Virtual Box rdtsc

[Tribiune]

Hello and sorry for posting here. I am using Virtual box and i am trying to make Windows 10 as stealthier as possible. Solved all pafish detections except the two rdtsc ones. I would be thankful if anyone can help with these.

Checking the difference between CPU timestamp counters (rdtsc)
Checking the difference between CPU timestamp counters (rdtsc) forcing VM exit

[a0rtega]

We have a few issues discussing this, see #68 and #63. There are also many sources on the internet on the subject.

I don't have a solution to fix those. The only reliable way I found in the past to avoid these detections was using QEMU in full system emulation mode (not virtualization).

[Tribiune]

Thanks a lot for your response and sharing your knowledge!

[alu1al]

@Tribiune please how did you passed all the mouse detections?

[Tribiune]

I used windows 10 machine inside an Ubuntu Cuckoo Sandbox, and Cuckoo has a human interaction module that you can turn on and off that moves that mouse by itself. Also as far as i remember you can move the mouse when pafish runs and bypass it.