Introduction This is the third post of a series which regards development of malicious software. In this series we will explore and try to implement multiple techniques used by malicious applications to execute code, hide from defenses and persist. In the previous part of the series we discussed methods for detecting sandboxes, virtual machines and automated analysis. This time let’s see how the application can detect that it’s being debugged or inspected by an analyst.
