Modern malwares are equipped with anti-analysis techniques in order to evade analysis. It is common for malwares to check for the presence of any virtualization environment, any malware analysis sandboxes or any analysis tools during runtime.

sems is a tool which is created to help malware researchers by checking their environments for the signatures of any virtualization techniques, malware sandbox tools or well know malware analysis tools. sems is using the same techniques and looking for the same footprints that evasive malwares do in order to detect if it is running in a controlled environment. So it is useful for malware researchers to check if the analysis environment is inevasible.

Built With

Share this project:

Updates