Changing VM features for malware analysis
Posted: 14. Mar 2013, 12:11
Hello all,
I am trying to change my Windows XP SP3 features for malware analysis not to be detecte by malware but even having changed and checked the changes, the windows box seems not to get the changes.
The changes I have made are the following ones:
Launching -> VBoxManage getextradata "Analysis" enumerate <- I get the following info:
The software I use to check the changes at the windows box is called PA-fish
All this updates have been made with the system shuted down and no snapshots but nothing, the registry seems not to update.
If any more information is needed do not hesitate contacting me
Thanks for your time,
I am trying to change my Windows XP SP3 features for malware analysis not to be detecte by malware but even having changed and checked the changes, the windows box seems not to get the changes.
The changes I have made are the following ones:
Code: Select all
VBoxManage setextradata "Analysis" "VBoxInternal/Devices/pcbios/0/Config/DmiBIOSVersion" "Version 1.16"
VBoxManage setextradata "Analysis" "VBoxInternal/Devices/pcbios/0/Config/DmiBIOSVendor" "FUJITSU // Phoenix Technologies Ltd."
VBoxManage setextradata "Analysis" "VBoxInternal/Devices/pcbios/0/Config/DmiBIOSReleaseDate" "12/09/2011"
VBoxManage setextradata "Analysis" "VBoxInternal/Devices/pcbios/0/Config/DmiSystemVendor" "FUJITSU"
VBoxManage setextradata "Analysis" "VBoxInternal/Devices/pcbios/0/Config/DmiSystemVendor" "LIFEBOOK S751"
VBoxManage setextradata "Analysis" "VBoxInternal/Devices/pcbios/0/Config/DmiSystemVersion" "10601409485"
VBoxManage setextradata "Analysis" "VBoxInternal/Devices/pcbios/0/Config/DmiSystemSerial" "DSBW057252"
VBoxManage setextradata "Analysis" "VBoxInternal/Devices/pcbios/0/Config/DmiSystemUuid" "C0EC81E9-6729-11E1-8B14-502690982710"
VBoxManage setextradata "Analysis" "VBoxInternal/Devices/pcbios/0/Config/DmiBoardVendor" "FUJITSU"
VBoxManage setextradata "Analysis" "VBoxInternal/Devices/pcbios/0/Config/DmiBoardProduct" "FJNB223"
VBoxManage setextradata "Analysis" "VBoxInternal/Devices/pcbios/0/Config/DmiBoardVersion" "H3"
VBoxManage setextradata "Analysis" "VBoxInternal/Devices/pcbios/0/Config/DmiBoardSerial" "H1 7X5C"Code: Select all
Key: GUI/LastCloseAction, Value: powerOff,discardCurState
Key: GUI/LastGuestSizeHint, Value: 1152,864
Key: GUI/LastNormalWindowPosition, Value: 1,44,1918,1029,max
Key: GUI/MiniToolBarAlignment, Value: bottom
Key: GUI/SaveMountedAtRuntime, Value: yes
Key: GUI/ShowMiniToolBar, Value: yes
Key: VBoxInternal/Devices/pcbios/0/Config/DmiBIOSReleaseDate, Value: 12/09/2011
Key: VBoxInternal/Devices/pcbios/0/Config/DmiBIOSVendor, Value: FUJITSU // Phoenix Technologies Ltd.
Key: VBoxInternal/Devices/pcbios/0/Config/DmiBIOSVersion, Value: Version 1.16
Key: VBoxInternal/Devices/pcbios/0/Config/DmiBoardProduct, Value: FJNB223
Key: VBoxInternal/Devices/pcbios/0/Config/DmiBoardSerial, Value: H1 7X5C
Key: VBoxInternal/Devices/pcbios/0/Config/DmiBoardVendor, Value: FUJITSU
Key: VBoxInternal/Devices/pcbios/0/Config/DmiBoardVersion, Value: H3
Key: VBoxInternal/Devices/pcbios/0/Config/DmiSystemSerial, Value: DSBW057252
Key: VBoxInternal/Devices/pcbios/0/Config/DmiSystemUuid, Value: C0EC81E9-6729-11E1-8B14-502690982710
Key: VBoxInternal/Devices/pcbios/0/Config/DmiSystemVendor, Value: LIFEBOOK S751
Key: VBoxInternal/TM/TSCTiedToExecution, Value: 1All this updates have been made with the system shuted down and no snapshots but nothing, the registry seems not to update.
If any more information is needed do not hesitate contacting me
Thanks for your time,