Here are some tips to create a stealthy VM that doesn’t seem to be documented in scambaiting guides.
Nowadays the majority of scammers go to the control panel to check if VMware tools if installed. The best way to hide it from the control panel is going to the registry editor and going to hkey_local_machine>software>microsoft>windows>currentversion>uninstall, and then click on every folder there until you find 'VMWare Tools' in the varible 'displayname'. Delete that folder and restart Windows.
You can also add these lines to the .vmx file of the virtual machine, add them below everything else. I've yet to tried these myself but apparently it works well for malware analysists, and tricks majority of malware that checks if it's a vm.
`isolation.tools.getPtrLocation.disable = “TRUE”
isolation.tools.setPtrLocation.disable = “TRUE”
isolation.tools.setVersion.disable = “TRUE”
isolation.tools.getVersion.disable = “TRUE”
monitor_control.disable_directexec = “TRUE”
monitor_control.disable_chksimd = “TRUE”
monitor_control.disable_ntreloc = “TRUE”
monitor_control.disable_selfmod = “TRUE”
monitor_control.disable_reloc = “TRUE”
monitor_control.disable_btinout = “TRUE”
monitor_control.disable_btmemspace = “TRUE”
monitor_control.disable_btpriv = “TRUE”
monitor_control.disable_btseg = “TRUE”`
You can open the .vmx file with any text editor like Notepad.
Aside from these tips, it is also a good idea to follow the other scambaiting guides on YouTube. Have fun!