1. 演示了一种可以绕过卡巴斯基的实时检测将病毒写到磁盘中的方法。-1. Demonstrates a real-time detection can bypass Kaspersky' s virus written to disk method.

a driver for Cuckoo Sandbox, it will perform kernel analysis during the execution of a malware. There are many ways for a malware author to bypass Cuckoo detection, he can detect the hooks, hardcodes the Nt* functions to avoid the hooks, detect the