[EP_X0FF]

EP_X0FF thank you for a detailed answer. Would you mind sharing the code you used to discover their IPs. Did you just dump the network configuration and be gone with it? Nevertheless, if you can share the code, it would save me the troubles (however small they might be) to do it myself and it would possibly be beneficial for other readers of this blog.

I'm also interested in how does VirusTotal make it more difficult to obtain such information. Are there any existing threads on kernelmode that discuss this in detail?

Regards

Prepare and send analogue of ipconfig (query MSDN for example) with output somewhere in area this sandbox displaying in results (mutexes for example, network requests). Some sandboxes support screenshots. To query external IP use external server, e.g. ping.eu. Some sandboxes will not allow outside network requests and this will fail. No I will not share anything because it obviously will be used in malicious purposes. Malware authors are quite lame these days and hungry for free lunch.

[evelyette]

Hi,

Thank you for giving a detailed answer once again. And sorry if I had given the impression of using this for malicious purposes, it was not my intention, since I only want to absorb new knowledge from my peers. Anyway, you've provided enough details for me to do it on my own.

Thanks

[EP_X0FF]

Not only you read this topic and visit this site.