latest version report does not contain behavirol summary

cuckoosandbox / cuckoo

Cuckoo Sandbox is an automated dynamic malware analysis system

http://www.cuckoosandbox.org

Other

5.55k stars 1.71k forks source link

latest version report does not contain behavirol summary #2357

Open cuckoo-linux opened 6 years ago

cuckoo-linux commented 6 years ago

Thanks for creating an issue! But first: did you read our community guidelines? https://cuckoo.sh/docs/introduction/community.html

My issue is:why latest cuckoo does not contain behavioral summary etc. in report????

My Cuckoo version and operating system are:2.0.6,ubuntu 16.04

This can be reproduced by:

The log, error, files etc can be found at:

doomedraven commented 6 years ago

log?

RicoVZ commented 6 years ago

Hi cuckoo-linux,

Thanks for posting an issue.

What report are you referring to? JSON, Web interface, PDF, HTML file report. There are multiple.

cuckoo-linux commented 6 years ago

both html,pdf contains only file info,checksums,detected signatures and screen shots only.no detail behavirol summary include in report.

Analysis report summary 2018/07/04 11:18 Summary - calc.exe File info

name: calc.exe
type: PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows, UPX compressed
size: 84480 bytes

Checksums

SHA1 17096ce05fac379d3b0bd1495269b77a56b1f6d4
MD5 446d6075250c4583b0607431509aa1d0

Detected signatures

Command line console output was observed 2 events

The binary likely contains encrypted or compressed data indicative of a packer 2 events

The executable is compressed using UPX 3 events

Screenshots (4/103)

0034.jpg

0062.jpg

0005.jpg

RicoVZ commented 6 years ago

@cuckoo-linux This is correct. At the moment the HTML and PDF reports only have that data (and some more) these reports should also include network hosts (only if there are any, of course). :smile:

The idea of these "single file" reports is that they are compact and to the point.

The PDF/HTML reports is something that has not been updated for quite a while. :sweat_smile: Improvement is something that is on the todo list. What specific data are you expecting/missing?

It, of course, is possible to add things to these reports. The template that is used to render them can be found here: https://github.com/cuckoosandbox/cuckoo/blob/master/cuckoo/private/html/report.html

cuckoo-linux commented 6 years ago

I expect detail report like previous versions of cuckoo:)that contains all details related to registry and file operations.