Using Bochs to step through aggressive obfuscating packers was one of the important ingredients to the malware analysis infrastructure I built 2005-2011 in my first company.
Bonus points for stepping the same malware in Bochs and Qemu simultaneously to identify trace divergence; detection then needs to detect both in one stroke.
Bonus points for stepping the same malware in Bochs and Qemu simultaneously to identify trace divergence; detection then needs to detect both in one stroke.