search

cuckoosandbox / cuckoo

Cuckoo Sandbox is an automated dynamic malware analysis system
http://www.cuckoosandbox.org
Other
5.47k stars 1.7k forks source link

WARNING: cuckoo1: analysis caught an exception #2364

Open nice9uy opened 5 years ago

nice9uy commented 5 years ago

(cuckoo-env) cuckoo@cuckoo-lab:~$ cuckoo 

                  __

.----..--.--..----.| |--..-----..-----. | || | || || < | || | ||||||||||||_____|

Cuckoo Sandbox 2.0.6 www.cuckoosandbox.org Copyright (c) 2010-2018

Checking for updates... You're good to go!

Our latest blogposts:

2018-07-11 15:57:12,016 [cuckoo.core.scheduler] INFO: Using "virtualbox" as machine manager 2018-07-11 15:57:12,601 [cuckoo.core.scheduler] INFO: Loaded 1 machine/s 2018-07-11 15:57:12,617 [cuckoo.core.scheduler] INFO: Waiting for analysis tasks. 2018-07-11 15:57:38,395 [cuckoo.core.scheduler] INFO: Starting analysis of FILE "Windows 7 Loader.exe" (task #6, options "procmemdump=yes,route=none") 2018-07-11 15:57:38,526 [cuckoo.core.scheduler] INFO: Task #6: acquired machine cuckoo1 (label=win7_1) 2018-07-11 15:57:38,533 [cuckoo.auxiliary.mitm] INFO: Started mitm interception with PID 19622 (ip=192.168.56.1, port=50000). 2018-07-11 15:57:38,540 [cuckoo.auxiliary.sniffer] INFO: Started sniffer with PID 19623 (interface=vboxnet0, host=192.168.56.101) 2018-07-11 15:57:47,152 [cuckoo.core.guest] INFO: Starting analysis on guest (id=cuckoo1, ip=192.168.56.101) 2018-07-11 15:57:51,258 [cuckoo.core.guest] INFO: Guest is running Cuckoo Agent 0.8 (id=cuckoo1, ip=192.168.56.101) 2018-07-11 15:57:54,951 [cuckoo.core.guest] WARNING: cuckoo1: analysis caught an exception Traceback (most recent call last): File "C:/tmpqfzws8/analyzer.py", line 800, in success = analyzer.run() File "C:/tmpqfzws8/analyzer.py", line 652, in run pids = self.package.start(self.target) File "C:\tmpqfzws8\modules\packages\exe.py", line 23, in start return self.execute(path, args=shlex.split(args)) File "C:\tmpqfzws8\lib\common\abstracts.py", line 166, in execute "Unable to execute the initial process, analysis aborted." CuckooPackageError: Unable to execute the initial process, analysis aborted.

