search

cuckoosandbox / cuckoo

Cuckoo Sandbox is an automated dynamic malware analysis system
http://www.cuckoosandbox.org
Other
5.57k stars 1.71k forks source link

Machinery error: Error dumping memory virtual machine cuckoo64: this function is not supported by the connection driver: virDomainCoreDump #1216

Closed mark-bah closed 7 years ago

mark-bah commented 7 years ago

Here is the output from the console while running this. I haven't been able to find any similar issues and am pretty lost on how to fix this. I can ping my host IP from the guest VM and can ping the guest IP from the host VM. It's running on a vmware esxi VM.

2016-12-21 14:54:03,667 [lib.cuckoo.core.scheduler] INFO: Task #7: acquired machine cuckoo64 (label=cuckoo64) 2016-12-21 14:54:03,707 [modules.auxiliary.sniffer] INFO: Started sniffer with PID 26123 (interface=ens32, host=10.22.8.200, pcap=/opt/cuckoo/cuckoo/storage/analyses/7/dump.pcap) 2016-12-21 14:54:03,849 [lib.cuckoo.core.scheduler] ERROR: Machinery error: Trying to start a virtual machine that has not been turned off cuckoo64 2016-12-21 14:54:03,866 [lib.cuckoo.core.scheduler] CRITICAL: A critical error has occurred trying to use the machine with name cuckoo64 during an analysis due to which it is no longer in a working state, please report this issue and all of the related environment details to the developers so we can improve this situation. (Note that before we would simply remove this VM from doing any more analyses, but as all the VMs will eventually be depleted that way, hopefully we'll find a better solution now). libvirt: Domain Config error : this function is not supported by the connection driver: virDomainCoreDump 2016-12-21 14:54:03,877 [lib.cuckoo.core.scheduler] ERROR: Machinery error: Error dumping memory virtual machine cuckoo64: this function is not supported by the connection driver: virDomainCoreDump 2016-12-21 14:54:04,517 [modules.processing.behavior] WARNING: Analysis results folder does not exist at path '/opt/cuckoo/cuckoo/storage/analyses/7/logs'. 2016-12-21 14:54:04,522 [modules.processing.screenshots] ERROR: Could not find tesseract binary, screenshot OCR aborted. 2016-12-21 14:54:05,045 [modules.processing.network] ERROR: Unable to open /opt/cuckoo/cuckoo/storage/analyses/7/dump_sorted.pcap 2016-12-21 14:54:06,568 [lib.cuckoo.core.scheduler] INFO: Task #7: reports generation completed (path=/opt/cuckoo/cuckoo/storage/analyses/7) 2016-12-21 14:54:06,604 [lib.cuckoo.core.scheduler] INFO: Task #7: analysis procedure completed

doomedraven commented 7 years ago

which hypervisor? and looks like you have problem with snapshot, it was took in running state?

mark-bah commented 7 years ago

@doomedraven I'm running both VMs through vsphere 5.0. The snapshot was taken while the machine was on and right after I ran python agent.py. The snapshot includes the memory state of the machine as well.

mark-bah commented 7 years ago

After fixing some things ( I hope), this is the new output I'm getting.

In the windows 7 VM, I'm also getting a message on the console that says "code 501, message Unsupported method ('GET'). Not sure if that's relevant.

