#ModulesCmdlets #Win32_TemperatureProbe Get-TemperatureProbe

turns out for one of the anti debugging techniques . exploit developers uses Win32_TemperatureProbe to check the readings of temperature of hardware . and if no readings came, it was used as vm detection. So cool.

For those who are thinking how to prevent this as a malware analyst. you can use NOPS in memory flow to prevent executing that function and put a breakpoint on it. This will prevent whatever function you want to run, in this case Win32_TemperatureProbe.

About once every 6 months I search for a way to read the CPU temp using Win32_TemperatureProbe in C#. Each time the answer is: nope.

gwmi Win32_TemperatureProbe は温度情報の取得ができるみたいだけど、自宅ノートではインスタンス無し。BMCとかAMTがついてるやつだと温度情報が取得できるのだろう。.

Alguno se sepa perl y win32api que me ayude con un script (?) es que parece que no me inicia Win32_TemperatureProbe :|.

先生、WMIのWin32_TemperatureProbeクラスはなんかおかしいことが判明いたしました.

@komekome09 330=2*3*5*11 RT: i3 330MでWin32_TemperatureProbeが使えなかったマン.