search

cuckoosandbox / cuckoo

Cuckoo Sandbox is an automated dynamic malware analysis system
http://www.cuckoosandbox.org
Other
5.47k stars 1.7k forks source link

cuckoo version 2.0.3 Failure in AnalysisManager.run #1877

Open shakifan opened 6 years ago

shakifan commented 6 years ago

Hi, help me please I tried cuckoo version 2.0.3 and installed it referring to this document http://docs.cuckoosandbox.org/en/latest/

2017-10-06 12:28:28,178 [cuckoo.core.scheduler] ERROR: Failure in AnalysisManager.run Traceback (most recent call last): File "/usr/local/lib/python2.7/dist-packages/cuckoo/core/scheduler.py", line 698, in run self.launch_analysis() File "/usr/local/lib/python2.7/dist-packages/cuckoo/core/scheduler.py", line 499, in launch_analysis self.guest_manage(options) File "/usr/local/lib/python2.7/dist-packages/cuckoo/core/scheduler.py", line 394, in guest_manage self.guest_manager.start_analysis(options, monitor) File "/usr/local/lib/python2.7/dist-packages/cuckoo/core/guest.py", line 462, in start_analysis self.query_environ() File "/usr/local/lib/python2.7/dist-packages/cuckoo/core/guest.py", line 337, in query_environ self.environ = self.get("/environ").json()["environ"] File "/usr/local/lib/python2.7/dist-packages/requests/models.py", line 866, in json return complexjson.loads(self.text, **kwargs) File "/usr/lib/python2.7/json/init.py", line 339, in loads return _default_decoder.decode(s) File "/usr/lib/python2.7/json/decoder.py", line 364, in decode obj, end = self.raw_decode(s, idx=_w(s, 0).end()) File "/usr/lib/python2.7/json/decoder.py", line 382, in raw_decode raise ValueError("No JSON object could be decoded") ValueError: No JSON object could be decoded

jbremer commented 6 years ago

Could you run an analysis with the sniffer.debug=1 option, i.e., cuckoo submit -o sniffer.debug=1 sample.exe and share the dump.pcap file with us? Thanks!

shakifan commented 6 years ago

yes, please w8 a moment.

shakifan commented 6 years ago

I did the following launched /.cuckoo$ cuckoo submit -o sniffer.debug=1 /home/cusandbox/malware/1.scr received Success: File "/home/cusandbox/malware/1.scr" added as task with ID #5

but the directory in the folder did not appear and in the web interface I see that the task of pending http: // localhost: 8000 / analysis / pending /

Thank you alot for answer!!!

shakifan commented 6 years ago

My apologies. The file was pending, since I did not run the sandbox after that. After I have executed cuckoo -d a folder and reports were created. https://www.sendspace.com/file/shfhop

shakifan commented 6 years ago

Hello again. I hope for your answer. I did exactly the same virtual machine and used WindowsXP as a guest. On XP, everything works. When using Windows 7, no analysis is performed. I set the graphical mode to see how the analysis is going and saw that when the system boots up, the network connection icon is displayed as an unconnected network, then the network starts to initialize and the activity stops. I even disabled the defender of Windows, configured the browser and disabled all notifications in it and allowed the launch of programs from the Internet without asking for action (UAC, firewall and updates are disabled)