ghost
commented
5 years ago The ip in your virtual machine's configuration file is not configured correctly.
Open kp625544 opened 5 years ago
ghost
commented
5 years ago The ip in your virtual machine's configuration file is not configured correctly.
ghost
commented
5 years ago 
Here you can see that.
kp625544
commented
5 years ago I have just redacted the ip for security purposes. you can see the curl output.
ghost
commented
5 years ago Are you running the agent.py file in the VM?Ping that IP address from your host to make sure it can be seen.
kp625544
commented
5 years ago Yes ping response is perfect. curl response is also perfect. ping response ubuntu@ip:~$ ping -c 4 client_ip PING client_ip (client_ip) 56(84) bytes of data. 64 bytes from client_ip: icmp_seq=1 ttl=64 time=0.487 ms 64 bytes from client_ip: icmp_seq=2 ttl=64 time=0.473 ms 64 bytes from client_ip: icmp_seq=3 ttl=64 time=0.458 ms 64 bytes from client_ip: icmp_seq=4 ttl=64 time=0.449 ms
--- client_ip ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 2999ms rtt min/avg/max/mdev = 0.449/0.466/0.487/0.030 ms
curl response
curl client_ip:8000
Error code 501.
Message: Unsupported method ('GET').
Error code explanation: 501 = Server does not support this operation.
ghost
commented
5 years ago You should try the old agent.py version.It seems that the 0.8 version of agent.py is not compatible.
kp625544
commented
5 years ago This is with the old agent itself. The new agent doesn't even connect to the cuckoo engine.
Thanks for creating an issue! But first: did you read our community guidelines? https://cuckoo.sh/docs/introduction/community.html
My issue is:
cuckoo -d
___/\/_ /\/\/\/_/\/_/\/___/\/\/\/\/\/_/\/__/\/\/___/\/\/_ /\/____/\/_/\/_/\/____/\/\/\/___/\/\/\/_/\/_/\/_ /\/____/\/_/\/_/\/____/\/\/\/___/\/\/\/_/\/_/\/_ /\/\/\/__/\/\/\/__/\/\/\/_/\/_/\/__/\/\/___/\/\/_
Cuckoo Sandbox 2.0.6 www.cuckoosandbox.org Copyright (c) 2010-2018
Checking for updates... You're good to go!
Our latest blogposts:
IQY malspam campaign, October 15, 2018. Analysis of a malspam campaign leveraging .IQY (Excel Web Query) files containing DDE to achieve code execution. More at https://hatching.io/blog/iqy-malspam
Hooking VBScript execution in Cuckoo, October 03, 2018. Details on implementation of Visual Basic Script instrumentation for Cuckoo Monitor for extraction of dynamically executed VBScript. More at https://hatching.io/blog/vbscript-hooking
Cuckoo Sandbox 2.0.6 pentest, September 18, 2018. Cuckoo Sandbox 2.0.6 public pentest performed by Cure53 and sponsored by PolySwarm! More at https://hatching.io/blog/cuckoo-206-pentest
Cuckoo Sandbox 2.0.6, June 07, 2018. Interim release awaiting the big release. More at https://cuckoosandbox.org/blog/206-interim-release
Cuckoo Sandbox 2.0.5: Office DDE, December 03, 2017. Brand new release based on a DDE case study. More at https://cuckoosandbox.org/blog/205-office-dde
2019-01-07 10:36:35,170 [cuckoo.core.database] DEBUG: Using database-wide lock for sqlite 2019-01-07 10:36:35,366 [cuckoo.core.startup] DEBUG: Imported modules... 2019-01-07 10:36:35,370 [cuckoo.core.startup] DEBUG: Imported "auxiliary" modules: 2019-01-07 10:36:35,371 [cuckoo.core.startup] DEBUG: |-- MITM 2019-01-07 10:36:35,371 [cuckoo.core.startup] DEBUG: |-- Reboot 2019-01-07 10:36:35,371 [cuckoo.core.startup] DEBUG: |-- Replay 2019-01-07 10:36:35,371 [cuckoo.core.startup] DEBUG: |-- Services 2019-01-07 10:36:35,371 [cuckoo.core.startup] DEBUG:
-- Sniffer 2019-01-07 10:36:35,371 [cuckoo.core.startup] DEBUG: Imported "machinery" modules: 2019-01-07 10:36:35,371 [cuckoo.core.startup] DEBUG: |-- vSphere 2019-01-07 10:36:35,372 [cuckoo.core.startup] DEBUG: |-- KVM 2019-01-07 10:36:35,372 [cuckoo.core.startup] DEBUG: |-- ESX 2019-01-07 10:36:35,372 [cuckoo.core.startup] DEBUG: |-- XenServer 2019-01-07 10:36:35,372 [cuckoo.core.startup] DEBUG: |-- VMware 2019-01-07 10:36:35,372 [cuckoo.core.startup] DEBUG: |-- Avd 2019-01-07 10:36:35,372 [cuckoo.core.startup] DEBUG: |-- QEMU 2019-01-07 10:36:35,372 [cuckoo.core.startup] DEBUG: |-- VirtualBox 2019-01-07 10:36:35,372 [cuckoo.core.startup] DEBUG:-- Physical 2019-01-07 10:36:35,372 [cuckoo.core.startup] DEBUG: Imported "processing" modules: 2019-01-07 10:36:35,373 [cuckoo.core.startup] DEBUG: |-- AnalysisInfo 2019-01-07 10:36:35,373 [cuckoo.core.startup] DEBUG: |-- ApkInfo 2019-01-07 10:36:35,373 [cuckoo.core.startup] DEBUG: |-- Baseline 2019-01-07 10:36:35,373 [cuckoo.core.startup] DEBUG: |-- BehaviorAnalysis 2019-01-07 10:36:35,373 [cuckoo.core.startup] DEBUG: |-- Debug 2019-01-07 10:36:35,373 [cuckoo.core.startup] DEBUG: |-- Droidmon 2019-01-07 10:36:35,373 [cuckoo.core.startup] DEBUG: |-- Dropped 2019-01-07 10:36:35,373 [cuckoo.core.startup] DEBUG: |-- DroppedBuffer 2019-01-07 10:36:35,373 [cuckoo.core.startup] DEBUG: |-- Extracted 2019-01-07 10:36:35,374 [cuckoo.core.startup] DEBUG: |-- GooglePlay 2019-01-07 10:36:35,374 [cuckoo.core.startup] DEBUG: |-- Irma 2019-01-07 10:36:35,374 [cuckoo.core.startup] DEBUG: |-- Memory 2019-01-07 10:36:35,374 [cuckoo.core.startup] DEBUG: |-- MetaInfo 2019-01-07 10:36:35,374 [cuckoo.core.startup] DEBUG: |-- MISP 2019-01-07 10:36:35,374 [cuckoo.core.startup] DEBUG: |-- NetworkAnalysis 2019-01-07 10:36:35,374 [cuckoo.core.startup] DEBUG: |-- ProcessMemory 2019-01-07 10:36:35,374 [cuckoo.core.startup] DEBUG: |-- Procmon 2019-01-07 10:36:35,374 [cuckoo.core.startup] DEBUG: |-- Screenshots 2019-01-07 10:36:35,375 [cuckoo.core.startup] DEBUG: |-- Snort 2019-01-07 10:36:35,375 [cuckoo.core.startup] DEBUG: |-- Static 2019-01-07 10:36:35,375 [cuckoo.core.startup] DEBUG: |-- Strings 2019-01-07 10:36:35,375 [cuckoo.core.startup] DEBUG: |-- Suricata 2019-01-07 10:36:35,375 [cuckoo.core.startup] DEBUG: |-- TargetInfo 2019-01-07 10:36:35,375 [cuckoo.core.startup] DEBUG: |-- TLSMasterSecrets 2019-01-07 10:36:35,375 [cuckoo.core.startup] DEBUG:-- VirusTotal 2019-01-07 10:36:35,376 [cuckoo.core.startup] DEBUG: Imported "signatures" modules: 2019-01-07 10:36:35,376 [cuckoo.core.startup] DEBUG: |-- AndroidAbortBroadcast 2019-01-07 10:36:35,376 [cuckoo.core.startup] DEBUG: |-- AndroidAccountInfo 2019-01-07 10:36:35,376 [cuckoo.core.startup] DEBUG: |-- AndroidAppInfo 2019-01-07 10:36:35,376 [cuckoo.core.startup] DEBUG: |-- AndroidAudio 2019-01-07 10:36:35,376 [cuckoo.core.startup] DEBUG: |-- AndroidCamera 2019-01-07 10:36:35,376 [cuckoo.core.startup] DEBUG: |-- AndroidDangerousPermissions 2019-01-07 10:36:35,376 [cuckoo.core.startup] DEBUG: |-- AndroidDeletedApp 2019-01-07 10:36:35,376 [cuckoo.core.startup] DEBUG: |-- AndroidDynamicCode 2019-01-07 10:36:35,377 [cuckoo.core.startup] DEBUG: |-- AndroidEmbeddedApk 2019-01-07 10:36:35,377 [cuckoo.core.startup] DEBUG: |-- AndroidGooglePlayDiff 2019-01-07 10:36:35,377 [cuckoo.core.startup] DEBUG: |-- AndroidInstalledApps 2019-01-07 10:36:35,377 [cuckoo.core.startup] DEBUG: |-- AndroidNativeCode 2019-01-07 10:36:35,377 [cuckoo.core.startup] DEBUG: |-- AndroidPhoneNumber 2019-01-07 10:36:35,377 [cuckoo.core.startup] DEBUG: |-- AndroidPrivateInfoQuery 2019-01-07 10:36:35,377 [cuckoo.core.startup] DEBUG: |-- AndroidReflectionCode 2019-01-07 10:36:35,377 [cuckoo.core.startup] DEBUG: |-- AndroidRegisteredReceiver 2019-01-07 10:36:35,377 [cuckoo.core.startup] DEBUG: |-- AndroidShellCommands 2019-01-07 10:36:35,378 [cuckoo.core.startup] DEBUG: |-- AndroidSMS 2019-01-07 10:36:35,378 [cuckoo.core.startup] DEBUG: |-- AndroidStopProcess 2019-01-07 10:36:35,378 [cuckoo.core.startup] DEBUG: |-- ApplicationUsesLocation 2019-01-07 10:36:35,378 [cuckoo.core.startup] DEBUG: |-- KnownVirustotal 2019-01-07 10:36:35,378 [cuckoo.core.startup] DEBUG: |-- AntiAnalysisJavascript 2019-01-07 10:36:35,378 [cuckoo.core.startup] DEBUG: |-- DumpedBuffer 2019-01-07 10:36:35,378 [cuckoo.core.startup] DEBUG: |-- DumpedBuffer2 2019-01-07 10:36:35,378 [cuckoo.core.startup] DEBUG: |-- EncryptionKeys 2019-01-07 10:36:35,378 [cuckoo.core.startup] DEBUG: |-- EvalJS 2019-01-07 10:36:35,379 [cuckoo.core.startup] DEBUG: |-- HtmlFlash 2019-01-07 10:36:35,379 [cuckoo.core.startup] DEBUG: |-- JsIframe 2019-01-07 10:36:35,379 [cuckoo.core.startup] DEBUG: |-- PDFAttachments 2019-01-07 10:36:35,379 [cuckoo.core.startup] DEBUG: |-- PDFJavaScript 2019-01-07 10:36:35,379 [cuckoo.core.startup] DEBUG: |-- PDFOpenAction 2019-01-07 10:36:35,379 [cuckoo.core.startup] DEBUG: |-- PDFOpenActionJS 2019-01-07 10:36:35,379 [cuckoo.core.startup] DEBUG: |-- SuspiciousJavascript 2019-01-07 10:36:35,379 [cuckoo.core.startup] DEBUG: |-- DarwinCodeInjection 2019-01-07 10:36:35,379 [cuckoo.core.startup] DEBUG: |-- TaskForPid 2019-01-07 10:36:35,380 [cuckoo.core.startup] DEBUG: |-- DeadHost 2019-01-07 10:36:35,380 [cuckoo.core.startup] DEBUG: |-- NetworkBIND 2019-01-07 10:36:35,380 [cuckoo.core.startup] DEBUG: |-- NetworkCnCHTTP 2019-01-07 10:36:35,380 [cuckoo.core.startup] DEBUG: |-- NetworkDNSTXTLookup 2019-01-07 10:36:35,380 [cuckoo.core.startup] DEBUG: |-- NetworkDynDNS 2019-01-07 10:36:35,381 [cuckoo.core.startup] DEBUG: |-- NetworkHTTP 2019-01-07 10:36:35,381 [cuckoo.core.startup] DEBUG: |-- NetworkHTTPPOST 2019-01-07 10:36:35,381 [cuckoo.core.startup] DEBUG: |-- NetworkICMP 2019-01-07 10:36:35,381 [cuckoo.core.startup] DEBUG: |-- NetworkIRC 2019-01-07 10:36:35,381 [cuckoo.core.startup] DEBUG: |-- NetworkSMTP 2019-01-07 10:36:35,381 [cuckoo.core.startup] DEBUG: |-- NoLookupCommunication 2019-01-07 10:36:35,381 [cuckoo.core.startup] DEBUG: |-- P2PCnC 2019-01-07 10:36:35,381 [cuckoo.core.startup] DEBUG: |-- SnortAlert 2019-01-07 10:36:35,381 [cuckoo.core.startup] DEBUG: |-- SuricataAlert 