From: DeepMal: maliciousness-Preserving adversarial instruction learning against static malware detection
Sandbox | Features |
---|---|
Cuckoo | API call during Execution |
 | Registry Keys |
 | IP address and DNS queries |
 | Access URLs |
 | Summary information |
 | File operations |
VirusTotal | File System Action (Files Open, Files Written, Files deleted, Files Copied) |
 | Process and Service Action (Process Created, Shell Commands, Process Injected) |
 | Synchronization Mechanisms and Signals (Mutexes Created, ShimCacheMutex) |