search

cuckoosandbox / cuckoo

Cuckoo Sandbox is an automated dynamic malware analysis system
http://www.cuckoosandbox.org
Other
5.57k stars 1.71k forks source link

Segmentation fault (core dumped) #1066

Closed g00dv1n closed 8 years ago

g00dv1n commented 8 years ago

My full log with -d option

eeee e e eeee e e eeeee eeeee 8 8 8 8 8 8 8 8 8 88 8 88 8e 8e 8 8e 8eee8e 8 8 8 8 88 88 8 88 88 8 8 8 8 8 88e8 88ee8 88e8 88 8 8eee8 8eee8

Cuckoo Sandbox 2.0-rc1 www.cuckoosandbox.org Copyright (c) 2010-2015

Checking for updates... Good! You have the latest version available.

2016-09-01 12:45:22,500 [root] DEBUG: Importing modules... 2016-09-01 12:45:22,714 [root] DEBUG: Imported "signatures" modules: 2016-09-01 12:45:22,714 [root] DEBUG: |-- AndroidAbortBroadcast 2016-09-01 12:45:22,714 [root] DEBUG: |-- AndroidAccountInfo 2016-09-01 12:45:22,715 [root] DEBUG: |-- AndroidAppInfo 2016-09-01 12:45:22,715 [root] DEBUG: |-- AndroidAudio 2016-09-01 12:45:22,715 [root] DEBUG: |-- AndroidCamera 2016-09-01 12:45:22,715 [root] DEBUG: |-- AndroidDangerousPermissions 2016-09-01 12:45:22,715 [root] DEBUG: |-- AndroidDeletedApp 2016-09-01 12:45:22,715 [root] DEBUG: |-- AndroidDynamicCode 2016-09-01 12:45:22,715 [root] DEBUG: |-- AndroidEmbeddedApk 2016-09-01 12:45:22,715 [root] DEBUG: |-- AndroidGooglePlayDiff 2016-09-01 12:45:22,715 [root] DEBUG: |-- AndroidInstalledApps 2016-09-01 12:45:22,715 [root] DEBUG: |-- AndroidNativeCode 2016-09-01 12:45:22,716 [root] DEBUG: |-- AndroidPhoneNumber 2016-09-01 12:45:22,716 [root] DEBUG: |-- AndroidPrivateInfoQuery 2016-09-01 12:45:22,716 [root] DEBUG: |-- AndroidReflectionCode 2016-09-01 12:45:22,716 [root] DEBUG: |-- AndroidRegisteredReceiver 2016-09-01 12:45:22,716 [root] DEBUG: |-- AndroidSMS 2016-09-01 12:45:22,716 [root] DEBUG: |-- AndroidShellCommands 2016-09-01 12:45:22,716 [root] DEBUG: |-- AndroidStopProcess 2016-09-01 12:45:22,716 [root] DEBUG: |-- ApplicationUsesLocation 2016-09-01 12:45:22,716 [root] DEBUG: |-- KnownVirustotal 2016-09-01 12:45:22,716 [root] DEBUG: |-- CreatesExe 2016-09-01 12:45:22,716 [root] DEBUG: |-- AntiAnalysisJavascript 2016-09-01 12:45:22,717 [root] DEBUG: |-- DumpedBuffer 2016-09-01 12:45:22,717 [root] DEBUG: |-- DumpedBuffer2 2016-09-01 12:45:22,717 [root] DEBUG: |-- EncryptionKeys 2016-09-01 12:45:22,717 [root] DEBUG: |-- EvalJS 2016-09-01 12:45:22,717 [root] DEBUG: |-- Exploit_zteF460F660 2016-09-01 12:45:22,717 [root] DEBUG: |-- HtmlFlash 2016-09-01 12:45:22,717 [root] DEBUG: |-- JsIframe 2016-09-01 12:45:22,717 [root] DEBUG: |-- SuspiciousJavascript 2016-09-01 12:45:22,717 [root] DEBUG: |-- DarwinCodeInjection 2016-09-01 12:45:22,717 [root] DEBUG: |-- TaskForPid 2016-09-01 12:45:22,717 [root] DEBUG: |-- SystemMetrics 2016-09-01 12:45:22,717 [root] DEBUG: |-- DeadHost 2016-09-01 12:45:22,718 [root] DEBUG: |-- NetworkBIND 2016-09-01 12:45:22,718 [root] DEBUG: |-- NetworkDynDNS 2016-09-01 12:45:22,718 [root] DEBUG: |-- NetworkHTTP 2016-09-01 12:45:22,718 [root] DEBUG: |-- NetworkICMP 2016-09-01 12:45:22,718 [root] DEBUG: |-- NetworkIRC 2016-09-01 12:45:22,718 [root] DEBUG: |-- NetworkSMTP 2016-09-01 12:45:22,718 [root] DEBUG: |-- SnortAlert 2016-09-01 12:45:22,718 [root] DEBUG: |-- SuricataAlert 2016-09-01 12:45:22,718 [root] DEBUG: |-- TorGateway 2016-09-01 12:45:22,718 [root] DEBUG: |-- WscriptDownloader 2016-09-01 12:45:22,718 [root] DEBUG: |-- ADS 2016-09-01 12:45:22,719 [root] DEBUG: |-- APT_Carbunak 2016-09-01 12:45:22,719 [root] DEBUG: |-- APT_CloudAtlas 2016-09-01 12:45:22,719 [root] DEBUG: |-- AVDetectionChinaKey 2016-09-01 12:45:22,719 [root] DEBUG: |-- Adzok 2016-09-01 12:45:22,719 [root] DEBUG: |-- AlinaFile 2016-09-01 12:45:22,719 [root] DEBUG: |-- AlineURL 2016-09-01 12:45:22,719 [root] DEBUG: |-- AllocatesRWX 2016-09-01 12:45:22,719 [root] DEBUG: |-- Andromeda 2016-09-01 12:45:22,719 [root] DEBUG: |-- AntiAVDetectFile 2016-09-01 12:45:22,719 [root] DEBUG: |-- AntiAVDetectReg 2016-09-01 12:45:22,719 [root] DEBUG: |-- AntiAVSRP 2016-09-01 12:45:22,719 [root] DEBUG: |-- AntiAnalysisDetectFile 2016-09-01 12:45:22,720 [root] DEBUG: |-- AntiDBGDevices 2016-09-01 12:45:22,720 [root] DEBUG: |-- AntiDBGWindows 2016-09-01 12:45:22,720 [root] DEBUG: |-- AntiSandboxFile 2016-09-01 12:45:22,720 [root] DEBUG: |-- AntiSandboxForegroundWindow 2016-09-01 12:45:22,720 [root] DEBUG: |-- AntiSandboxIdleTime 2016-09-01 12:45:22,720 [root] DEBUG: |-- AntiSandboxSleep 2016-09-01 12:45:22,720 [root] DEBUG: |-- AntiVMBios 2016-09-01 12:45:22,720 [root] DEBUG: |-- AntiVMCPU 2016-09-01 12:45:22,720 [root] DEBUG: |-- AntiVMComputernameQuery 2016-09-01 12:45:22,720 [root] DEBUG: |-- AntiVMIDE 2016-09-01 12:45:22,720 [root] DEBUG: |-- AntiVMSCSI 2016-09-01 12:45:22,720 [root] DEBUG: |-- AntiVMServices 2016-09-01 12:45:22,721 [root] DEBUG: |-- ArdamaxMutexes 2016-09-01 12:45:22,721 [root] DEBUG: |-- AthenaHttp 2016-09-01 12:45:22,721 [root] DEBUG: |-- AthenaURL 2016-09-01 12:45:22,721 [root] DEBUG: |-- Autorun 2016-09-01 12:45:22,721 [root] DEBUG: |-- AvastDetectLibs 2016-09-01 