2019-01-07 10:36:35,382 [cuckoo.core.startup] DEBUG: |-- Suspicious_TLD 2019-01-07 10:36:35,382 [cuckoo.core.startup] DEBUG: |-- TorGateway 2019-01-07 10:36:35,382 [cuckoo.core.startup] DEBUG: |-- WscriptDownloader 2019-01-07 10:36:35,382 [cuckoo.core.startup] DEBUG: |-- AddsUser 2019-01-07 10:36:35,382 [cuckoo.core.startup] DEBUG: |-- AddsUserAdmin 2019-01-07 10:36:35,382 [cuckoo.core.startup] DEBUG: |-- ADS 2019-01-07 10:36:35,382 [cuckoo.core.startup] DEBUG: |-- Adzok 2019-01-07 10:36:35,382 [cuckoo.core.startup] DEBUG: |-- AlinaFile 2019-01-07 10:36:35,382 [cuckoo.core.startup] DEBUG: |-- AlineURL 2019-01-07 10:36:35,383 [cuckoo.core.startup] DEBUG: |-- AllocatesExecuteRemoteProccess 2019-01-07 10:36:35,383 [cuckoo.core.startup] DEBUG: |-- AllocatesRWX 2019-01-07 10:36:35,383 [cuckoo.core.startup] DEBUG: |-- AmsiBypass 2019-01-07 10:36:35,383 [cuckoo.core.startup] DEBUG: |-- Andromeda 2019-01-07 10:36:35,383 [cuckoo.core.startup] DEBUG: |-- AntiAnalysisDetectFile 2019-01-07 10:36:35,383 [cuckoo.core.startup] DEBUG: |-- AntiAVDetectFile 2019-01-07 10:36:35,383 [cuckoo.core.startup] DEBUG: |-- AntiAVDetectReg 2019-01-07 10:36:35,383 [cuckoo.core.startup] DEBUG: |-- AntiAVServiceStop 2019-01-07 10:36:35,384 [cuckoo.core.startup] DEBUG: |-- AntiAVSRP 2019-01-07 10:36:35,384 [cuckoo.core.startup] DEBUG: |-- AntiDBGDevices 2019-01-07 10:36:35,384 [cuckoo.core.startup] DEBUG: |-- AntiDBGWindows 2019-01-07 10:36:35,384 [cuckoo.core.startup] DEBUG: |-- AntisandboxClipboard 2019-01-07 10:36:35,384 [cuckoo.core.startup] DEBUG: |-- AntiSandboxFile 2019-01-07 10:36:35,384 [cuckoo.core.startup] DEBUG: |-- AntiSandboxForegroundWindow 2019-01-07 10:36:35,384 [cuckoo.core.startup] DEBUG: |-- AntiSandboxIdleTime 2019-01-07 10:36:35,384 [cuckoo.core.startup] DEBUG: |-- AntiSandboxRestart 2019-01-07 10:36:35,384 [cuckoo.core.startup] DEBUG: |-- AntiSandboxSleep 2019-01-07 10:36:35,384 [cuckoo.core.startup] DEBUG: |-- AntiVirusIRMA 2019-01-07 10:36:35,385 [cuckoo.core.startup] DEBUG: |-- AntiVMBios 2019-01-07 10:36:35,385 [cuckoo.core.startup] DEBUG: |-- AntiVMComputernameQuery 2019-01-07 10:36:35,385 [cuckoo.core.startup] DEBUG: |-- AntiVMCPU 2019-01-07 10:36:35,385 [cuckoo.core.startup] DEBUG: |-- AntiVMDiskSize 2019-01-07 10:36:35,385 [cuckoo.core.startup] DEBUG: |-- AntiVMIDE 2019-01-07 10:36:35,385 [cuckoo.core.startup] DEBUG: |-- AntiVMSCSI 2019-01-07 10:36:35,385 [cuckoo.core.startup] DEBUG: |-- AntiVMServices 2019-01-07 10:36:35,385 [cuckoo.core.startup] DEBUG: |-- AntiVMSharedDevice 2019-01-07 10:36:35,386 [cuckoo.core.startup] DEBUG: |-- ApplicationExceptionCrash 2019-01-07 10:36:35,386 [cuckoo.core.startup] DEBUG: |-- AppLockerBypass 2019-01-07 10:36:35,386 [cuckoo.core.startup] DEBUG: |-- APT_Carbunak 2019-01-07 10:36:35,386 [cuckoo.core.startup] DEBUG: |-- APT_CloudAtlas 2019-01-07 10:36:35,386 [cuckoo.core.startup] DEBUG: |-- apt_sandworm_ip 2019-01-07 10:36:35,386 [cuckoo.core.startup] DEBUG: |-- apt_sandworm_url 2019-01-07 10:36:35,386 [cuckoo.core.startup] DEBUG: |-- ArdamaxMutexes 2019-01-07 10:36:35,386 [cuckoo.core.startup] DEBUG: |-- AthenaHttp 2019-01-07 10:36:35,386 [cuckoo.core.startup] DEBUG: |-- AthenaURL 2019-01-07 10:36:35,387 [cuckoo.core.startup] DEBUG: |-- Autorun 2019-01-07 10:36:35,387 [cuckoo.core.startup] DEBUG: |-- AvastDetectLibs 2019-01-07 10:36:35,387 [cuckoo.core.startup] DEBUG: |-- AVDetectionChinaKey 2019-01-07 10:36:35,387 [cuckoo.core.startup] DEBUG: |-- BadCerts 2019-01-07 10:36:35,387 [cuckoo.core.startup] DEBUG: |-- Bagle 2019-01-07 10:36:35,387 [cuckoo.core.startup] DEBUG: |-- Bandook 2019-01-07 10:36:35,387 [cuckoo.core.startup] DEBUG: |-- banker_bancos 2019-01-07 10:36:35,387 [cuckoo.core.startup] DEBUG: |-- BankingMutexes 2019-01-07 10:36:35,387 [cuckoo.core.startup] DEBUG: |-- Banload 2019-01-07 10:36:35,388 [cuckoo.core.startup] DEBUG: |-- Beastdoor 2019-01-07 10:36:35,388 [cuckoo.core.startup] DEBUG: |-- BeebusMutexes 2019-01-07 10:36:35,388 [cuckoo.core.startup] DEBUG: |-- BegseabugTDMutexes 2019-01-07 10:36:35,388 [cuckoo.core.startup] DEBUG: |-- BetabotURL 2019-01-07 10:36:35,388 [cuckoo.core.startup] DEBUG: |-- Bifrose 2019-01-07 10:36:35,388 [cuckoo.core.startup] DEBUG: |-- BitcoinOpenCL 2019-01-07 10:36:35,388 [cuckoo.core.startup] DEBUG: |-- BitcoinWallet 2019-01-07 10:36:35,388 [cuckoo.core.startup] DEBUG: |-- BitdefenderDetectLibs 2019-01-07 10:36:35,389 [cuckoo.core.startup] DEBUG: |-- BlackEnergyMutexes 2019-01-07 10:36:35,389 [cuckoo.core.startup] DEBUG: |-- Blackhole 2019-01-07 10:36:35,389 [cuckoo.core.startup] DEBUG: |-- BlackholeURL 2019-01-07 10:36:35,389 [cuckoo.core.startup] DEBUG: |-- Blackice 2019-01-07 10:36:35,389 [cuckoo.core.startup] DEBUG: |-- BlackposURL 2019-01-07 10:36:35,389 [cuckoo.core.startup] DEBUG: |-- BlackRevMutexes 2019-01-07 