Commonly, malware will fingerprint the host it executes on, in an attempt to discover more about its environment and act accordingly. Part of this process is quite often dedicated to analyzing specific data in order to figure out if the malware is running inside a VM, which could just be a honeypot or an analysis […]
Article Link: https://labs.nettitude.com/blog/using-pooltags-to-fingerprint-hosts/