12:45:22,721 [root] DEBUG: |-- BadCerts 2016-09-01 12:45:22,721 [root] DEBUG: |-- Bagle 2016-09-01 12:45:22,721 [root] DEBUG: |-- Bandook 2016-09-01 12:45:22,721 [root] DEBUG: |-- BankingMutexes 2016-09-01 12:45:22,721 [root] DEBUG: |-- Banload 2016-09-01 12:45:22,721 [root] DEBUG: |-- Beastdoor 2016-09-01 12:45:22,722 [root] DEBUG: |-- BeebusMutexes 2016-09-01 12:45:22,722 [root] DEBUG: |-- BegseabugTDMutexes 2016-09-01 12:45:22,722 [root] DEBUG: |-- BetabotURL 2016-09-01 12:45:22,722 [root] DEBUG: |-- Bifrose 2016-09-01 12:45:22,722 [root] DEBUG: |-- BitcoinOpenCL 2016-09-01 12:45:22,722 [root] DEBUG: |-- BitcoinWallet 2016-09-01 12:45:22,722 [root] DEBUG: |-- BitdefenderDetectLibs 2016-09-01 12:45:22,722 [root] DEBUG: |-- BlackEnergyMutexes 2016-09-01 12:45:22,722 [root] DEBUG: |-- BlackRevMutexes 2016-09-01 12:45:22,722 [root] DEBUG: |-- Blackhole 2016-09-01 12:45:22,722 [root] DEBUG: |-- BlackholeURL 2016-09-01 12:45:22,722 [root] DEBUG: |-- Blackice 2016-09-01 12:45:22,723 [root] DEBUG: |-- BlackposURL 2016-09-01 12:45:22,723 [root] DEBUG: |-- Blackshades 2016-09-01 12:45:22,723 [root] DEBUG: |-- BladabindiMutexes 2016-09-01 12:45:22,723 [root] DEBUG: |-- BochsDetectKeys 2016-09-01 12:45:22,723 [root] DEBUG: |-- Bottilda 2016-09-01 12:45:22,723 [root] DEBUG: |-- BozokKey 2016-09-01 12:45:22,723 [root] DEBUG: |-- BrowserSecurity 2016-09-01 12:45:22,723 [root] DEBUG: |-- BrowserStealer 2016-09-01 12:45:22,723 [root] DEBUG: |-- Btcbotnet 2016-09-01 12:45:22,723 [root] DEBUG: |-- Bublik 2016-09-01 12:45:22,723 [root] DEBUG: |-- BuildLangID 2016-09-01 12:45:22,724 [root] DEBUG: |-- BuzusMutexes 2016-09-01 12:45:22,724 [root] DEBUG: |-- BypassFirewall 2016-09-01 12:45:22,724 [root] DEBUG: |-- CarberpMutexes 2016-09-01 12:45:22,724 [root] DEBUG: |-- Ceatrg 2016-09-01 12:45:22,724 [root] DEBUG: |-- ChanitorMutexes 2016-09-01 12:45:22,724 [root] DEBUG: |-- CheckIP 2016-09-01 12:45:22,724 [root] DEBUG: |-- CloudFlare 2016-09-01 12:45:22,724 [root] DEBUG: |-- CloudGoogle 2016-09-01 12:45:22,724 [root] DEBUG: |-- CoinminerMutexes 2016-09-01 12:45:22,724 [root] DEBUG: |-- ComRAT 2016-09-01 12:45:22,724 [root] DEBUG: |-- Crash 2016-09-01 12:45:22,724 [root] DEBUG: |-- CreatesAutorunInf 2016-09-01 12:45:22,725 [root] DEBUG: |-- CreatesDocument 2016-09-01 12:45:22,725 [root] DEBUG: |-- CreatesExe 2016-09-01 12:45:22,725 [root] DEBUG: |-- CreatesService 2016-09-01 12:45:22,725 [root] DEBUG: |-- CreatesSuspiciousProcess 2016-09-01 12:45:22,725 [root] DEBUG: |-- Cridex 2016-09-01 12:45:22,725 [root] DEBUG: |-- Cryptolocker 2016-09-01 12:45:22,725 [root] DEBUG: |-- Cybergate 2016-09-01 12:45:22,725 [root] DEBUG: |-- DNS_TLD_BY 2016-09-01 12:45:22,725 [root] DEBUG: |-- DNS_TLD_CC 2016-09-01 12:45:22,725 [root] DEBUG: |-- DNS_TLD_ONION 2016-09-01 12:45:22,725 [root] DEBUG: |-- DNS_TLD_PW 2016-09-01 12:45:22,725 [root] DEBUG: |-- DNS_TLD_RU 2016-09-01 12:45:22,726 [root] DEBUG: |-- DNS_TLD_SU 2016-09-01 12:45:22,726 [root] DEBUG: |-- Dapato 2016-09-01 12:45:22,726 [root] DEBUG: |-- Darkcloud 2016-09-01 12:45:22,726 [root] DEBUG: |-- DarkddosMutexes 2016-09-01 12:45:22,726 [root] DEBUG: |-- Darkshell 2016-09-01 12:45:22,726 [root] DEBUG: |-- Ddos556 2016-09-01 12:45:22,726 [root] DEBUG: |-- Decay 2016-09-01 12:45:22,726 [root] DEBUG: |-- DecebalMutexes 2016-09-01 12:45:22,726 [root] DEBUG: |-- DeletesSelf 2016-09-01 12:45:22,726 [root] DEBUG: |-- DelfTrojan 2016-09-01 12:45:22,726 [root] DEBUG: |-- DerusbiMutexes 2016-09-01 12:45:22,727 [root] DEBUG: |-- Dexter 2016-09-01 12:45:22,727 [root] DEBUG: |-- Dibik 2016-09-01 12:45:22,727 [root] DEBUG: |-- DirtJumper 2016-09-01 12:45:22,727 [root] DEBUG: |-- DisableCmd 2016-09-01 12:45:22,727 [root] DEBUG: |-- DisableRegedit 2016-09-01 12:45:22,727 [root] DEBUG: |-- DisableTaskMgr 2016-09-01 12:45:22,727 [root] DEBUG: |-- DisablesAppLaunch 2016-09-01 12:45:22,727 [root] DEBUG: |-- DisablesBrowserWarn 2016-09-01 12:45:22,727 [root] DEBUG: |-- DisablesSPDY 2016-09-01 12:45:22,727 [root] DEBUG: |-- DisablesSecurity 2016-09-01 12:45:22,727 [root] DEBUG: |-- DisablesSystemRestore 2016-09-01 12:45:22,727 [root] DEBUG: |-- DisablesWER 2016-09-01 12:45:22,728 [root] DEBUG: |-- DisablesWindowsUpdate 2016-09-01 12:45:22,728 [root] DEBUG: |-- DiskInformation 2016-09-01 12:45:22,728 [root] DEBUG: |-- Dns_Freehosting_Domain 2016-09-01 12:45:22,728 [root] DEBUG: |-- DoFoil 2016-09-01 12:45:22,728 [root] DEBUG: |-- DownloaderCabby 2016-09-01 12:45:22,728 [root] DEBUG: |-- Drive 2016-09-01 12:45:22,728 [root] DEBUG: |-- Drive2 2016-09-01 12:45:22,728 [root] DEBUG: |-- DriverLoad 2016-09-01 12:45:22,728 [root] DEBUG: |-- DropBox 2016-09-01 12:45:22,728 [root] DEBUG: |-- Dyreza 2016-09-01 12:45:22,729 [root] DEBUG: |-- EclipseMutexes 2016-09-01 12:45:22,729 [root] DEBUG: |-- Emotet 2016-09-01 12:45:22,729 [root] DEBUG: |-- Evilbot 2016-09-01 12:45:22,729 [root] DEBUG: |-- Expiro 2016-09-01 12:45:22,729 [root] DEBUG: |-- ExploitKitMutexes 2016-09-01 12:45:22,729 [root] DEBUG: |-- FTPStealer 2016-09-01 12:45:22,729 [root] DEBUG: |-- FakeAVMutexes 2016-09-01 12:45:22,729 [root] DEBUG: |-- FakeRean 2016-09-01 12:45:22,729 [root] DEBUG: |-- FarFli 2016-09-01 12:45:22,729 [root] DEBUG: |-- FesberMutexes 2016-09-01 12:45:22,729 [root] DEBUG: |-- Fingerprint 2016-09-01 12:45:22,730 [root] DEBUG: |-- Flame 2016-09-01 12:45:22,730 [root] DEBUG: |-- Flystudio 2016-09-01 12:45:22,730 [root] DEBUG: |-- FortinetDetectFiles 2016-09-01 12:45:22,730 [root] DEBUG: |-- Fynloski 2016-09-01 12:45:22,730 [root] DEBUG: |-- Gaelicum 2016-09-01 12:45:22,730 [root] DEBUG: |-- Ghostbot 2016-09-01 12:45:22,730 [root] DEBUG: |-- HasAuthenticode 2016-09-01 12:45:22,730 [root] DEBUG: |-- HasOfficeEps 2016-09-01 12:45:22,730 [root] DEBUG: |-- HasPdb 2016-09-01 12:45:22,730 [root] DEBUG: |-- HasWMI 2016-09-01 12:45:22,730 [root] DEBUG: |-- Hesperbot 2016-09-01 12:45:22,731 [root] DEBUG: |-- Hikit 2016-09-01 12:45:22,731 [root] DEBUG: |-- HookMouse 2016-09-01 12:45:22,731 [root] DEBUG: |-- Hupigon 2016-09-01 12:45:22,731 [root] DEBUG: |-- HyperVDetectKeys 2016-09-01 12:45:22,731 [root] DEBUG: |-- IEMartian 2016-09-01 12:45:22,731 [root] DEBUG: |-- IMStealer 2016-09-01 12:45:22,731 [root] DEBUG: |-- IPKillerMutexes 2016-09-01 12:45:22,731 [root] DEBUG: |-- ISRstealerURL 2016-09-01 12:45:22,731 [root] DEBUG: |-- IcePoint 2016-09-01 12:45:22,731 [root] DEBUG: |-- InceptionAPT 2016-09-01 12:45:22,731 [root] DEBUG: |-- Infinity 2016-09-01 12:45:22,731 [root] DEBUG: |-- InjectionRunPE 2016-09-01 12:45:22,732 [root] DEBUG: |-- InjectionThread 2016-09-01 12:45:22,732 [root] DEBUG: |-- InstalledApps 2016-09-01 12:45:22,732 [root] DEBUG: |-- InstallsAppInit 2016-09-01 12:45:22,732 [root] DEBUG: |-- InstallsBHO 2016-09-01 12:45:22,732 [root] DEBUG: |-- InstallsWinpcap 2016-09-01 12:45:22,732 [root] DEBUG: |-- Ircbrute 2016-09-01 12:45:22,732 [root] DEBUG: |-- JackPOSFile 2016-09-01 12:45:22,732 [root] DEBUG: |-- JackposURL 2016-09-01 12:45:22,732 [root] DEBUG: |-- JeefoMutexes 2016-09-01 12:45:22,732 [root] DEBUG: |-- Jewdo 2016-09-01 12:45:22,732 [root] DEBUG: |-- JintorMutexes 2016-09-01 12:45:22,733 [root] DEBUG: |-- JorikTrojan 2016-09-01 12:45:22,733 [root] DEBUG: |-- Karagany 2016-09-01 12:45:22,733 [root] DEBUG: |-- Karakum 2016-09-01 12:45:22,733 [root] DEBUG: |-- Katusha 2016-09-01 12:45:22,733 [root] DEBUG: |-- KelihosBot 2016-09-01 12:45:22,733 [root] DEBUG: |-- Keylogger 2016-09-01 12:45:22,733 [root] DEBUG: |-- Kilim 2016-09-01 12:45:22,733 [root] DEBUG: |-- Killdisk 2016-09-01 12:45:22,733 [root] DEBUG: |-- KnownVirustotal 2016-09-01 12:45:22,733 [root] DEBUG: |-- Koobface 2016-09-01 12:45:22,733 [root] DEBUG: |-- Koutodoor 2016-09-01 12:45:22,734 [root] DEBUG: |-- KovterBot 2016-09-01 12:45:22,734 [root] DEBUG: |-- KrepperMutexes 2016-09-01 12:45:22,734 [root] DEBUG: |-- KuluozMutexes 2016-09-01 12:45:22,734 [root] DEBUG: |-- Likseput 2016-09-01 12:45:22,734 [root] DEBUG: |-- LocatesBrowser 2016-09-01 12:45:22,734 [root] DEBUG: |-- LocatesSniffer 2016-09-01 12:45:22,734 [root] DEBUG: |-- Lockscreen 2016-09-01 12:45:22,734 [root] DEBUG: |-- LolBot 2016-09-01 12:45:22,734 [root] DEBUG: |-- Luder 2016-09-01 12:45:22,734 [root] DEBUG: |-- Madness 2016-09-01 12:45:22,734 [root] DEBUG: |-- MadnessURL 2016-09-01 12:45:22,735 [root] DEBUG: |-- MaganiaMutexes 2016-09-01 12:45:22,735 [root] DEBUG: |-- MailStealer 2016-09-01 12:45:22,735 [root] DEBUG: |-- MegaUpload 2016-09-01 12:45:22,735 [root] DEBUG: |-- Minerbot 2016-09-01 12:45:22,735 [root] DEBUG: |-- MircFile 2016-09-01 12:45:22,735 [root] DEBUG: |-- ModifiesDesktopWallpaper 2016-09-01 12:45:22,735 [root] DEBUG: |-- ModifiesFiles 2016-09-01 12:45:22,735 [root] DEBUG: |-- ModifiesUACNotify 2016-09-01 12:45:22,735 [root] DEBUG: |-- MyBot 2016-09-01 12:45:22,735 [root] DEBUG: |-- Nakbot 2016-09-01 12:45:22,735 [root] DEBUG: |-- Napolar 2016-09-01 12:45:22,735 [root] DEBUG: |-- Nebuler 2016-09-01 12:45:22,736 [root] DEBUG: |-- Netobserve 2016-09-01 12:45:22,736 [root] DEBUG: |-- Netshadow 2016-09-01 12:45:22,736 [root] DEBUG: |-- Netwire 2016-09-01 12:45:22,736 [root] DEBUG: |-- Nitol 2016-09-01 12:45:22,736 [root] DEBUG: |-- NjRat 2016-09-01 12:45:22,736 [root] DEBUG: |-- ObfusMutexes 2016-09-01 12:45:22,736 [root] DEBUG: |-- OfficeCreateObject 2016-09-01 12:45:22,736 [root] DEBUG: |-- OfficeEpsStrings 2016-09-01 12:45:22,736 [root] DEBUG: |-- OfficeHttpRequest 2016-09-01 12:45:22,736 [root] DEBUG: |-- OfficePackager 2016-09-01 12:45:22,736 [root] DEBUG: |-- OfficeRecentFiles 2016-09-01 12:45:22,737 [root] DEBUG: |-- OfficeVulnModules 2016-09-01 12:45:22,737 [root] DEBUG: |-- OfficeVulnerableGuid 2016-09-01 12:45:22,737 [root] DEBUG: |-- OfficeWriteEXE 2016-09-01 12:45:22,737 [root] DEBUG: |-- Oldrea 2016-09-01 12:45:22,737 [root] DEBUG: |-- PEFeatures 2016-09-01 12:45:22,737 [root] DEBUG: |-- PWDumpFile 2016-09-01 12:45:22,737 [root] DEBUG: |-- PackerEntropy 2016-09-01 12:45:22,737 [root] DEBUG: |-- Palevo 2016-09-01 12:45:22,737 [root] DEBUG: |-- ParallelsDetectKeys 2016-09-01 12:45:22,737 [root] DEBUG: |-- Pasta 2016-09-01 