10:36:35,389 [cuckoo.core.startup] DEBUG: |-- Blackshades 2019-01-07 10:36:35,389 [cuckoo.core.startup] DEBUG: |-- BladabindiMutexes 2019-01-07 10:36:35,390 [cuckoo.core.startup] DEBUG: |-- BochsDetectKeys 2019-01-07 10:36:35,390 [cuckoo.core.startup] DEBUG: |-- Bootkit 2019-01-07 10:36:35,390 [cuckoo.core.startup] DEBUG: |-- Bottilda 2019-01-07 10:36:35,390 [cuckoo.core.startup] DEBUG: |-- BozokKey 2019-01-07 10:36:35,390 [cuckoo.core.startup] DEBUG: |-- browser_startpage 2019-01-07 10:36:35,390 [cuckoo.core.startup] DEBUG: |-- BrowserSecurity 2019-01-07 10:36:35,390 [cuckoo.core.startup] DEBUG: |-- BrowserStealer 2019-01-07 10:36:35,390 [cuckoo.core.startup] DEBUG: |-- Btcbotnet 2019-01-07 10:36:35,390 [cuckoo.core.startup] DEBUG: |-- Bublik 2019-01-07 10:36:35,391 [cuckoo.core.startup] DEBUG: |-- BuildLangID 2019-01-07 10:36:35,391 [cuckoo.core.startup] DEBUG: |-- BuzusMutexes 2019-01-07 10:36:35,391 [cuckoo.core.startup] DEBUG: |-- BypassFirewall 2019-01-07 10:36:35,391 [cuckoo.core.startup] DEBUG: |-- c24URL 2019-01-07 10:36:35,391 [cuckoo.core.startup] DEBUG: |-- CarberpMutexes 2019-01-07 10:36:35,391 [cuckoo.core.startup] DEBUG: |-- Ceatrg 2019-01-07 10:36:35,391 [cuckoo.core.startup] DEBUG: |-- ChanitorMutexes 2019-01-07 10:36:35,391 [cuckoo.core.startup] DEBUG: |-- CheckIP 2019-01-07 10:36:35,392 [cuckoo.core.startup] DEBUG: |-- ChecksDebugger 2019-01-07 10:36:35,392 [cuckoo.core.startup] DEBUG: |-- ChecksKernelDebugger 2019-01-07 10:36:35,392 [cuckoo.core.startup] DEBUG: |-- ClearPermissionEventLogs 2019-01-07 10:36:35,392 [cuckoo.core.startup] DEBUG: |-- ClearsEventLogs 2019-01-07 10:36:35,392 [cuckoo.core.startup] DEBUG: |-- ClickfraudCookies 2019-01-07 10:36:35,392 [cuckoo.core.startup] DEBUG: |-- cloud_mediafire 2019-01-07 10:36:35,392 [cuckoo.core.startup] DEBUG: |-- cloud_wetransfer 2019-01-07 10:36:35,392 [cuckoo.core.startup] DEBUG: |-- CloudFlare 2019-01-07 10:36:35,393 [cuckoo.core.startup] DEBUG: |-- CloudGoogle 2019-01-07 10:36:35,393 [cuckoo.core.startup] DEBUG: |-- CoinminerMutexes 2019-01-07 10:36:35,393 [cuckoo.core.startup] DEBUG: |-- ComRAT 2019-01-07 10:36:35,393 [cuckoo.core.startup] DEBUG: |-- ConsoleOutput 2019-01-07 10:36:35,393 [cuckoo.core.startup] DEBUG: |-- Crash 2019-01-07 10:36:35,393 [cuckoo.core.startup] DEBUG: |-- CreatesAutorunInf 2019-01-07 10:36:35,393 [cuckoo.core.startup] DEBUG: |-- CreatesDocument 2019-01-07 10:36:35,393 [cuckoo.core.startup] DEBUG: |-- CreatesExe 2019-01-07 10:36:35,393 [cuckoo.core.startup] DEBUG: |-- CreatesHiddenFile 2019-01-07 10:36:35,394 [cuckoo.core.startup] DEBUG: |-- CreatesLargeKey 2019-01-07 10:36:35,394 [cuckoo.core.startup] DEBUG: |-- CreatesNullRegistryEntry 2019-01-07 10:36:35,394 [cuckoo.core.startup] DEBUG: |-- CreatesService 2019-01-07 10:36:35,394 [cuckoo.core.startup] DEBUG: |-- CreatesShortcut 2019-01-07 10:36:35,394 [cuckoo.core.startup] DEBUG: |-- CreatesSuspiciousProcess 2019-01-07 10:36:35,394 [cuckoo.core.startup] DEBUG: |-- CredentialDumpingLsass 2019-01-07 10:36:35,394 [cuckoo.core.startup] DEBUG: |-- CredentialDumpingLsassAccess 2019-01-07 10:36:35,394 [cuckoo.core.startup] DEBUG: |-- Cridex 2019-01-07 10:36:35,395 [cuckoo.core.startup] DEBUG: |-- CryptGenKey 2019-01-07 10:36:35,395 [cuckoo.core.startup] DEBUG: |-- Cryptolocker 2019-01-07 10:36:35,395 [cuckoo.core.startup] DEBUG: |-- CryptoMiningStratumCommand 2019-01-07 10:36:35,395 [cuckoo.core.startup] DEBUG: |-- CuckooDetectFiles 2019-01-07 10:36:35,395 [cuckoo.core.startup] DEBUG: |-- Cybergate 2019-01-07 10:36:35,395 [cuckoo.core.startup] DEBUG: |-- Dapato 2019-01-07 10:36:35,395 [cuckoo.core.startup] DEBUG: |-- Darkcloud 2019-01-07 10:36:35,395 [cuckoo.core.startup] DEBUG: |-- DarkddosMutexes 2019-01-07 10:36:35,395 [cuckoo.core.startup] DEBUG: |-- Darkshell 2019-01-07 10:36:35,396 [cuckoo.core.startup] DEBUG: |-- Ddos556 2019-01-07 10:36:35,396 [cuckoo.core.startup] DEBUG: |-- Decay 2019-01-07 10:36:35,396 [cuckoo.core.startup] DEBUG: |-- DecebalMutexes 2019-01-07 10:36:35,396 [cuckoo.core.startup] DEBUG: |-- DeepFreezeMutex 2019-01-07 10:36:35,396 [cuckoo.core.startup] DEBUG: |-- DeletesExecutedFiles 2019-01-07 10:36:35,396 [cuckoo.core.startup] DEBUG: |-- DelfTrojan 2019-01-07 10:36:35,396 [cuckoo.core.startup] DEBUG: |-- DEPHeapBypass 2019-01-07 10:36:35,396 [cuckoo.core.startup] DEBUG: |-- DEPStackBypass 2019-01-07 10:36:35,397 [cuckoo.core.startup] DEBUG: |-- DerusbiMutexes 2019-01-07 10:36:35,397 [cuckoo.core.startup] DEBUG: |-- Dexter 2019-01-07 10:36:35,397 [cuckoo.core.startup] DEBUG: |-- Dibik 2019-01-07 10:36:35,397 [cuckoo.core.startup] DEBUG: |-- DirtJumper 2019-01-07 10:36:35,397 [cuckoo.core.startup] DEBUG: |-- DisableCmd 2019-01-07 10:36:35,397 [cuckoo.core.startup] DEBUG: |-- DisableRegedit 2019-01-07 10:36:35,397 [cuckoo.core.startup] DEBUG: |-- DisablesAppLaunch 2019-01-07 10:36:35,397 [cuckoo.core.startup] DEBUG: |-- DisablesBrowserWarn 2019-01-07 10:36:35,398 [cuckoo.core.startup] DEBUG: |-- DisablesIEHTTP2 2019-01-07 10:36:35,398 [cuckoo.core.startup] DEBUG: |-- DisablesProxy 2019-01-07 10:36:35,398 [cuckoo.core.startup] DEBUG: |-- DisablesSecurity 2019-01-07 10:36:35,398 [cuckoo.core.startup] DEBUG: |-- DisablesSPDYChrome 2019-01-07 10:36:35,398 [cuckoo.core.startup] DEBUG: |-- DisablesSPDYFirefox 2019-01-07 10:36:35,398 [cuckoo.core.startup] DEBUG: |-- DisablesSPDYIE 2019-01-07 10:36:35,398 [cuckoo.core.startup] DEBUG: |-- DisablesSystemRestore 2019-01-07 10:36:35,398 [cuckoo.core.startup] DEBUG: |-- DisablesWER 2019-01-07 10:36:35,398 [cuckoo.core.startup] DEBUG: |-- DisablesWindowsUpdate 2019-01-07 10:36:35,399 [cuckoo.core.startup] DEBUG: |-- DisableTaskMgr 2019-01-07 10:36:35,399 [cuckoo.core.startup] DEBUG: |-- DiskInformation 2019-01-07 10:36:35,399 [cuckoo.core.startup] DEBUG: |-- Dns_Freehosting_Domain 2019-01-07 10:36:35,399 [cuckoo.core.startup] DEBUG: |-- dnsserver_dynamic 2019-01-07 10:36:35,399 [cuckoo.core.startup] DEBUG: |-- DocumentClose 2019-01-07 10:36:35,399 [cuckoo.core.startup] DEBUG: |-- DocumentOpen 2019-01-07 10:36:35,399 [cuckoo.core.startup] DEBUG: |-- DoFoil 2019-01-07 10:36:35,399 [cuckoo.core.startup] DEBUG: |-- DownloaderCabby 2019-01-07 10:36:35,400 [cuckoo.core.startup] DEBUG: |-- Dridex_APIs 2019-01-07 10:36:35,400 [cuckoo.core.startup] DEBUG: |-- Drive 2019-01-07 10:36:35,400 [cuckoo.core.startup] DEBUG: |-- Drive2 2019-01-07 10:36:35,400 [cuckoo.core.startup] DEBUG: |-- DriverLoad 2019-01-07 10:36:35,400 [cuckoo.core.startup] DEBUG: |-- DropBox 2019-01-07 10:36:35,400 [cuckoo.core.startup] DEBUG: |-- Dropper 2019-01-07 10:36:35,400 [cuckoo.core.startup] DEBUG: |-- Dyreza 2019-01-07 10:36:35,400 [cuckoo.core.startup] DEBUG: |-- EclipseMutexes 2019-01-07 10:36:35,401 [cuckoo.core.startup] DEBUG: |-- Emotet 2019-01-07 10:36:35,401 [cuckoo.core.startup] DEBUG: |-- Emotet_APIs 2019-01-07 10:36:35,401 [cuckoo.core.startup] DEBUG: |-- Evilbot 2019-01-07 10:36:35,401 [cuckoo.core.startup] DEBUG: |-- ExcelDataLinks 2019-01-07 10:36:35,401 [cuckoo.core.startup] DEBUG: |-- ExeAppData 2019-01-07 10:36:35,401 [cuckoo.core.startup] DEBUG: |-- ExecBitsAdmin 2019-01-07 10:36:35,401 [cuckoo.core.startup] DEBUG: |-- ExecWaitFor 2019-01-07 10:36:35,401 [cuckoo.core.startup] DEBUG: |-- exp_3322_dom 2019-01-07 10:36:35,401 [cuckoo.core.startup] DEBUG: |-- Expiro 2019-01-07 10:36:35,402 [cuckoo.core.startup] DEBUG: |-- ExploitHeapspray 2019-01-07 10:36:35,402 [cuckoo.core.startup] DEBUG: |-- ExploitKitMutexes 2019-01-07 10:36:35,402 [cuckoo.core.startup] DEBUG: |-- FakeAVMutexes 2019-01-07 10:36:35,402 [cuckoo.core.startup] DEBUG: |-- FakeAVMutexes 2019-01-07 10:36:35,402 [cuckoo.core.startup] DEBUG: |-- FakeRean 2019-01-07 10:36:35,402 [cuckoo.core.startup] DEBUG: |-- FarFli 2019-01-07 10:36:35,402 [cuckoo.core.startup] DEBUG: |-- FesberMutexes 2019-01-07 10:36:35,402 [cuckoo.core.startup] DEBUG: |-- Fingerprint 2019-01-07 10:36:35,403 [cuckoo.core.startup] DEBUG: |-- Flame 2019-01-07 10:36:35,403 [cuckoo.core.startup] DEBUG: |-- Flystudio 2019-01-07 10:36:35,403 [cuckoo.core.startup] DEBUG: |-- FortinetDetectFiles 2019-01-07 10:36:35,403 [cuckoo.core.startup] DEBUG: |-- FTPStealer 2019-01-07 10:36:35,403 [cuckoo.core.startup] DEBUG: |-- Fynloski 2019-01-07 10:36:35,403 [cuckoo.core.startup] DEBUG: |-- Gaelicum 2019-01-07 10:36:35,403 [cuckoo.core.startup] DEBUG: |-- Ghostbot 2019-01-07 10:36:35,403 [cuckoo.core.startup] DEBUG: |-- HasAuthenticode 2019-01-07 10:36:35,404 [cuckoo.core.startup] DEBUG: |-- HasOfficeEps 2019-01-07 10:36:35,404 [cuckoo.core.startup] DEBUG: |-- HasPdb 2019-01-07 10:36:35,404 [cuckoo.core.startup] DEBUG: |-- HasWMI 2019-01-07 10:36:35,404 [cuckoo.core.startup] DEBUG: |-- Hesperbot 2019-01-07 10:36:35,404 [cuckoo.core.startup] DEBUG: |-- Hidden_Window 2019-01-07 10:36:35,404 [cuckoo.core.startup] DEBUG: |-- Hikit 2019-01-07 10:36:35,404 [cuckoo.core.startup] DEBUG: |-- HookMouse 2019-01-07 10:36:35,404 [cuckoo.core.startup] DEBUG: |-- Hupigon 2019-01-07 10:36:35,404 [cuckoo.core.startup] DEBUG: |-- HyperVDetectKeys 2019-01-07 10:36:35,405 [cuckoo.core.startup] DEBUG: |-- IcePoint 2019-01-07 10:36:35,405 [cuckoo.core.startup] DEBUG: |-- im_btb 2019-01-07 10:36:35,405 [cuckoo.core.startup] DEBUG: |-- im_qq 2019-01-07 10:36:35,405 [cuckoo.core.startup] DEBUG: |-- IMStealer 2019-01-07 10:36:35,405 [cuckoo.core.startup] DEBUG: |-- InceptionAPT 2019-01-07 10:36:35,405 [cuckoo.core.startup] DEBUG: |-- Infinity 2019-01-07 10:36:35,405 [cuckoo.core.startup] DEBUG: |-- InfoStealerClipboard 2019-01-07 10:36:35,405 [cuckoo.core.startup] DEBUG: |-- InjectionCreateRemoteThread 