Security News > 2020 > March > Checkpoint Creates Encyclopedia of Malware Evasion Techniques
Cybersecurity firm Checkpoint has created an encyclopedia of the various techniques used by malware to evade analysis.
The encyclopedia covers evasion techniques related to the file system, registry, generic OS queries, global OS objects, user interface artifacts, OS features, processes, network, CPU, firmware tables, hooks, hardware, and macOS-specific sandboxes.
Checkpoint also plans on adding evasion techniques related to timing, Windows Management Instrumentation, and human-like behavior.
Each evasion category includes a description of the technique, code samples, signature recommendations for tracking attempts to use the technique, a table showing the type of environments that can be detected, and countermeasures.
Cybersecurity companies often use automated solutions to analyze malware samples and their behavior, and malware developers have become increasingly good at identifying these types of virtual environments.