API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Sep 13th, 2018
338
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
VB.NET 1.98 KB | None | 0 0
raw download clone embed print report
  1. Imports System.Runtime.InteropServices
  2. Imports System.Security.AccessControl
  3. Imports Microsoft.Win32
  4.  
  5. ''' <summary>
  6. ''' gigajew@hf
  7. ''' </summary>
  8. Public Module AntiTesting
  9.  
  10.     <DllImport("kernel32.dll", BestFitMapping:=True, CallingConvention:=CallingConvention.Winapi, CharSet:=CharSet.Ansi, SetLastError:=True)>
  11.     Public Function GetModuleHandle(<MarshalAs(UnmanagedType.LPStr)> ByVal moduleName As String) As IntPtr
  12.     End Function
  13.  
  14.     <DllImport("kernel32.dll", BestFitMapping:=True, CallingConvention:=CallingConvention.Winapi, CharSet:=CharSet.Ansi, SetLastError:=True)>
  15.     Public Function LoadLibrary(<MarshalAs(UnmanagedType.LPStr)> ByVal moduleName As String) As IntPtr
  16.     End Function
  17.  
  18.     ''' <summary>
  19.     ''' Application entrypoint
  20.     ''' </summary>
  21.     ''' <returns></returns>
  22.     Public Function Main() As Integer
  23.         If (Debugger.IsAttached) Then
  24.             Return -1
  25.         End If
  26.  
  27.         If (IsVirtualized()) Then
  28.             Return -2
  29.         End If
  30.  
  31.         Return 0
  32.     End Function
  33.  
  34.     ''' <summary>
  35.     ''' Detects whether the process is being virtualized
  36.     ''' </summary>
  37.     Public Function IsVirtualized() As Boolean
  38.         Try
  39.             Using hklm As RegistryKey = RegistryKey.OpenBaseKey(RegistryHive.LocalMachine, RegistryView.Default)
  40.                 Using vbox As RegistryKey = hklm.OpenSubKey("HARDWARE\ACPI\DSDT\VBOX__", RegistryKeyPermissionCheck.ReadSubTree, RegistryRights.ReadKey)
  41.                     vbox.Close()
  42.                 End Using
  43.                 hklm.Close()
  44.             End Using
  45.  
  46.             Return True
  47.         Catch
  48.         End Try
  49.  
  50.         If (LoadLibrary("VBoxHook.dll") <> IntPtr.Zero) Then
  51.             Return True
  52.         End If
  53.  
  54.         If (LoadLibrary("dbghlp.dll") <> IntPtr.Zero) Then
  55.             Return True
  56.         End If
  57.  
  58.         If (GetModuleHandle("SbieDll.dll") <> IntPtr.Zero) Then
  59.             Return True
  60.         End If
  61.  
  62.         Return False
  63.     End Function
  64.  
  65. End Module
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!