-
Hi,
Found TrickBot.
SHA256: dc2e70d7deaac4e2d85851e2b7c484565b20ba329e4a27ff3611175372eadc96)
[VT Scan](https://www.virustotal.com/file/dc2e70d7deaac4e2d85851e2b7c484565b20ba329e4a27ff3611175372ea…
-
I have run a sample in the cuckoo sandbox. Here is the API trace until it terminates:
2016-02-12 16:03:56.633246 CreateProcessInternalW thread_identifier => 2928
thread_handle => 0x00000080
pro…
-
The dependencies es6-map and es6-set have dependency es5-ext which is spotted as JS.Siggen5 by antiviruses. There is a script which has more than just advertisement. All these packages from one autho…
-
I am testing objc2_analyzer.py against the following malware sample.
SHA256: 8db4f17abc49da9dae124f5bf583d0645510765a6f7256d264c82c2b25becf8b
However, errors will be occurred like below:
```
ERR…
-
**Describe the bug**
Timeout doesn't work when infinite loop happens during auto-analyze process of specific binary. This happens in headless mode and GUI mode. In headless mode the timeout option di…
-
Thanks for creating an issue! But first: did you read our community guidelines?
https://cuckoo.sh/docs/introduction/community.html
##### My issue is:
i submitted the .exe Malware sample then the …
-
I currently try to figure out can OWSAP DC can scan and detect malware on a .zip file that contain an trojan.exe.
in the logs i found this:
WARN - An error occurred with the .NET AssemblyAnalyzer…
-
Can you please investigate how difficult it would be to port agent.py over to a native windows scripting language such as Powershell or vbScript?
Malware such as Furtim/SFG now attempts to look for r…
-
- [ ] C++ structures parsing for VC++ generated binaries https://github.com/REhints/HexRaysCodeXplorer & http://www.openrce.org/articles/full_view/23
- [ ] C++ structures parsing for OS X clang C++ g…
-
I installed Malcom as a Docker container in a new, stock Ubuntu 14.04 VM (& also from github, same result). When I try to run it using the syntax from the Docker part of the README.md (docker run -p …