Threat actors started using fake malware to confuse researchers and avoid being analyzed by detection systems. The new technique involves dropping a fake payload when the malware senses it`s being run into a sandbox and analyzed.
Read full article on Heimdal Security Blog