Even though they appears to have anti-VM capabilities? I've downloaded some latest samples of ransomware executables from cerber, locky, and other family of ransomware
Why do they still execute in the virtualbox environment? It is a fresh new virtualbox with no hardening to evade malware analysis. Given the latest versions, aren't they supposed to not run in the environment because virtualbox itself being a VM, should be evaded by them at the first place?
Please advise, thanks!