A C++ class used for thread synchronization named timed-mutex can be used for sleep evasion in Windows, by delaying execution just enough to trick anti-virus software into declaring a malicious payload as benign. In this article we explore which System…