-
```
We have an automated malware analysis system that runs a variety of scans in
memory on input files. We patched PDFCore.py to enable string input of file
contents, rather than a filename. It is…
-
```
We have an automated malware analysis system that runs a variety of scans in
memory on input files. We patched PDFCore.py to enable string input of file
contents, rather than a filename. It is…
-
Hi,
I have noticed the malware execution isn't completely followed in cuckoo-2.0 missing behaviours due to it not identifying the execution path. Also this analysis while done with different versions…
-
I am a newbie in Android malware detection. I saw many ML-based tools are implemented based on Smali-IR. And I am also looking into the Soot for a more comprehensive analysis.
I have some questions …
-
Some thoughts:
- IPs, Domains, URIs can already be used, but this is not flexible enough for e.g. Botnet analysis
- Not covered at all: ports
- Not really covered: Malware might change used endpoin…
-
Would be nice to have the ability to connect to it from a user-land app in order to have some sort of automation in the case of malware analysis as opposed to the infamous DbgPrint. Just an addition, …
-
I have installed cuckoo with winxp as analysis machine. I have taken snapshot with name "Snapshot1".
Isuue is when cuckoo start winxp for analyzing the malware, its time and date remain old as time o…
-
Hello
There's a fact, malware can easily detect cuckoo hooks, even with the DLL hidden.
Why not go deeper and do the analysis from kernel mode?
This is what zer0m0n does, why not integrate its deve…
Tigzy updated
5 years ago
-
So I am getting this error `Segmentation Fault (Core Dumped)` this occurs after `DEBUG: Executing reporting module "MongoDB"`
This only occurs on analysis of one specific file. Unfortunately it is …
-
The current set of file objects in CybOX tend to conflate file system details with file instance details.
These should be deconflated to more accurately convey the level of detail needed for low-leve…