Cuckoo Sandbox- Automated Malware Analysis Framework


Cuckoo Sandbox is an open source tool that can be used to reverse malwares , exploits, documents and links. the program is written in Python and running in a virtual environment VirtualBox. the application starts by creating a clean snapshot of the system Next it will allow to monitor , record and investigate changes in the system. comparing the result will reveal all malicious activities on the analyzed system.

some of the main features in Cuckoo Sandbox are:

- Monitoring win32 API functions;
- Dump  network activity;
- Create screenshots during the analysis;
- save copies of all files created during the forensics analysis;
- Tracking instructions executed by the malicious process;
- Create user-friendly report in txt, JSON and HTML format;
- Absolute isolation of the environment in which the malware is launched.

You can download the recent release and read more about Cuckoo Sandbox on the official website.

You can leave a response, or trackback from your own site.
  • Gopal

    I am new to malware analysis,
    How to start using cuckoo’s API for malware analysis