2016-12-22 14:48:40,875 [lib.cuckoo.core.scheduler] DEBUG: Processing task #13 2016-12-22 14:48:40,896 [lib.cuckoo.core.scheduler] INFO: Starting analysis of FILE "0a28108de4ee1f8b2b72ead397996911" (task #13, options "route=none,procmemdump=yes") 2016-12-22 14:48:41,118 [lib.cuckoo.core.scheduler] INFO: File already exists at "/opt/cuckoo/cuckoo/storage/binaries/9daf1678d88c829246c81e10217c58cebc6e9dab1c5b825e0b9e467f182012ce" 2016-12-22 14:48:41,164 [lib.cuckoo.core.scheduler] INFO: Task #13: acquired machine cuckoo64 (label=cuckoo64) 2016-12-22 14:48:41,179 [modules.auxiliary.sniffer] INFO: Started sniffer with PID 4664 (interface=ens32, host=10.22.8.200, pcap=/opt/cuckoo/cuckoo/storage/analyses/13/dump.pcap) 2016-12-22 14:48:41,180 [lib.cuckoo.core.plugins] DEBUG: Started auxiliary module: Sniffer 2016-12-22 14:48:41,254 [lib.cuckoo.common.abstracts] DEBUG: Starting machine cuckoo64 2016-12-22 14:48:41,255 [lib.cuckoo.common.abstracts] DEBUG: Getting status for cuckoo64 2016-12-22 14:48:41,347 [lib.cuckoo.common.abstracts] DEBUG: Using snapshot cuckoo for virtual machine cuckoo64 2016-12-22 14:48:44,237 [lib.cuckoo.common.abstracts] DEBUG: Getting status for cuckoo64 2016-12-22 14:48:44,325 [lib.cuckoo.core.guest] INFO: Starting analysis on guest (id=cuckoo64, ip=10.22.8.200) 2016-12-22 14:48:47,368 [lib.cuckoo.core.guest] DEBUG: cuckoo64: waiting for status 0x0001 2016-12-22 14:48:47,791 [lib.cuckoo.core.guest] DEBUG: cuckoo64: status ready 2016-12-22 14:48:47,813 [lib.cuckoo.core.guest] DEBUG: Uploading analyzer to guest (id=cuckoo64, ip=10.22.8.200, monitor=latest, size=1756407) 2016-12-22 14:49:00,573 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analyzer started with PID 2152 2016-12-22 14:49:00,598 [lib.cuckoo.core.guest] DEBUG: cuckoo64: waiting for completion 2016-12-22 14:49:01,643 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:49:02,651 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:49:03,661 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:49:04,669 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:49:05,678 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:49:06,687 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:49:07,696 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:49:08,707 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:49:09,717 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:49:10,726 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:49:11,734 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:49:12,741 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:49:13,751 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:49:14,764 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:49:15,773 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:49:16,785 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:49:17,796 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:49:18,807 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:49:19,818 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:49:20,833 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:49:21,846 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:49:22,857 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:49:23,868 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:49:24,880 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:49:25,891 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:49:26,902 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:49:27,913 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:49:28,926 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:49:32,347 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:49:33,360 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:49:34,370 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:49:35,382 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:49:36,393 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:49:37,407 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:49:38,418 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:49:39,431 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:49:40,443 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:49:41,454 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:49:42,466 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:49:43,481 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:49:44,492 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:49:45,502 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:49:46,512 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:49:47,525 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:49:48,537 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:49:49,547 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:49:50,557 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:49:51,569 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:49:52,579 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:49:53,591 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:49:54,603 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:49:55,615 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:49:56,628 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:49:57,641 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:49:58,654 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:49:59,671 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:00,680 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:01,693 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:02,706 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:03,719 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:04,733 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:05,746 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:06,757 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:07,771 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:08,784 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:09,797 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:10,810 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:11,821 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:12,833 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:13,846 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:14,858 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:15,875 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:16,887 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:17,899 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:18,912 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:19,925 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:20,937 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:21,948 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:22,959 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:23,972 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:24,986 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:25,998 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:27,011 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:28,024 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:29,038 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:30,054 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:31,065 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:32,079 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:33,093 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:34,108 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:35,126 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:36,143 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:37,155 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:38,170 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:39,180 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:40,202 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:41,215 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:42,229 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:43,240 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:44,255 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:45,275 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:46,296 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:47,310 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:48,326 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:49,337 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:50,350 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:51,362 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:52,374 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:53,393 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:54,412 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:55,436 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:56,455 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:57,473 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:58,488 