VMware Communities
givemeatip
Enthusiast
Enthusiast

VMware 15.5.5 - how to make "virtual machines" look as "real machines"?

Some software (especially malware) refuse to execute when they detect that they are running inside a Virtual Machine. However I would like to execute them to do some tests.

What needs to be done to make the virtual machines look like "real machines" so that software and malware won't refuse to execute inside the virtual machines?

- My VMware 15.5.5 is running on a Windows 10 Pro version 1909 real machine (Dell Inspiron 14R 5421 with i7).

- I pretend to use the following virtual machines: Windows 7 64 bit and Ubuntu 20.04 64 bit. These virtual machines are already installed and I have been using them for a while.

Reply
0 Kudos
5 Replies
scott28tt
VMware Employee
VMware Employee

You won’t find a supported process to do this, but here’s a guide for Windows: [Tutorial] How to make a stealthy Virtual Machine - YouTube


-------------------------------------------------------------------------------------------------------------------------------------------------------------

Although I am a VMware employee I contribute to VMware Communities voluntarily (ie. not in any official capacity)
VMware Training & Certification blog
Reply
0 Kudos
givemeatip
Enthusiast
Enthusiast

scott28tt

Hello! Thank you for the link. I tested the reg file from the description of your video on the Windows 7 x64 virtual machine. However, it didn't really make it stealthy I think.
From what I researched, seems like I need to change dmi settings. Any tips on that? Thank you very much.

Reply
0 Kudos
scott28tt
VMware Employee
VMware Employee

I would be making the same google searches you may have already done yourself, sorry.


-------------------------------------------------------------------------------------------------------------------------------------------------------------

Although I am a VMware employee I contribute to VMware Communities voluntarily (ie. not in any official capacity)
VMware Training & Certification blog
Reply
0 Kudos
Mikero
Community Manager
Community Manager

There will always be ways to identify that a VM is, in fact, a VM. It's a game of whack-a-mole that we're not interested in playing.

-
Michael Roy - Product Marketing Engineer: Fusion & Workstation
Reply
0 Kudos
fz0000
Contributor
Contributor

How about using "virtual disk on the virtual disk"? If you are using Windows OS guest, try to install another OS to a VHD file in your guest and boot from it. It can pass some tests.

Reply
0 Kudos