2019-01-07 10:36:35,406 [cuckoo.core.startup] DEBUG: |-- InjectionExplorer 2019-01-07 10:36:35,406 [cuckoo.core.startup] DEBUG: |-- InjectionModifiesMemory 2019-01-07 10:36:35,406 [cuckoo.core.startup] DEBUG: |-- InjectionNetworkTraffic 2019-01-07 10:36:35,406 [cuckoo.core.startup] DEBUG: |-- InjectionProcessSearch 2019-01-07 10:36:35,406 [cuckoo.core.startup] DEBUG: |-- InjectionQueueApcThread 2019-01-07 10:36:35,406 [cuckoo.core.startup] DEBUG: |-- InjectionRunPE 2019-01-07 10:36:35,406 [cuckoo.core.startup] DEBUG: |-- InjectionWriteMemory 2019-01-07 10:36:35,406 [cuckoo.core.startup] DEBUG: |-- InjectionWriteMemoryEXE 2019-01-07 10:36:35,406 [cuckoo.core.startup] DEBUG: |-- InstalledApps 2019-01-07 10:36:35,407 [cuckoo.core.startup] DEBUG: |-- InstallsAppInit 2019-01-07 10:36:35,407 [cuckoo.core.startup] DEBUG: |-- InstallsBHO 2019-01-07 10:36:35,407 [cuckoo.core.startup] DEBUG: |-- InstallsWinpcap 2019-01-07 10:36:35,407 [cuckoo.core.startup] DEBUG: |-- IPKillerMutexes 2019-01-07 10:36:35,407 [cuckoo.core.startup] DEBUG: |-- Ircbrute 2019-01-07 10:36:35,407 [cuckoo.core.startup] DEBUG: |-- ISRstealerURL 2019-01-07 10:36:35,407 [cuckoo.core.startup] DEBUG: |-- iStealerURL 2019-01-07 10:36:35,408 [cuckoo.core.startup] DEBUG: |-- JackPOSFile 2019-01-07 10:36:35,408 [cuckoo.core.startup] DEBUG: |-- JackposURL 2019-01-07 10:36:35,408 [cuckoo.core.startup] DEBUG: |-- JavaScriptCommandline 2019-01-07 10:36:35,408 [cuckoo.core.startup] DEBUG: |-- JeefoMutexes 2019-01-07 10:36:35,408 [cuckoo.core.startup] DEBUG: |-- Jewdo 2019-01-07 10:36:35,408 [cuckoo.core.startup] DEBUG: |-- JintorMutexes 2019-01-07 10:36:35,408 [cuckoo.core.startup] DEBUG: |-- JorikTrojan 2019-01-07 10:36:35,408 [cuckoo.core.startup] DEBUG: |-- Karagany 2019-01-07 10:36:35,409 [cuckoo.core.startup] DEBUG: |-- Karakum 2019-01-07 10:36:35,409 [cuckoo.core.startup] DEBUG: |-- Katusha 2019-01-07 10:36:35,409 [cuckoo.core.startup] DEBUG: |-- KelihosBot 2019-01-07 10:36:35,409 [cuckoo.core.startup] DEBUG: |-- Keylogger 2019-01-07 10:36:35,409 [cuckoo.core.startup] DEBUG: |-- Kilim 2019-01-07 10:36:35,409 [cuckoo.core.startup] DEBUG: |-- Killdisk 2019-01-07 10:36:35,409 [cuckoo.core.startup] DEBUG: |-- KnownVirustotal 2019-01-07 10:36:35,409 [cuckoo.core.startup] DEBUG: |-- Koobface 2019-01-07 10:36:35,410 [cuckoo.core.startup] DEBUG: |-- Koutodoor 2019-01-07 10:36:35,410 [cuckoo.core.startup] DEBUG: |-- KovterBot 2019-01-07 10:36:35,410 [cuckoo.core.startup] DEBUG: |-- KrepperMutexes 2019-01-07 10:36:35,410 [cuckoo.core.startup] DEBUG: |-- KuluozMutexes 2019-01-07 10:36:35,410 [cuckoo.core.startup] DEBUG: |-- Likseput 2019-01-07 10:36:35,410 [cuckoo.core.startup] DEBUG: |-- LocatesBrowser 2019-01-07 10:36:35,410 [cuckoo.core.startup] DEBUG: |-- LocatesSniffer 2019-01-07 10:36:35,410 [cuckoo.core.startup] DEBUG: |-- Lockscreen 2019-01-07 10:36:35,411 [cuckoo.core.startup] DEBUG: |-- LolBot 2019-01-07 10:36:35,411 [cuckoo.core.startup] DEBUG: |-- Luder 2019-01-07 10:36:35,411 [cuckoo.core.startup] DEBUG: |-- Madness 2019-01-07 10:36:35,411 [cuckoo.core.startup] DEBUG: |-- Madness 2019-01-07 10:36:35,411 [cuckoo.core.startup] DEBUG: |-- MadnessURL 2019-01-07 10:36:35,411 [cuckoo.core.startup] DEBUG: |-- MaganiaMutexes 2019-01-07 10:36:35,411 [cuckoo.core.startup] DEBUG: |-- MailStealer 2019-01-07 10:36:35,411 [cuckoo.core.startup] DEBUG: |-- MaliciousDocumentURLs 2019-01-07 10:36:35,411 [cuckoo.core.startup] DEBUG: |-- MartianCommandProcess 2019-01-07 10:36:35,412 [cuckoo.core.startup] DEBUG: |-- MegaUpload 2019-01-07 10:36:35,412 [cuckoo.core.startup] DEBUG: |-- MemoryAvailable 2019-01-07 10:36:35,412 [cuckoo.core.startup] DEBUG: |-- MemoryProtectionRX 2019-01-07 10:36:35,412 [cuckoo.core.startup] DEBUG: |-- MetasploitShellcode 2019-01-07 10:36:35,412 [cuckoo.core.startup] DEBUG: |-- Minerbot 2019-01-07 10:36:35,412 [cuckoo.core.startup] DEBUG: |-- miningpool 2019-01-07 10:36:35,412 [cuckoo.core.startup] DEBUG: |-- MircFile 2019-01-07 10:36:35,412 [cuckoo.core.startup] DEBUG: |-- ModifiesBootConfig 2019-01-07 10:36:35,413 [cuckoo.core.startup] DEBUG: |-- ModifiesCertificates 2019-01-07 10:36:35,413 [cuckoo.core.startup] DEBUG: |-- ModifiesDesktopWallpaper 2019-01-07 10:36:35,413 [cuckoo.core.startup] DEBUG: |-- ModifiesFirefoxConfiguration 2019-01-07 10:36:35,413 [cuckoo.core.startup] DEBUG: |-- ModifiesProxyAutoConfig 2019-01-07 10:36:35,413 [cuckoo.core.startup] DEBUG: |-- ModifiesProxyOverride 2019-01-07 10:36:35,413 [cuckoo.core.startup] DEBUG: |-- ModifiesProxyWPAD 2019-01-07 10:36:35,413 [cuckoo.core.startup] DEBUG: |-- ModifiesUACNotify 2019-01-07 10:36:35,413 [cuckoo.core.startup] DEBUG: |-- ModifySecurityCenterWarnings 2019-01-07 10:36:35,414 [cuckoo.core.startup] DEBUG: |-- MovesSelf 2019-01-07 10:36:35,414 [cuckoo.core.startup] DEBUG: |-- Multiple_UA 2019-01-07 10:36:35,414 [cuckoo.core.startup] DEBUG: |-- MyBot 2019-01-07 10:36:35,414 [cuckoo.core.startup] DEBUG: |-- Nakbot 2019-01-07 10:36:35,414 [cuckoo.core.startup] DEBUG: |-- Napolar 2019-01-07 10:36:35,414 [cuckoo.core.startup] DEBUG: |-- Nebuler 2019-01-07 10:36:35,414 [cuckoo.core.startup] DEBUG: |-- Netobserve 2019-01-07 10:36:35,414 [cuckoo.core.startup] DEBUG: |-- Netshadow 2019-01-07 10:36:35,414 [cuckoo.core.startup] DEBUG: |-- Netwire 2019-01-07 10:36:35,415 [cuckoo.core.startup] DEBUG: |-- NetworkAdapters 2019-01-07 10:36:35,415 [cuckoo.core.startup] DEBUG: |-- NetworkDocumentFile 2019-01-07 10:36:35,415 [cuckoo.core.startup] DEBUG: |-- NetworkEXE 2019-01-07 10:36:35,415 [cuckoo.core.startup] DEBUG: |-- Nitol 2019-01-07 10:36:35,415 [cuckoo.core.startup] DEBUG: |-- NjRat 2019-01-07 10:36:35,415 [cuckoo.core.startup] DEBUG: |-- NtSetContextThreadRemote 2019-01-07 10:36:35,415 [cuckoo.core.startup] DEBUG: |-- Nymaim_APIs 2019-01-07 10:36:35,415 [cuckoo.core.startup] DEBUG: |-- ObfusMutexes 2019-01-07 10:36:35,416 [cuckoo.core.startup] DEBUG: |-- OfficeCheckName 2019-01-07 10:36:35,416 [cuckoo.core.startup] DEBUG: |-- OfficeCheckProjectName 2019-01-07 10:36:35,416 [cuckoo.core.startup] DEBUG: |-- OfficeCheckVersion 2019-01-07 10:36:35,416 [cuckoo.core.startup] DEBUG: |-- OfficeCheckWindow 2019-01-07 10:36:35,416 [cuckoo.core.startup] DEBUG: |-- OfficeCountDirectories 2019-01-07 10:36:35,416 [cuckoo.core.startup] DEBUG: |-- OfficeCreateObject 2019-01-07 10:36:35,416 [cuckoo.core.startup] DEBUG: |-- OfficeDDE 2019-01-07 10:36:35,416 [cuckoo.core.startup] DEBUG: |-- OfficeEpsStrings 2019-01-07 10:36:35,417 [cuckoo.core.startup] DEBUG: |-- OfficeHttpRequest 2019-01-07 10:36:35,417 [cuckoo.core.startup] DEBUG: |-- OfficeIndirectCall 2019-01-07 10:36:35,417 [cuckoo.core.startup] DEBUG: |-- OfficePackager 2019-01-07 10:36:35,417 [cuckoo.core.startup] DEBUG: |-- OfficePlatformDetect 2019-01-07 10:36:35,417 [cuckoo.core.startup] DEBUG: |-- OfficeRecentFiles 2019-01-07 10:36:35,417 [cuckoo.core.startup] DEBUG: |-- OfficeVulnerableGuid 2019-01-07 10:36:35,417 [cuckoo.core.startup] DEBUG: |-- OfficeVulnModules 2019-01-07 10:36:35,417 [cuckoo.core.startup] DEBUG: |-- Oldrea 2019-01-07 10:36:35,417 [cuckoo.core.startup] DEBUG: |-- PackerEntropy 2019-01-07 10:36:35,418 [cuckoo.core.startup] DEBUG: |-- Palevo 2019-01-07 10:36:35,418 [cuckoo.core.startup] DEBUG: |-- ParallelsDetectKeys 2019-01-07 10:36:35,418 [cuckoo.core.startup] DEBUG: |-- ParallelsDetectWindow 2019-01-07 10:36:35,418 [cuckoo.core.startup] DEBUG: |-- Pasta 2019-01-07 10:36:35,418 [cuckoo.core.startup] DEBUG: |-- PcClientMutexes 2019-01-07 10:36:35,418 [cuckoo.core.startup] DEBUG: |-- PEFeatures 2019-01-07 10:36:35,418 [cuckoo.core.startup] DEBUG: |-- PEIDPacker 2019-01-07 10:36:35,418 [cuckoo.core.startup] DEBUG: |-- PerfLogger 2019-01-07 10:36:35,419 [cuckoo.core.startup] DEBUG: |-- PersistenceBootexecute 2019-01-07 10:36:35,419 [cuckoo.core.startup] DEBUG: |-- PersistenceRegistryEXE 2019-01-07 10:36:35,419 [cuckoo.core.startup] DEBUG: |-- PersistenceRegistryJavaScript 2019-01-07 10:36:35,419 [cuckoo.core.startup] DEBUG: |-- PersistenceRegistryPowershell 2019-01-07 10:36:35,419 [cuckoo.core.startup] DEBUG: |-- PEUnknownResourceName 2019-01-07 10:36:35,419 [cuckoo.core.startup] DEBUG: |-- Phorpiex 2019-01-07 10:36:35,419 [cuckoo.core.startup] DEBUG: |-- Pidief 2019-01-07 10:36:35,419 [cuckoo.core.startup] DEBUG: |-- Plugx 2019-01-07 10:36:35,420 [cuckoo.core.startup] DEBUG: |-- Poebot 2019-01-07 10:36:35,420 [cuckoo.core.startup] DEBUG: |-- PoisonIvy 2019-01-07 10:36:35,420 [cuckoo.core.startup] DEBUG: |-- Polymorphic 2019-01-07 10:36:35,420 [cuckoo.core.startup] DEBUG: |-- Ponfoy 2019-01-07 10:36:35,420 [cuckoo.core.startup] DEBUG: |-- PonyURL 2019-01-07 10:36:35,420 [cuckoo.core.startup] DEBUG: |-- PosCardStealerURL 2019-01-07 10:36:35,420 [cuckoo.core.startup] DEBUG: |-- Powerfun 2019-01-07 10:36:35,420 [cuckoo.core.startup] DEBUG: |-- PowershellBitsTransfer 2019-01-07 10:36:35,420 [cuckoo.core.startup] DEBUG: |-- PowershellCcDns 2019-01-07 10:36:35,421 [cuckoo.core.startup] DEBUG: |-- PowershellDdiRc4 2019-01-07 10:36:35,421 [cuckoo.core.startup] DEBUG: |-- PowershellDFSP 2019-01-07 10:36:35,421 [cuckoo.core.startup] DEBUG: |-- PowershellDI 2019-01-07 10:36:35,421 [cuckoo.core.startup] DEBUG: |-- PowershellDownload 2019-01-07 10:36:35,421 [cuckoo.core.startup] DEBUG: |-- PowershellEmpire 2019-01-07 10:36:35,421 [cuckoo.core.startup] DEBUG: |-- PowershellMeterpreter 2019-01-07 10:36:35,421 [cuckoo.core.startup] DEBUG: |-- PowershellRegAdd 2019-01-07 10:36:35,421 [cuckoo.core.startup] DEBUG: |-- PowershellRequest 2019-01-07 10:36:35,422 [cuckoo.core.startup] DEBUG: |-- PowershellUnicorn 2019-01-07 