Stuxnet does not use virtual machine-based obfuscation or novel techniques for anti-debugging, or anything else to make it different from the hundreds of malware samples found every day. Developers seem to be unaware of more advanced techniques for hiding their target. Whoever developed the code was probably in a hurry and decided using more advanced hiding techniques wasnt worth the development/testing cost. The authors use simple if/then range checks to identify Step 7 systems and their peripheral controllers. If this was some high-level government operation, I would hope they would use things like hash-and-decrypt.”]
Source: https://rdist.root.org/2011/01/17/stuxnet-is-embarrassing-not-amazing/