thx,now i can add those keys in my machine to defend against malwares

I had no idea some malwares even did that. So devious lol.

for everyone saying i can add those key in my windows machine technically yes it can help you prevent some malware that check for those keys but you will get an error message if you try to run an app or program that doest want their code to be peeked at eg : Anticheat & some Paid Software its because those app and program thought your real machine was a virtual environment , you were trying to reverse engineer their app either you want to hack it or crack it Which why i dont recommend you guys add it in a real windows machine you guys just gonna having a bad time unless those machine was just used for a production stuff like databases or other server stuff (most of server and databases stuff wont detect those keys)

So could you defend yourself from certain malwares just by creating those registry keys? :-)

I've heard some malware can even break out of VM's how do they do that?

So theoretically, I could make that keys and my pc will be malwareproof? (Semi)

thanks bro for the information it will be very useful in my next malware.

Kay? Resoult?

Is it possible to lets say hook those winAPI's and return them information that there are no such registry keys?

There is another way is by checking the gpu. virtual machines GPUs is virtual and not named like any physical graphics card. How we're gonna defend ourselfs from this? By going to some keys in regeditor and edit the gpu name to a real one so the malware that have the gpu as a definer of real or virtual machines will just fall

Good video! But for me keybord sounds are a little to loud or maybe there is something wrong with me

i have seen certain cracking tool checking for serial number of motherboard too (apparently most VMs software set the serial number to zero)

they do a lot of other things to detect VMs, like installed application (process hacker, IDA, ...), resolution, present users, disk size, process running, ... and there is not only virtual box (VMware, qemu, ...), so checking only this registry keys is really not enought

What if i use VMWare and run that code in VMWare?

Is there any way to bypass this script? Like using fakenet or deleting these registrykeys from the VM?

How did you learn all this?

Wow. Where do you learn all of this stuff ?

Use C99 or change extension to cpp and you can skip Declaring Variables at the start of the scope. It makes Code more readable if you need to check the type of Variable.

for vmware vms it'd work the same or the reg keys are the same?

If malware detect files to see if it should run or not, can't we just add those files and we would be safe from malware attakes.

What if main machine pretend to be VM?

Yeah, but is a common technique, you need creativity to check some things that is not publicly available like the presents of a driver specific for VMs or something which is unique.

Would definitely love more videos on this topic

Very simple, short, easy and amateur way of detecting vm's this can be bypassed with ease. Next time come with something more sophisticated and advanced.

przyjemnie się ogląda, pozdro

how to pack project into one exe file?

Awesome video, keep it up! OMG you're also from Poland :)

more blue team strategy

It's more easy to detect if a proccess is running.

Now you don't have to scan the thing for malware, just put and run it under vm, lol.

Thank you for the video!

Nice posters dude :D

resoult

Everyone just switch to a Virtual Machine :)

its prob the most easy way to bypass XD

Długo już się uczysz informatyki? Po akcencie słychać, że jesteś Polakiem haha