This topic contains 1 reply, has 2 voices, and was last updated by trizzosk 2 months ago.
- April 6, 2020 at 5:35 am #230694
If you want a quick and dirty lab to explode untrusted “things”, those two together seem to be phenomenal. Full disclosure: I have not extensively tested sandbox detection (which I think would fail, so the advanced stuff will not execute) or vectors for sandbox escape. For the amateur the before and after from InstallWatchPro is probably all you’ll need.
ProTip: Run the InstallWatch Pro executable in Windows XP compatibility mode
ProTip2: Be careful where you download that unsupported software from, hash it to make sure.
- April 6, 2020 at 5:35 am #230695
Honestly – once I download pretty advanced malware attached in email (as a part of investigation). I run it on a clean machine, without network connectivity and inside Windows Sandbox (where I put all my process explorers and network sniffers used) and the malware did not detect that is running in sandboxed environment. I think its just a matter of time when malware producers will find a way how to detect Windows Sandbox.
You must be logged in to reply to this topic.