Cuckoo Sandbox- Automated Malware Analysis Framework

cuckoo

Cuckoo Sandbox is an open source tool that can be used to reverse malwares , exploits, documents and links. the program is written in Python and running in a virtual environment VirtualBox. the application starts by creating a clean snapshot of the system Next it will allow to monitor , record and investigate changes in the system. comparing the result will reveal all malicious activities on the analyzed system.

some of the main features in Cuckoo Sandbox are:

– Monitoring win32 API functions;
– Dump  network activity;
– Create screenshots during the analysis;
– save copies of all files created during the forensics analysis;
– Tracking instructions executed by the malicious process;
– Create user-friendly report in txt, JSON and HTML format;
– Absolute isolation of the environment in which the malware is launched.

You can download the recent release and read more about Cuckoo Sandbox on the official website.

Share
  • Gopal

    I am new to malware analysis,
    How to start using cuckoo’s API for malware analysis