Malware are able sometimes to detect a virtual environment to avoid analysis and detection. RocProtect is a quick and dirty POC to emulate Virtual artifacts into a physical machine.
Portable Binary Structure:
+ mt.exe : Tool for windows manifest analysis
+ RockProtect.exe: Tool for generated fake registry, folder etc.
+ FakeAp.exe : example AP.
– Currently Support x86 windows Machine.