Cuckoo Sandbox- Automated Malware Analysis Framework

cuckoo

Cuckoo Sandbox is an open source tool that can be used to reverse malwares , exploits, documents and links. the program is written in Python and running in a virtual environment VirtualBox. the application starts by creating a clean snapshot of the system Next it will allow to monitor , record and investigate changes in the system. comparing the result will reveal all malicious activities on the analyzed system.

some of the main features in Cuckoo Sandbox are:

– Monitoring win32 API functions;
– Dump  network activity;
– Create screenshots during the analysis;
– save copies of all files created during the forensics analysis;
– Tracking instructions executed by the malicious process;
– Create user-friendly report in txt, JSON and HTML format;
– Absolute isolation of the environment in which the malware is launched.

You can download the recent release and read more about Cuckoo Sandbox on the official website.

Share
You can leave a response, or trackback from your own site.
  • Gopal

    I am new to malware analysis,
    How to start using cuckoo’s API for malware analysis