2018-07-11 15:57:56,794 [cuckoo.processing.behavior] WARNING: Analysis results folder does not contain any behavior log files. 2018-07-11 15:57:56,801 [cuckoo.processing.memory] ERROR: Cannot run volatility module: the volatility library is not available. Please install it according to their documentation. Error opening file /var/log/suricata/suricata.log 11/7/2018 -- 15:57:58 - - This is Suricata version 4.0.4 RELEASE 11/7/2018 -- 15:57:58 - - [ERRCODE: SC_ERR_NO_RULES(42)] - No rule files match the pattern /etc/suricata/rules/botcc.rules 11/7/2018 -- 15:57:58 - - [ERRCODE: SC_ERR_NO_RULES(42)] - No rule files match the pattern /etc/suricata/rules/ciarmy.rules 11/7/2018 -- 15:57:58 - - [ERRCODE: SC_ERR_NO_RULES(42)] - No rule files match the pattern /etc/suricata/rules/compromised.rules 11/7/2018 -- 15:57:58 - - [ERRCODE: SC_ERR_NO_RULES(42)] - No rule files match the pattern /etc/suricata/rules/drop.rules 11/7/2018 -- 15:57:58 - - [ERRCODE: SC_ERR_NO_RULES(42)] - No rule files match the pattern /etc/suricata/rules/dshield.rules 11/7/2018 -- 15:57:58 - - [ERRCODE: SC_ERR_NO_RULES(42)] - No rule files match the pattern /etc/suricata/rules/emerging-attack_response.rules 11/7/2018 -- 15:57:58 - - [ERRCODE: SC_ERR_NO_RULES(42)] - No rule files match the pattern /etc/suricata/rules/emerging-chat.rules 11/7/2018 -- 15:57:58 - - [ERRCODE: SC_ERR_NO_RULES(42)] - No rule files match the pattern /etc/suricata/rules/emerging-current_events.rules 11/7/2018 -- 15:57:58 - - [ERRCODE: SC_ERR_NO_RULES(42)] - No rule files match the pattern /etc/suricata/rules/emerging-dns.rules 11/7/2018 -- 15:57:58 - - [ERRCODE: SC_ERR_NO_RULES(42)] - No rule files match the pattern /etc/suricata/rules/emerging-dos.rules 11/7/2018 -- 15:57:58 - - [ERRCODE: SC_ERR_NO_RULES(42)] - No rule files match the pattern /etc/suricata/rules/emerging-exploit.rules 11/7/2018 -- 15:57:58 - - [ERRCODE: SC_ERR_NO_RULES(42)] - No rule files match the pattern /etc/suricata/rules/emerging-ftp.rules 11/7/2018 -- 15:57:58 - - [ERRCODE: SC_ERR_NO_RULES(42)] - No rule files match the pattern /etc/suricata/rules/emerging-imap.rules 11/7/2018 -- 15:57:58 - - [ERRCODE: SC_ERR_NO_RULES(42)] - No rule files match the pattern /etc/suricata/rules/emerging-malware.rules 11/7/2018 -- 15:57:58 - - [ERRCODE: SC_ERR_NO_RULES(42)] - No rule files match the pattern /etc/suricata/rules/emerging-misc.rules 11/7/2018 -- 15:57:58 - - [ERRCODE: SC_ERR_NO_RULES(42)] - No rule files match the pattern /etc/suricata/rules/emerging-mobile_malware.rules 11/7/2018 -- 15:57:58 - - [ERRCODE: SC_ERR_NO_RULES(42)] - No rule files match the pattern /etc/suricata/rules/emerging-netbios.rules 11/7/2018 -- 15:57:58 - - [ERRCODE: SC_ERR_NO_RULES(42)] - No rule files match the pattern /etc/suricata/rules/emerging-p2p.rules 11/7/2018 -- 15:57:58 - - [ERRCODE: SC_ERR_NO_RULES(42)] - No rule files match the pattern /etc/suricata/rules/emerging-policy.rules 11/7/2018 -- 15:57:58 - - [ERRCODE: SC_ERR_NO_RULES(42)] - No rule files match the pattern /etc/suricata/rules/emerging-pop3.rules 11/7/2018 -- 15:57:58 - - [ERRCODE: SC_ERR_NO_RULES(42)] - No rule files match the pattern /etc/suricata/rules/emerging-rpc.rules 11/7/2018 -- 15:57:58 - - [ERRCODE: SC_ERR_NO_RULES(42)] - No rule files match the pattern /etc/suricata/rules/emerging-scan.rules 11/7/2018 -- 15:57:58 - - [ERRCODE: SC_ERR_NO_RULES(42)] - No rule files match the pattern /etc/suricata/rules/emerging-smtp.rules 11/7/2018 -- 15:57:58 - - [ERRCODE: SC_ERR_NO_RULES(42)] - No rule files match the pattern /etc/suricata/rules/emerging-snmp.rules 11/7/2018 -- 15:57:58 - - [ERRCODE: SC_ERR_NO_RULES(42)] - No rule files match the pattern /etc/suricata/rules/emerging-sql.rules 11/7/2018 -- 15:57:58 - - [ERRCODE: SC_ERR_NO_RULES(42)] - No rule files match the pattern /etc/suricata/rules/emerging-telnet.rules 11/7/2018 -- 15:57:58 - - [ERRCODE: SC_ERR_NO_RULES(42)] - No rule files match the pattern /etc/suricata/rules/emerging-tftp.rules 11/7/2018 -- 15:57:58 - - [ERRCODE: SC_ERR_NO_RULES(42)] - No rule files match the pattern /etc/suricata/rules/emerging-trojan.rules 11/7/2018 -- 15:57:58 - - [ERRCODE: SC_ERR_NO_RULES(42)] - No rule files match the pattern /etc/suricata/rules/emerging-user_agents.rules 11/7/2018 -- 15:57:58 - - [ERRCODE: SC_ERR_NO_RULES(42)] - No rule files match the pattern /etc/suricata/rules/emerging-voip.rules 11/7/2018 -- 15:57:58 - - [ERRCODE: SC_ERR_NO_RULES(42)] - No rule files match the pattern /etc/suricata/rules/emerging-web_client.rules 11/7/2018 -- 15:57:58 - - [ERRCODE: SC_ERR_NO_RULES(42)] - No rule files match the pattern /etc/suricata/rules/emerging-web_server.rules 11/7/2018 -- 15:57:58 - - [ERRCODE: SC_ERR_NO_RULES(42)] - No rule files match the pattern /etc/suricata/rules/emerging-worm.rules 11/7/2018 -- 15:57:58 - - [ERRCODE: SC_ERR_NO_RULES(42)] - No rule files match the pattern /etc/suricata/rules/tor.rules 11/7/2018 -- 15:57:59 - - [ERRCODE: SC_ERR_INITIALIZATION(45)] - Unix socket: UNIX socket bind(/var/run/suricata-command.socket) error: Permission denied 11/7/2018 -- 15:57:59 - - [ERRCODE: SC_ERR_INITIALIZATION(45)] - Unable to create unix command socket 11/7/2018 -- 15:57:59 - - all 41 packet processing threads, 4 management threads initialized, engine started. 11/7/2018 -- 15:57:59 - - Signal Received. Stopping engine. 11/7/2018 -- 15:57:59 - - Pcap-file module read 80 packets, 17060 bytes 2018-07-11 15:57:59,212 [cuckoo.processing.suricata] WARNING: Unable to find the files-json.log log file 2018-07-11 15:58:01,312 [cuckoo.core.scheduler] INFO: Task #6: reports generation completed 2018-07-11 15:58:01,322 [cuckoo.core.scheduler] INFO: Task #6: analysis procedure completed

i got error like this

Can you help me please?

doomedraven commented 5 years ago

Please install it according to their documentation.