A forum for reverse engineering, OS internals and malware analysis 

Ask your beginner questions here.
 #2187  by kiskav
 Mon Aug 23, 2010 12:17 am
I am Running Vm-Ware Version 7.1.1 Build - 282343 . Few samples are not getting installed in my VM. After clicking on the Dropper, i get Send/Dont send Error. Clicking on any of the option terminates the Dropper Process.. Is there any basic settings to be modified ??

I saw Ex_Off suggesting this,
Note: enable this setting in vmx configuration file to bypass VMware identification (VMX backdoor) by some lazy malware.

monitor_control.restrict_backdoor = "TRUE"
So how to do it ? Is that a Registry Value or any ? I checked in Google, all it brings is EPX/EPXI .. i dont have any clue on what the above syntax is & how to do the same.. It would be extremely encouraging if someone Can explain it in a Noob Friendly way .

Thanks.