12:45:22,737 [root] DEBUG: |-- PcClientMutexes 2016-09-01 12:45:22,738 [root] DEBUG: |-- PerfLogger 2016-09-01 12:45:22,738 [root] DEBUG: |-- PersistenceBootexecute 2016-09-01 12:45:22,738 [root] DEBUG: |-- Phorpiex 2016-09-01 12:45:22,738 [root] DEBUG: |-- Pidief 2016-09-01 12:45:22,738 [root] DEBUG: |-- Plugx 2016-09-01 12:45:22,738 [root] DEBUG: |-- Poebot 2016-09-01 12:45:22,738 [root] DEBUG: |-- PoisonIvy 2016-09-01 12:45:22,738 [root] DEBUG: |-- Polymorphic 2016-09-01 12:45:22,738 [root] DEBUG: |-- Ponfoy 2016-09-01 12:45:22,738 [root] DEBUG: |-- PonyURL 2016-09-01 12:45:22,738 [root] DEBUG: |-- PosCardStealerURL 2016-09-01 12:45:22,739 [root] DEBUG: |-- Prinimalka 2016-09-01 12:45:22,739 [root] DEBUG: |-- ProcMemDumpURLs 2016-09-01 12:45:22,739 [root] DEBUG: |-- Psyokym 2016-09-01 12:45:22,739 [root] DEBUG: |-- PuceMutexes 2016-09-01 12:45:22,739 [root] DEBUG: |-- PutterpandaMutexes 2016-09-01 12:45:22,739 [root] DEBUG: |-- Putty 2016-09-01 12:45:22,739 [root] DEBUG: |-- Pykse 2016-09-01 12:45:22,739 [root] DEBUG: |-- Qakbot 2016-09-01 12:45:22,739 [root] DEBUG: |-- RBot 2016-09-01 12:45:22,739 [root] DEBUG: |-- Ragebot 2016-09-01 12:45:22,739 [root] DEBUG: |-- RaisesException 2016-09-01 12:45:22,739 [root] DEBUG: |-- Ramnit 2016-09-01 12:45:22,740 [root] DEBUG: |-- RansomwareBcdedit 2016-09-01 12:45:22,740 [root] DEBUG: |-- RansomwareFiles 2016-09-01 12:45:22,740 [root] DEBUG: |-- RansomwareShadowcopy 2016-09-01 12:45:22,740 [root] DEBUG: |-- RapidShare 2016-09-01 12:45:22,740 [root] DEBUG: |-- RatSiggen 2016-09-01 12:45:22,740 [root] DEBUG: |-- RdpMutexes 2016-09-01 12:45:22,740 [root] DEBUG: |-- Renocide 2016-09-01 12:45:22,740 [root] DEBUG: |-- RenosTrojan 2016-09-01 12:45:22,740 [root] DEBUG: |-- Rovnix 2016-09-01 12:45:22,740 [root] DEBUG: |-- Runbu 2016-09-01 12:45:22,740 [root] DEBUG: |-- RunouceMutexes 2016-09-01 12:45:22,741 [root] DEBUG: |-- Ruskill 2016-09-01 12:45:22,741 [root] DEBUG: |-- SDBot 2016-09-01 12:45:22,741 [root] DEBUG: |-- Sadbot 2016-09-01 12:45:22,741 [root] DEBUG: |-- SandboxJoeAnubisDetectFiles 2016-09-01 12:45:22,741 [root] DEBUG: |-- SandboxieDetect 2016-09-01 12:45:22,741 [root] DEBUG: |-- SelfDeleteBat 2016-09-01 12:45:22,741 [root] DEBUG: |-- Senna 2016-09-01 12:45:22,741 [root] DEBUG: |-- Shadowbot 2016-09-01 12:45:22,741 [root] DEBUG: |-- SharingRGhost 2016-09-01 12:45:22,741 [root] DEBUG: |-- SharpStealerURL 2016-09-01 12:45:22,741 [root] DEBUG: |-- Shiz 2016-09-01 12:45:22,741 [root] DEBUG: |-- ShutdownSystem 2016-09-01 12:45:22,742 [root] DEBUG: |-- Shylock 2016-09-01 12:45:22,742 [root] DEBUG: |-- SipStun 2016-09-01 12:45:22,742 [root] DEBUG: |-- Smtp_GMail 2016-09-01 12:45:22,742 [root] DEBUG: |-- Smtp_Live 2016-09-01 12:45:22,742 [root] DEBUG: |-- Smtp_Mail_Ru 2016-09-01 12:45:22,742 [root] DEBUG: |-- Smtp_Yahoo 2016-09-01 12:45:22,742 [root] DEBUG: |-- SolarURL 2016-09-01 12:45:22,742 [root] DEBUG: |-- SpyEyeMutexes 2016-09-01 12:45:22,742 [root] DEBUG: |-- SpyeyeURL 2016-09-01 12:45:22,742 [root] DEBUG: |-- SpynetRat 2016-09-01 12:45:22,742 [root] DEBUG: |-- Spyrecorder 2016-09-01 12:45:22,742 [root] DEBUG: |-- Staser 2016-09-01 12:45:22,743 [root] DEBUG: |-- StealthChildProc 2016-09-01 12:45:22,743 [root] DEBUG: |-- StealthHiddenExtension 2016-09-01 12:45:22,743 [root] DEBUG: |-- StealthHiddenFile 2016-09-01 12:45:22,743 [root] DEBUG: |-- StealthHiddenIcons 2016-09-01 12:45:22,743 [root] DEBUG: |-- StopsService 2016-09-01 12:45:22,743 [root] DEBUG: |-- SunBeltSandboxDetect 2016-09-01 12:45:22,743 [root] DEBUG: |-- SunbeltDetectFiles 2016-09-01 12:45:22,743 [root] DEBUG: |-- SuspiciousPowershell 2016-09-01 12:45:22,743 [root] DEBUG: |-- SweetorangeMutexes 2016-09-01 12:45:22,743 [root] DEBUG: |-- Swrort 2016-09-01 12:45:22,743 [root] DEBUG: |-- SystemInfo 2016-09-01 12:45:22,744 [root] DEBUG: |-- TDSSBackdoor 2016-09-01 12:45:22,744 [root] DEBUG: |-- TapiDpMutexes 2016-09-01 12:45:22,744 [root] DEBUG: |-- TeamviewerRat 2016-09-01 12:45:22,744 [root] DEBUG: |-- ThreatTrackDetectFiles 2016-09-01 12:45:22,744 [root] DEBUG: |-- TinbaMutexes 2016-09-01 12:45:22,744 [root] DEBUG: |-- TnegaMutexes 2016-09-01 12:45:22,744 [root] DEBUG: |-- Tor 2016-09-01 12:45:22,744 [root] DEBUG: |-- TorHiddenService 2016-09-01 12:45:22,744 [root] DEBUG: |-- Travnet 2016-09-01 12:45:22,744 [root] DEBUG: |-- Trogbot 2016-09-01 12:45:22,744 [root] DEBUG: |-- TrojanJorik 2016-09-01 12:45:22,744 [root] DEBUG: |-- TrojanLethic 2016-09-01 12:45:22,745 [root] DEBUG: |-- TrojanRedosru 2016-09-01 12:45:22,745 [root] DEBUG: |-- TrojanSysn 2016-09-01 12:45:22,745 [root] DEBUG: |-- TufikMutexes 2016-09-01 12:45:22,745 [root] DEBUG: |-- Turkojan 2016-09-01 12:45:22,745 [root] DEBUG: |-- TurlaCarbon 2016-09-01 12:45:22,745 [root] DEBUG: |-- UFRStealer 2016-09-01 12:45:22,745 [root] DEBUG: |-- UPXCompressed 2016-09-01 12:45:22,745 [root] DEBUG: |-- URLSpy 2016-09-01 12:45:22,745 [root] DEBUG: |-- Unhook 2016-09-01 12:45:22,745 [root] DEBUG: |-- Upatre 2016-09-01 12:45:22,745 [root] DEBUG: |-- UpatreTDMutexes 2016-09-01 