Is it possible to bypass the detector. windows sandbox / virtual machine? How is it detected?

There are Windows only, which burst how you want to run in the Linux system. Can't say what it is, you can tell something in common? The problem is that the program somehow knows that I run it in the sandbox vine, also sees that runs in VirtualBox and actually killed.

Is it possible to get around that?

UPD: Even on Windows, the native sandbox tens does not start for the same reason.
In pescina antivirus too.
April 7th 20 at 15:36
2 answers
April 7th 20 at 15:38
Solution
Try to use this option.
https://habr.com/ru/post/311492/
April 7th 20 at 15:40
Solution
Well, VirtualBox is easily detected on specific virtual hardware. Vine... may also leave any thread traces the type of OS or libraries. The big question will be whether to operate in virtual reality running on the hypervisor, e.g. Xen.
Vine probably can be determined by some reimplementations challenges. There is surely viossy stomatognatico level of usefulness, the lack of results from which we can say that it's a vine. - aileen commented on April 7th 20 at 15:43
@carson_Cummin, Yes, that too. - Jaqueline_Larson53 commented on April 7th 20 at 15:46
@jeromy_Uptonits entry was virtuallock in General a trivial task. To dissect the program through the IDA and you can understand what technique it uses. And so to fight against it - Rodger_Hess commented on April 7th 20 at 15:49
@lois_Huels56, Yes, but I'm not sure that someone will do it. - Jaqueline_Larson53 commented on April 7th 20 at 15:52
@jeromy_Uptondepends on demand software... - Edd_Christiansen commented on April 7th 20 at 15:55

Find more questions by tags LinuxVirtualization