Fake Sandbox Processes small script will simulate fake processes of analysis, sandbox and VM software that some malware will try to avoid. You can download the original script made by @x0rz here (thanks, by the way).
You can also download my slightly optimised script from the root directory. The file is named fsp.ps1. This exact script is also used in the FSP installer.
Script-Features
Also Read – PasteHunter : Scanning Pastebin With Yara Rules
Right-click the file and choose “Run with Powershell”
~ OR ~
Open the command line and paste this command (don’t forget to adjust the path):
Powershell -executionpolicy remotesigned -F ‘Your\Path\fsp.ps1’
After pressing enter you can choose to either start or stop all processes.
If you’re just using the script and start it manually, you will have to re-run it at every re-login or startup to create the processes again. In order to autostart the script I made an easy-to-use installer.
fsp-installer.bat
file from the release section or from the folder installer
.—> You can now close the window or press any key to close it. The installation is complete.
If you no longer want this program on your computer, you’ll need the fsp-installer.bat
file again. Run it and chose “u” to start the removal process. Then enter “y” if you are ready to purge all created files.
If the process was successful, you’ll see a confirmation screen – done.
Successfully tested on the following Windows versions:
WID_LoadLibrary is a custom implementation inspired by the Windows API function LoadLibrary, which is used…
Locksmith is a specialized tool designed to identify and remediate vulnerabilities in Active Directory Certificate…
Uscrapper Vanta is a powerful open-source intelligence (OSINT) tool designed to revolutionize web scraping and…
Pake is an innovative tool designed to convert any webpage into a desktop application with…
Bevy is an open-source, data-driven game engine built in Rust, designed to simplify game development…
AppFlowy Cloud is a robust component of the AppFlowy ecosystem, designed to provide secure user…