12:45:22,745 [root] DEBUG: |-- UrkShortCN 2016-09-01 12:45:22,746 [root] DEBUG: |-- UroburosFile 2016-09-01 12:45:22,746 [root] DEBUG: |-- UroburosMutexes 2016-09-01 12:45:22,746 [root] DEBUG: |-- Urxbot 2016-09-01 12:45:22,746 [root] DEBUG: |-- UsesWindowsUtilities 2016-09-01 12:45:22,746 [root] DEBUG: |-- VBInject 2016-09-01 12:45:22,746 [root] DEBUG: |-- VBoxDetectACPI 2016-09-01 12:45:22,746 [root] DEBUG: |-- VBoxDetectDevices 2016-09-01 12:45:22,746 [root] DEBUG: |-- VBoxDetectFiles 2016-09-01 12:45:22,746 [root] DEBUG: |-- VBoxDetectKeys 2016-09-01 12:45:22,746 [root] DEBUG: |-- VBoxDetectWindow 2016-09-01 12:45:22,746 [root] DEBUG: |-- VMFirmware 2016-09-01 12:45:22,747 [root] DEBUG: |-- VMPPacked 2016-09-01 12:45:22,747 [root] DEBUG: |-- VMWareDetectFiles 2016-09-01 12:45:22,747 [root] DEBUG: |-- VMWareDetectKeys 2016-09-01 12:45:22,747 [root] DEBUG: |-- VMWareInInstruction 2016-09-01 12:45:22,747 [root] DEBUG: |-- VNLoaderURL 2016-09-01 12:45:22,747 [root] DEBUG: |-- VPCDetectKeys 2016-09-01 12:45:22,747 [root] DEBUG: |-- Vanbot 2016-09-01 12:45:22,747 [root] DEBUG: |-- Vertex 2016-09-01 12:45:22,747 [root] DEBUG: |-- VertexSolarURL 2016-09-01 12:45:22,747 [root] DEBUG: |-- VirtualPCDetect 2016-09-01 12:45:22,747 [root] DEBUG: |-- VirtualPCIllegalInstruction 2016-09-01 12:45:22,747 [root] DEBUG: |-- Virut 2016-09-01 12:45:22,748 [root] DEBUG: |-- VncMutexes 2016-09-01 12:45:22,748 [root] DEBUG: |-- VolDevicetree1 2016-09-01 12:45:22,748 [root] DEBUG: |-- VolHandles1 2016-09-01 12:45:22,748 [root] DEBUG: |-- VolLdrModules1 2016-09-01 12:45:22,748 [root] DEBUG: |-- VolLdrModules2 2016-09-01 12:45:22,748 [root] DEBUG: |-- VolMalfind1 2016-09-01 12:45:22,748 [root] DEBUG: |-- VolModscan1 2016-09-01 12:45:22,748 [root] DEBUG: |-- VolSvcscan1 2016-09-01 12:45:22,748 [root] DEBUG: |-- VolSvcscan2 2016-09-01 12:45:22,748 [root] DEBUG: |-- VolSvcscan3 2016-09-01 12:45:22,748 [root] DEBUG: |-- Wakbot 2016-09-01 12:45:22,749 [root] DEBUG: |-- WarbotURL 2016-09-01 12:45:22,749 [root] DEBUG: |-- Whimoo 2016-09-01 12:45:22,749 [root] DEBUG: |-- Win32ProcessCreate 2016-09-01 12:45:22,749 [root] DEBUG: |-- WinSCP 2016-09-01 12:45:22,749 [root] DEBUG: |-- WinSxsBot 2016-09-01 12:45:22,749 [root] DEBUG: |-- WineDetect 2016-09-01 12:45:22,749 [root] DEBUG: |-- WormAllaple 2016-09-01 12:45:22,749 [root] DEBUG: |-- WormKolabc 2016-09-01 12:45:22,749 [root] DEBUG: |-- XenDetectKeys 2016-09-01 12:45:22,749 [root] DEBUG: |-- XtremeRAT 2016-09-01 12:45:22,749 [root] DEBUG: |-- Xworm 2016-09-01 12:45:22,749 [root] DEBUG: |-- Zegost 2016-09-01 12:45:22,750 [root] DEBUG: |-- ZeusMutexes 2016-09-01 12:45:22,750 [root] DEBUG: |-- ZeusP2P 2016-09-01 12:45:22,750 [root] DEBUG: |-- ZeusURL 2016-09-01 12:45:22,750 [root] DEBUG: |-- ZoneID 2016-09-01 12:45:22,750 [root] DEBUG: |-- apt_sandworm_ip 2016-09-01 12:45:22,750 [root] DEBUG: |-- apt_sandworm_url 2016-09-01 12:45:22,750 [root] DEBUG: |-- banker_bancos 2016-09-01 12:45:22,750 [root] DEBUG: |-- browser_startpage 2016-09-01 12:45:22,750 [root] DEBUG: |-- c24URL 2016-09-01 12:45:22,750 [root] DEBUG: |-- cloud_mediafire 2016-09-01 12:45:22,750 [root] DEBUG: |-- cloud_wetransfer 2016-09-01 12:45:22,751 [root] DEBUG: |-- dnsserver_dynamic 2016-09-01 12:45:22,751 [root] DEBUG: |-- exp_3322_dom 2016-09-01 12:45:22,751 [root] DEBUG: |-- iStealerURL 2016-09-01 12:45:22,751 [root] DEBUG: |-- im_btb 2016-09-01 12:45:22,751 [root] DEBUG: |-- im_qq 2016-09-01 12:45:22,751 [root] DEBUG: |-- miningpool 2016-09-01 12:45:22,751 [root] DEBUG: |-- ransomware_viruscoder 2016-09-01 12:45:22,751 [root] DEBUG: |-- rat_fexel_ip 2016-09-01 12:45:22,751 [root] DEBUG: |-- rat_naid_ip 2016-09-01 12:45:22,751 [root] DEBUG: |-- trojanmrblack 2016-09-01 12:45:22,751 [root] DEBUG: -- trojanyoddos 2016-09-01 12:45:22,752 [root] DEBUG: Imported "processing" modules: 2016-09-01 12:45:22,752 [root] DEBUG: |-- AnalysisInfo 2016-09-01 12:45:22,752 [root] DEBUG: |-- ApkInfo 2016-09-01 12:45:22,752 [root] DEBUG: |-- Baseline 2016-09-01 12:45:22,752 [root] DEBUG: |-- BehaviorAnalysis 2016-09-01 12:45:22,752 [root] DEBUG: |-- DroppedBuffer 2016-09-01 12:45:22,752 [root] DEBUG: |-- Debug 2016-09-01 12:45:22,752 [root] DEBUG: |-- Droidmon 2016-09-01 12:45:22,752 [root] DEBUG: |-- Dropped 2016-09-01 12:45:22,752 [root] DEBUG: |-- TLSMasterSecrets 2016-09-01 12:45:22,752 [root] DEBUG: |-- GooglePlay 2016-09-01 12:45:22,753 [root] DEBUG: |-- Memory 2016-09-01 12:45:22,753 [root] DEBUG: |-- NetworkAnalysis 2016-09-01 12:45:22,753 [root] DEBUG: |-- ProcessMemory 2016-09-01 12:45:22,753 [root] DEBUG: |-- Screenshots 2016-09-01 12:45:22,753 [root] DEBUG: |-- Snort 2016-09-01 12:45:22,753 [root] DEBUG: |-- Static 2016-09-01 12:45:22,753 [root] DEBUG: |-- Strings 2016-09-01 12:45:22,753 [root] DEBUG: |-- Suricata 2016-09-01 12:45:22,753 [root] DEBUG: |-- TargetInfo 2016-09-01 12:45:22,753 [root] DEBUG:-- VirusTotal 2016-09-01 12:45:22,753 [root] DEBUG: Imported "auxiliary" modules: 2016-09-01 12:45:22,754 [root] DEBUG: |-- MITM 2016-09-01 12:45:22,754 [root] DEBUG: |-- Services 2016-09-01 12:45:22,754 [root] DEBUG: -- Sniffer 2016-09-01 12:45:22,754 [root] DEBUG: Imported "reporting" modules: 2016-09-01 12:45:22,754 [root] DEBUG: |-- CustomReport 2016-09-01 12:45:22,754 [root] DEBUG: |-- SigSender 2016-09-01 12:45:22,754 [root] DEBUG: |-- JsonDump 2016-09-01 12:45:22,754 [root] DEBUG: |-- Moloch 2016-09-01 12:45:22,754 [root] DEBUG: |-- MongoDB 2016-09-01 12:45:22,754 [root] DEBUG: |-- ReportHTML 2016-09-01 12:45:22,754 [root] DEBUG: |-- ReportJson 2016-09-01 12:45:22,754 [root] DEBUG: |-- SaveMVIDS 2016-09-01 12:45:22,755 [root] DEBUG: |-- SigSender 2016-09-01 12:45:22,755 [root] DEBUG:-- SubmitDropped 2016-09-01 12:45:22,755 [root] DEBUG: Imported "machinery" modules: 2016-09-01 12:45:22,755 [root] DEBUG: -- VirtualBox 2016-09-01 12:45:22,756 [root] DEBUG: Checking for locked tasks.. 2016-09-01 12:45:22,761 [root] DEBUG: Checking for pending service tasks.. 2016-09-01 12:45:22,764 [root] DEBUG: Initializing Yara... 2016-09-01 12:45:22,765 [root] DEBUG: |-- index_binaries.yar 2016-09-01 12:45:22,765 [root] DEBUG:-- index_memory.yar 2016-09-01 12:45:22,769 [lib.cuckoo.core.resultserver] DEBUG: ResultServer running on 192.168.56.1:7234. 2016-09-01 12:45:22,770 [lib.cuckoo.core.scheduler] INFO: Using "virtualbox" as machine manager 2016-09-01 12:45:23,018 [modules.machinery.virtualbox] DEBUG: Getting status for c_win7_box1 2016-09-01 12:45:23,074 [modules.machinery.virtualbox] DEBUG: Machine c_win7_box1 status poweroff 2016-09-01 12:45:23,113 [modules.machinery.virtualbox] DEBUG: Getting status for c_win7_box2 2016-09-01 12:45:23,184 [modules.machinery.virtualbox] DEBUG: Machine c_win7_box2 status poweroff 2016-09-01 12:45:23,223 [modules.machinery.virtualbox] DEBUG: Getting status for c_win7_box3 2016-09-01 12:45:23,292 [modules.machinery.virtualbox] DEBUG: Machine c_win7_box3 status poweroff 2016-09-01 12:45:23,342 [lib.cuckoo.core.scheduler] INFO: Loaded 3 machine/s 2016-09-01 12:45:23,352 [lib.cuckoo.core.scheduler] INFO: Waiting for analysis tasks. 2016-09-01 12:45:47,042 [lib.cuckoo.core.scheduler] DEBUG: Processing task #15063 2016-09-01 12:45:47,043 [lib.cuckoo.core.scheduler] INFO: Starting analysis of FILE "0f533a2e92a18886ddba07315feb6355c0d408fb5e5db94d57a925a35ec620b4.exe" (task #15063, options "route=none") 2016-09-01 12:45:47,121 [lib.cuckoo.core.scheduler] INFO: Task #15063: acquired machine c_win7_box1 (label=c_win7_box1) 2016-09-01 12:45:47,126 [modules.auxiliary.sniffer] INFO: Started sniffer with PID 8229 (interface=vboxnet0, host=192.168.56.109, pcap=/home/ubox/gdvn-cuckoo/storage/analyses/15063/dump.pcap) 2016-09-01 12:45:47,126 [lib.cuckoo.core.plugins] DEBUG: Started auxiliary module: Sniffer tcpdump: listening on vboxnet0, link-type EN10MB (Ethernet), capture size 65535 bytes 2016-09-01 12:45:47,295 [lib.cuckoo.core.database] DEBUG: Database error logging guest start: (_mysql_exceptions.IntegrityError) (1452, 'Cannot add or update a child row: a foreign key constraint fails (cuckoo.guests, CONSTRAINT guests_ibfk_1 FOREIGN KEY (task_id) REFERENCES tasks (id))') [SQL: u'UPDATE guests SET task_id=%s WHERE guests.id = %s'] [parameters: (None, 13671L)] 2016-09-01 12:45:47,295 [modules.machinery.virtualbox] DEBUG: Starting vm c_win7_box1 2016-09-01 12:45:47,296 [modules.machinery.virtualbox] DEBUG: Getting status for c_win7_box1 2016-09-01 12:45:47,373 [modules.machinery.virtualbox] DEBUG: Machine c_win7_box1 status poweroff 2016-09-01 12:45:47,423 [modules.machinery.virtualbox] DEBUG: Using snapshot с_win7_snap05 for virtual machine c_win7_box1 2016-09-01 12:45:47,701 [modules.machinery.virtualbox] DEBUG: Getting status for c_win7_box1 2016-09-01 12:45:47,752 [modules.machinery.virtualbox] DEBUG: Machine c_win7_box1 status saved 2016-09-01 12:45:49,746 [modules.machinery.virtualbox] DEBUG: Getting status for c_win7_box1 2016-09-01 12:45:49,811 [modules.machinery.virtualbox] DEBUG: Machine c_win7_box1 status running 2016-09-01 12:45:50,152 [lib.cuckoo.core.guest] INFO: Starting analysis on guest (id=c_win7_box1, ip=192.168.56.109) 2016-09-01 12:45:51,163 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: not ready yet 2016-09-01 12:45:52,168 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: not ready yet 2016-09-01 12:45:53,162 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: not ready yet 2016-09-01 12:45:55,267 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: waiting for status 0x0001 2016-09-01 12:45:55,309 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: status ready 2016-09-01 12:45:55,426 [lib.cuckoo.core.guest] DEBUG: Uploading analyzer to guest (id=c_win7_box1, ip=192.168.56.109) 2016-09-01 12:45:55,993 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analyzer started with PID 1572 2016-09-01 12:45:56,108 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: waiting for completion 2016-09-01 12:45:57,114 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:45:57,831 [lib.cuckoo.core.resultserver] DEBUG: LogHandler for live analysis.log initialized. 