Open DigiAngel opened 6 years ago
Can you find out in which process that URL was found? Might just be the malware checking in ;)
i saw that when manually configured vm, you download by browser the agent and/or the rest, later it detected in this way :D
Thanks...for a second I thought maybe I had the agent.py not set correctly, but ya..agent.pyw is what I named it. I'll try a different sample and report my findings..thank you.
but did you download the agent from 192.168.100.1:8000 before?
Oh yea...it's in the Startup dir and was taken from the agent dir from the cuckoo source.
so is what i told in my 1 comment
Not sure why...I have these as default in reporting.conf: