From the few malware sample I have ran using Cuckoo, I noticed that whenever the malware attempts to write into svchost, the buffer would be empty and the summary page would normally give an alert command line output was observed and when expanded, reveals the WriteConsoleW API call with buffer Access is denied.
From the few malware sample I have ran using Cuckoo, I noticed that whenever the malware attempts to write into svchost, the buffer would be empty and the summary page would normally give an alert
command line output was observed
and when expanded, reveals the WriteConsoleW API call with bufferAccess is denied.
Is this a bug with Cuckoo or my setup?