2016-09-01 12:45:58,121 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:45:59,128 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:00,134 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:01,140 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:01,814 [lib.cuckoo.core.resultserver] DEBUG: New process (pid=1816, ppid=1680, name=0f533a2e92a18886ddba07315feb6355c0d408fb5e5db94d57a925a35ec620b4.exe) 2016-09-01 12:46:02,152 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:02,504 [lib.cuckoo.core.resultserver] DEBUG: File upload request for shots/0001.jpg 2016-09-01 12:46:02,539 [lib.cuckoo.core.resultserver] DEBUG: Uploaded file length: 33952 2016-09-01 12:46:02,539 [lib.cuckoo.core.resultserver] DEBUG: Connection closed: 192.168.56.109:49175 2016-09-01 12:46:03,156 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:04,161 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:05,167 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:06,173 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:07,178 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:08,186 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:09,191 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:10,197 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:11,204 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:12,211 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:13,218 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:14,224 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:15,230 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:16,237 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:17,245 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:18,252 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:19,258 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:20,265 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:21,272 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:22,277 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:23,284 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:24,291 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:25,297 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:26,304 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:27,311 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:28,317 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:29,323 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:30,330 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:31,337 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:32,344 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:33,350 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:34,356 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:35,363 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:36,369 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:37,375 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:38,381 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:39,386 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:40,394 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:41,406 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:42,417 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:43,423 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:44,439 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:45,447 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:46,453 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:47,460 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:48,469 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:49,475 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:50,524 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:51,532 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:52,537 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:53,544 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:54,551 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:55,558 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:56,565 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:57,572 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:58,579 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:46:59,585 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:00,593 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:01,600 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:02,606 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:03,613 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:04,619 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:05,626 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:06,633 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:07,640 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:08,647 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:09,654 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:10,661 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:11,668 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:12,674 