually working on a such small screen. Malware could potentially detect the screen resolution to determine if it's a user machine or a sandbox.
|References={{Reference
 
|Date=04/01/2017
 
|URL=http://unprotect.tdgt.org/index.php/Sandbox_Evasion
 
}}
 
 
|applicable platform=Linux (unknown kernel version), Linux Kernel 2.4.x, Linux Kernel 2.6.x, Linux Kernel 3.0.x, Linux Kernel 3.1.x, Linux Kernel 3.10.x, Linux Kernel 3.11.x, Linux Kernel 3.12.x, Linux Kernel 3.13.x, Linux Kernel 3.14.x, Linux Kernel 3.15.x, Linux Kernel 3.16.x, Linux Kernel 3.17.x, Linux Kernel 3.18.x, Linux Kernel 3.19.x, Linux Kernel 3.2.x, Linux Kernel 3.3.x, Linux Kernel 3.4.x, Linux Kernel 3.5.x, Linux Kernel 3.6.x, Linux Kernel 3.7.x, Linux Kernel 3.8.x, Linux Kernel 3.9.x, Linux Kernel 4.0.x, Linux Kernel 4.1.x, Mac OS X (unknown version), Mac OS X 10.0.x, Mac OS X 10.1.x, Mac OS X 10.10.x, Mac OS X 10.11.x, Mac OS X 10.2.x, Mac OS X 10.3.x, Mac OS X 10.4.x, Mac OS X 10.5.x, Mac OS X 10.6.x, Mac OS X 10.7.x, Mac OS X 10.8.x, Mac OS X 10.9.x, Windows (unknown version), Windows 10, Windows 7, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2003, Windows Server 2003 SP1, Windows Server 2003 SP2, Windows Server 2008, Windows Server 2008 R2, Windows Server 2008 R2 SP1, Windows Server 2008 SP1, Windows Server 2008 SP2, Windows Server 2012, Windows Server 2012 R2, Windows Vista, Windows Vista SP1, Windows Vista SP2
 
|applicable platform=Linux (unknown kernel version), Linux Kernel 2.4.x, Linux Kernel 2.6.x, Linux Kernel 3.0.x, Linux Kernel 3.1.x, Linux Kernel 3.10.x, Linux Kernel 3.11.x, Linux Kernel 3.12.x, Linux Kernel 3.13.x, Linux Kernel 3.14.x, Linux Kernel 3.15.x, Linux Kernel 3.16.x, Linux Kernel 3.17.x, Linux Kernel 3.18.x, Linux Kernel 3.19.x, Linux Kernel 3.2.x, Linux Kernel 3.3.x, Linux Kernel 3.4.x, Linux Kernel 3.5.x, Linux Kernel 3.6.x, Linux Kernel 3.7.x, Linux Kernel 3.8.x, Linux Kernel 3.9.x, Linux Kernel 4.0.x, Linux Kernel 4.1.x, Mac OS X (unknown version), Mac OS X 10.0.x, Mac OS X 10.1.x, Mac OS X 10.10.x, Mac OS X 10.11.x, Mac OS X 10.2.x, Mac OS X 10.3.x, Mac OS X 10.4.x, Mac OS X 10.5.x, Mac OS X 10.6.x, Mac OS X 10.7.x, Mac OS X 10.8.x, Mac OS X 10.9.x, Windows (unknown version), Windows 10, Windows 7, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2003, Windows Server 2003 SP1, Windows Server 2003 SP2, Windows Server 2008, Windows Server 2008 R2, Windows Server 2008 R2 SP1, Windows Server 2008 SP1, Windows Server 2008 SP2, Windows Server 2012, Windows Server 2012 R2, Windows Vista, Windows Vista SP1, Windows Vista SP2
 
}}
 
}}

Latest revision as of 13:16, 18 May 2018

EMA ID: ema-1000
Description: Sandboxes aren't used in the same manner as a typical user environment, so most of the time the screen resolution stays at the minimum 800x600 or lower. No one is actually working on a such small screen. Malware could potentially detect the screen resolution to determine if it's a user machine or a sandbox.
Associated Behavior: sandbox detect & evade


Inherited Attributes:

applicable platform: Linux (unknown kernel version), Linux Kernel 2.4.x, Linux Kernel 2.6.x, Linux Kernel 3.0.x, Linux Kernel 3.1.x, Linux Kernel 3.10.x, Linux Kernel 3.11.x, Linux Kernel 3.12.x, Linux Kernel 3.13.x, Linux Kernel 3.14.x, Linux Kernel 3.15.x, Linux Kernel 3.16.x, Linux Kernel 3.17.x, Linux Kernel 3.18.x, Linux Kernel 3.19.x, Linux Kernel 3.2.x, Linux Kernel 3.3.x, Linux Kernel 3.4.x, Linux Kernel 3.5.x, Linux Kernel 3.6.x, Linux Kernel 3.7.x, Linux Kernel 3.8.x, Linux Kernel 3.9.x, Linux Kernel 4.0.x, Linux Kernel 4.1.x, Mac OS X (unknown version), Mac OS X 10.0.x, Mac OS X 10.1.x, Mac OS X 10.10.x, Mac OS X 10.11.x, Mac OS X 10.2.x, Mac OS X 10.3.x, Mac OS X 10.4.x, Mac OS X 10.5.x, Mac OS X 10.6.x, Mac OS X 10.7.x, Mac OS X 10.8.x, Mac OS X 10.9.x, Windows (unknown version), Windows 10, Windows 7, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2003, Windows Server 2003 SP1, Windows Server 2003 SP2, Windows Server 2008, Windows Server 2008 R2, Windows Server 2008 R2 SP1, Windows Server 2008 SP1, Windows Server 2008 SP2, Windows Server 2012, Windows Server 2012 R2, Windows Vista, Windows Vista SP1, Windows Vista SP2