Indy
September 24th, 2012, 05:19
http://indy-vx.narod.ru/Bin/VMBE.zip ("http://indy-vx.narod.ru/Bin/VMBE.zip")
2644
2644
View Full Version : AV VM BYPASS ENGINE.
disavowed
September 24th, 2012, 11:58
OMG! This is breaking news!! Are you saying that if you obfuscate malware then AV products won't be able to detect it?! Call the presses! Alert the media!
_genuine
September 24th, 2012, 13:26
Oh my, I didnt see this one coming..
frozenrain
September 26th, 2012, 02:35
only check a api?av can add support this api quickly
Indy
September 26th, 2012, 02:57
The api can be any. Api's are emulated as atoms, this engine splits it, this mechanism can not work around.
evaluator
October 14th, 2012, 15:26
this is TrapFlag_SelfTracer.
any new code can be called "VM BYPASS ENGINE"
any new code can be called "VM BYPASS ENGINE"
Indy
October 14th, 2012, 22:44
Simple use of the TF can not determine the fact of emulation. Typical methods is a gag's(затычки по русски
. They fix.
. They fix.checking_numbr1
October 21st, 2012, 08:07
Quote:
| [Originally Posted by Indy;93285]http://indy-vx.narod.ru/Bin/VMBE.zip ("http://indy-vx.narod.ru/Bin/VMBE.zip") 2644 |
Someone made Indy angry so he deleted
all from his website. Can someone reupload this?Indy
October 21st, 2012, 23:04
woodmann
2665
2665
NeOXOeN
October 23rd, 2012, 16:23
Quote:
| [Originally Posted by Indy;93501]woodmann 2665 |
indy what is password for it??
Indy
May 10th, 2013, 02:18
VMBE 2
pass: vx
2756
pass: vx
2756
Indy
May 10th, 2013, 11:18
Aver's is gone, Comrades
Indy
May 11th, 2013, 11:33
wow fixed.
vx
2757
vx
2757
NeOXOeN
May 11th, 2013, 18:16
damn.. .nice.. thx for rlz
Indy
May 13th, 2013, 14:15
NeOXOeN
2764
2764
NeOXOeN
June 3rd, 2013, 06:09
hehe i that you?
Indy
June 3rd, 2013, 14:17
Project is closed. Possible to set limits on NL, but this is unnecessary. AVVM is no more.
2772
2772
Powered by vBulletin® Version 4.2.2 Copyright © 2018 vBulletin Solutions, Inc. All rights reserved.