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:13,681 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:14,688 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:15,695 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:16,700 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:17,707 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:18,714 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:19,720 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:20,727 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:21,733 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:22,740 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:23,747 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:24,754 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:25,761 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:26,768 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:27,775 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:28,782 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:29,789 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:30,795 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:31,805 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:32,812 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:33,820 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:34,827 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:35,834 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:36,841 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:37,848 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:38,855 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:39,862 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:40,868 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:41,876 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:42,883 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:43,890 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:44,896 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:45,901 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:46,906 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:47,910 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:48,915 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:49,924 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:50,935 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:51,946 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:52,951 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:53,959 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:54,966 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:55,972 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:56,977 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:57,985 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:58,991 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:47:59,996 [lib.cuckoo.core.guest] DEBUG: c_win7_box1: analysis not completed yet (status=2) 2016-09-01 12:48:01,002 [lib.cuckoo.core.guest] INFO: c_win7_box1: analysis completed successfully 285 packets captured 285 packets received by filter 0 packets dropped by kernel 2016-09-01 12:48:01,048 [lib.cuckoo.core.plugins] DEBUG: Stopped auxiliary module: Sniffer 2016-09-01 12:48:01,048 [modules.machinery.virtualbox] DEBUG: Stopping vm c_win7_box1 2016-09-01 12:48:01,048 [modules.machinery.virtualbox] DEBUG: Getting status for c_win7_box1 2016-09-01 12:48:01,132 [modules.machinery.virtualbox] DEBUG: Machine c_win7_box1 status running 2016-09-01 12:48:02,185 [modules.machinery.virtualbox] DEBUG: Getting status for c_win7_box1 2016-09-01 12:48:02,227 [modules.machinery.virtualbox] DEBUG: Machine c_win7_box1 status poweroff 2016-09-01 12:48:02,390 [lib.cuckoo.core.database] WARNING: Data inconsistency in guests table detected, it might be a crash leftover. Continue 2016-09-01 12:48:02,858 [lib.cuckoo.core.resultserver] DEBUG: Connection closed: 192.168.56.109:49172 2016-09-01 12:48:03,470 [lib.cuckoo.core.resultserver] DEBUG: Connection closed: 192.168.56.109:49173 2016-09-01 12:48:03,834 [lib.cuckoo.core.resultserver] DEBUG: Connection closed: 192.168.56.109:49174 2016-09-01 12:48:03,918 [lib.cuckoo.core.scheduler] DEBUG: Released database task #15063 2016-09-01 12:48:03,928 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "AnalysisInfo" on analysis at "/home/ubox/gdvn-cuckoo/storage/analyses/15063" 2016-09-01 12:48:03,947 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "BehaviorAnalysis" on analysis at "/home/ubox/gdvn-cuckoo/storage/analyses/15063" Segmentation fault (core dumped)

g00dv1n commented 8 years ago

I am update yara to 3.5 version .

jbremer commented 8 years ago

Can you enable the creation of coredump files and share one of those with us? That would probably help. Also, did you update your Python bindings for Yara to match with those of the new version?

jbremer commented 8 years ago

Any update on this matter @g00dv1n? I believe this may be resolved by a simple pip install -U yara-python.