In our recent blog post “Blinding Malware Analysis with COM Objects” we talked about the steady trend of malware using Microsoft’s Component Object Model (COM) for evading sandbox analysis. The reason why COM can be used to perform stealth operations is that traditional dynamic analysis systems monitor program behavior by