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:50:59,500 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:00,521 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:01,531 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:02,547 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:03,562 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:04,583 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:05,596 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:06,608 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:07,621 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:08,633 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:09,650 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:10,663 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:11,681 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:12,705 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:13,723 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:14,738 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:15,750 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:16,766 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:17,778 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:18,791 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:19,805 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:20,824 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:21,851 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:22,865 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:23,879 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:24,896 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:25,910 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:26,931 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:27,945 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:28,959 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:29,974 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:30,988 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:32,007 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:33,021 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:34,041 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:35,054 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:36,065 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:37,076 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:38,092 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:39,104 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:40,115 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:41,127 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:42,138 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:43,152 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:44,163 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:45,176 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:46,196 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:47,207 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:48,228 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:49,240 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:50,255 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:51,267 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:52,280 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:53,299 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:54,312 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:55,329 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:56,343 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:57,357 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:58,368 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:51:59,389 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:52:00,402 [lib.cuckoo.core.guest] DEBUG: cuckoo64: analysis not completed yet (status=2) 2016-12-22 14:52:01,408 [lib.cuckoo.core.scheduler] ERROR: Error from the Cuckoo Guest: The analysis hit the critical timeout, terminating. 2016-12-22 14:52:01,438 [lib.cuckoo.core.plugins] DEBUG: Stopped auxiliary module: Sniffer 2016-12-22 14:52:01,439 [lib.cuckoo.common.abstracts] DEBUG: Stopping machine cuckoo64 2016-12-22 14:52:01,439 [lib.cuckoo.common.abstracts] DEBUG: Getting status for cuckoo64 2016-12-22 14:52:01,935 [lib.cuckoo.common.abstracts] DEBUG: Getting status for cuckoo64 2016-12-22 14:52:02,071 [lib.cuckoo.core.scheduler] DEBUG: Released database task #13 2016-12-22 14:52:02,115 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "AnalysisInfo" on analysis at "/opt/cuckoo/cuckoo/storage/analyses/13" 2016-12-22 14:52:02,116 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "MetaInfo" on analysis at "/opt/cuckoo/cuckoo/storage/analyses/13" 2016-12-22 14:52:02,119 [modules.processing.behavior] WARNING: Analysis results folder does not exist at path '/opt/cuckoo/cuckoo/storage/analyses/13/logs'. 2016-12-22 14:52:02,119 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "BehaviorAnalysis" on analysis at "/opt/cuckoo/cuckoo/storage/analyses/13" 2016-12-22 14:52:02,120 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "DroppedBuffer" on analysis at "/opt/cuckoo/cuckoo/storage/analyses/13" 2016-12-22 14:52:02,126 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "Debug" on analysis at "/opt/cuckoo/cuckoo/storage/analyses/13" 2016-12-22 14:52:02,127 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "Dropped" on analysis at "/opt/cuckoo/cuckoo/storage/analyses/13" 2016-12-22 14:52:02,128 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "ProcessMemory" on analysis at "/opt/cuckoo/cuckoo/storage/analyses/13" 2016-12-22 14:52:02,128 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "Procmon" on analysis at "/opt/cuckoo/cuckoo/storage/analyses/13" 2016-12-22 14:52:02,129 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "Screenshots" on analysis at "/opt/cuckoo/cuckoo/storage/analyses/13" 2016-12-22 14:52:05,031 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "Static" on analysis at "/opt/cuckoo/cuckoo/storage/analyses/13" 2016-12-22 14:52:05,562 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "Strings" on analysis at "/opt/cuckoo/cuckoo/storage/analyses/13" 2016-12-22 14:52:06,036 [lib.cuckoo.common.objects] WARNING: Unable to import yara (please compile from sources) 2016-12-22 14:52:06,085 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "TargetInfo" on analysis at "/opt/cuckoo/cuckoo/storage/analyses/13" 2016-12-22 14:52:06,086 [modules.processing.network] DEBUG: Whitelisting Disabled. 2016-12-22 14:52:06,087 [modules.processing.network] ERROR: Unable to open /opt/cuckoo/cuckoo/storage/analyses/13/dump_sorted.pcap 2016-12-22 14:52:06,087 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "NetworkAnalysis" on analysis at "/opt/cuckoo/cuckoo/storage/analyses/13" 2016-12-22 14:52:06,869 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "VirusTotal" on analysis at "/opt/cuckoo/cuckoo/storage/analyses/13" 2016-12-22 14:52:06,871 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "TLSMasterSecrets" on analysis at "/opt/cuckoo/cuckoo/storage/analyses/13" 2016-12-22 14:52:06,871 [lib.cuckoo.core.plugins] DEBUG: Running 0 signatures 2016-12-22 14:52:07,426 [lib.cuckoo.core.plugins] DEBUG: Executed reporting module "JsonDump" 2016-12-22 14:52:37,583 [lib.cuckoo.core.plugins] ERROR: Failed to run the reporting module "MongoDB": Traceback (most recent call last): File "/opt/cuckoo/cuckoo/lib/cuckoo/core/plugins.py", line 533, in process current.run(self.results) File "/opt/cuckoo/cuckoo/modules/reporting/mongodb.py", line 89, in run if "cuckoo_schema" in self.db.collection_names(): File "/usr/lib64/python2.7/site-packages/pymongo/database.py", line 488, in collection_names ReadPreference.PRIMARY) as (sock_info, slave_okay): File "/usr/lib64/python2.7/contextlib.py", line 17, in enter return self.gen.next() File "/usr/lib64/python2.7/site-packages/pymongo/mongo_client.py", line 699, in _socket_for_reads with self._get_socket(read_preference) as sock_info: File "/usr/lib64/python2.7/contextlib.py", line 17, in enter return self.gen.next() File "/usr/lib64/python2.7/site-packages/pymongo/mongo_client.py", line 663, in _get_socket server = self._get_topology().select_server(selector) File "/usr/lib64/python2.7/site-packages/pymongo/topology.py", line 121, in select_server address)) File "/usr/lib64/python2.7/site-packages/pymongo/topology.py", line 97, in select_servers self._error_message(selector)) ServerSelectionTimeoutError: 127.0.0.1:27017: [Errno 111] Connection refused 2016-12-22 14:52:37,586 [lib.cuckoo.core.scheduler] INFO: Task #13: reports generation completed (path=/opt/cuckoo/cuckoo/storage/analyses/13) 2016-12-22 14:52:37,671 [lib.cuckoo.core.scheduler] INFO: Task #13: analysis procedure completed

doomedraven commented 7 years ago

looks like your mongo not starter/listening on 27017

ServerSelectionTimeoutError: 127.0.0.1:27017: [Errno 111] Connection refused <-