Adlice forum

General Category => General Discussion => Topic started by: Narc0lepsy on March 04, 2017, 09:32:25 PM

Title: I was analyzing Equation Group's malware TripleFantasy
Post by: Narc0lepsy on March 04, 2017, 09:32:25 PM

So I was analyzing equation groups triplefantasy malware with pestudio and it seems as thought triple fantasy has strong anti-analysis features because as soon as I loaded the file, it killed the application.

Title: Re: I was analyzing Equation Group's malware TripleFantasy
Post by: Curson on March 06, 2017, 02:56:40 PM

Hi Narc0lepsy,

Malware usually use antidebug/antiVM routines to make their analysis harder.
For more information, please refer to : Windows Anti-Debug Reference (https://www.symantec.com/connect/articles/windows-anti-debug-reference).

Regards.