10:36:35,422 [cuckoo.core.startup] DEBUG: |-- Powerworm 2019-01-07 10:36:35,422 [cuckoo.core.startup] DEBUG: |-- Prinimalka 2019-01-07 10:36:35,422 [cuckoo.core.startup] DEBUG: |-- PrivilegeLUIDCheck 2019-01-07 10:36:35,422 [cuckoo.core.startup] DEBUG: |-- ProcessInterest 2019-01-07 10:36:35,422 [cuckoo.core.startup] DEBUG: |-- ProcessMartian 2019-01-07 10:36:35,422 [cuckoo.core.startup] DEBUG: |-- ProcessNeeded 2019-01-07 10:36:35,422 [cuckoo.core.startup] DEBUG: |-- ProcMemDumpIPURLs 2019-01-07 10:36:35,422 [cuckoo.core.startup] DEBUG: |-- ProcMemDumpTORURLs 2019-01-07 10:36:35,423 [cuckoo.core.startup] DEBUG: |-- ProcMemDumpURLs 2019-01-07 10:36:35,423 [cuckoo.core.startup] DEBUG: |-- ProcMemDumpYara 2019-01-07 10:36:35,423 [cuckoo.core.startup] DEBUG: |-- Psyokym 2019-01-07 10:36:35,423 [cuckoo.core.startup] DEBUG: |-- PuceMutexes 2019-01-07 10:36:35,423 [cuckoo.core.startup] DEBUG: |-- PutterpandaMutexes 2019-01-07 10:36:35,423 [cuckoo.core.startup] DEBUG: |-- Putty 2019-01-07 10:36:35,423 [cuckoo.core.startup] DEBUG: |-- PWDumpFile 2019-01-07 10:36:35,423 [cuckoo.core.startup] DEBUG: |-- Pykse 2019-01-07 10:36:35,424 [cuckoo.core.startup] DEBUG: |-- Qakbot 2019-01-07 10:36:35,424 [cuckoo.core.startup] DEBUG: |-- QueriesInstalledApps 2019-01-07 10:36:35,424 [cuckoo.core.startup] DEBUG: |-- Ragebot 2019-01-07 10:36:35,424 [cuckoo.core.startup] DEBUG: |-- RaisesException 2019-01-07 10:36:35,424 [cuckoo.core.startup] DEBUG: |-- Ramnit 2019-01-07 10:36:35,424 [cuckoo.core.startup] DEBUG: |-- RamsomwareFileMoves 2019-01-07 10:36:35,424 [cuckoo.core.startup] DEBUG: |-- ransomware_viruscoder 2019-01-07 10:36:35,424 [cuckoo.core.startup] DEBUG: |-- RansomwareAppendsExtension 2019-01-07 10:36:35,424 [cuckoo.core.startup] DEBUG: |-- RansomwareBcdedit 2019-01-07 10:36:35,425 [cuckoo.core.startup] DEBUG: |-- RansomwareDroppedFiles 2019-01-07 10:36:35,425 [cuckoo.core.startup] DEBUG: |-- RansomwareExtensions 2019-01-07 10:36:35,425 [cuckoo.core.startup] DEBUG: |-- RansomwareFiles 2019-01-07 10:36:35,425 [cuckoo.core.startup] DEBUG: |-- RansomwareMassFileDelete 2019-01-07 10:36:35,425 [cuckoo.core.startup] DEBUG: |-- RansomwareMessage 2019-01-07 10:36:35,425 [cuckoo.core.startup] DEBUG: |-- RansomwareMessageOCR 2019-01-07 10:36:35,425 [cuckoo.core.startup] DEBUG: |-- RansomwareRecyclebin 2019-01-07 10:36:35,425 [cuckoo.core.startup] DEBUG: |-- RansomwareShadowcopy 2019-01-07 10:36:35,426 [cuckoo.core.startup] DEBUG: |-- RansomwareWbadmin 2019-01-07 10:36:35,426 [cuckoo.core.startup] DEBUG: |-- RapidShare 2019-01-07 10:36:35,426 [cuckoo.core.startup] DEBUG: |-- rat_fexel_ip 2019-01-07 10:36:35,426 [cuckoo.core.startup] DEBUG: |-- rat_naid_ip 2019-01-07 10:36:35,426 [cuckoo.core.startup] DEBUG: |-- RatSiggen 2019-01-07 10:36:35,426 [cuckoo.core.startup] DEBUG: |-- RBot 2019-01-07 10:36:35,426 [cuckoo.core.startup] DEBUG: |-- RdpMutexes 2019-01-07 10:36:35,427 [cuckoo.core.startup] DEBUG: |-- ReadsUserAgent 2019-01-07 10:36:35,427 [cuckoo.core.startup] DEBUG: |-- Recon_Beacon 2019-01-07 10:36:35,427 [cuckoo.core.startup] DEBUG: |-- RemovesZoneIdADS 2019-01-07 10:36:35,427 [cuckoo.core.startup] DEBUG: |-- Renocide 2019-01-07 10:36:35,427 [cuckoo.core.startup] DEBUG: |-- RenosTrojan 2019-01-07 10:36:35,427 [cuckoo.core.startup] DEBUG: |-- ResumeThread 2019-01-07 10:36:35,427 [cuckoo.core.startup] DEBUG: |-- Rovnix 2019-01-07 10:36:35,427 [cuckoo.core.startup] DEBUG: |-- RTFCharacterSet 2019-01-07 10:36:35,427 [cuckoo.core.startup] DEBUG: |-- RTFUnknownVersion 2019-01-07 10:36:35,428 [cuckoo.core.startup] DEBUG: |-- Runbu 2019-01-07 10:36:35,428 [cuckoo.core.startup] DEBUG: |-- RunouceMutexes 2019-01-07 10:36:35,428 [cuckoo.core.startup] DEBUG: |-- Ruskill 2019-01-07 10:36:35,428 [cuckoo.core.startup] DEBUG: |-- Sadbot 2019-01-07 10:36:35,428 [cuckoo.core.startup] DEBUG: |-- SandboxieDetect 2019-01-07 10:36:35,428 [cuckoo.core.startup] DEBUG: |-- SandboxJoeAnubisDetectFiles 2019-01-07 10:36:35,428 [cuckoo.core.startup] DEBUG: |-- SDBot 2019-01-07 10:36:35,428 [cuckoo.core.startup] DEBUG: |-- SelfDeleteBat 2019-01-07 10:36:35,429 [cuckoo.core.startup] DEBUG: |-- Senna 2019-01-07 10:36:35,429 [cuckoo.core.startup] DEBUG: |-- Shadowbot 2019-01-07 10:36:35,429 [cuckoo.core.startup] DEBUG: |-- SharingRGhost 2019-01-07 10:36:35,429 [cuckoo.core.startup] DEBUG: |-- SharpStealerURL 2019-01-07 10:36:35,429 [cuckoo.core.startup] DEBUG: |-- ShellcodeWriteProcessMemory 2019-01-07 10:36:35,429 [cuckoo.core.startup] DEBUG: |-- Shiz 2019-01-07 10:36:35,429 [cuckoo.core.startup] DEBUG: |-- Shylock 2019-01-07 10:36:35,429 [cuckoo.core.startup] DEBUG: |-- SipStun 2019-01-07 10:36:35,429 [cuckoo.core.startup] DEBUG: |-- Smtp_GMail 2019-01-07 10:36:35,430 [cuckoo.core.startup] DEBUG: |-- Smtp_Live 2019-01-07 10:36:35,430 [cuckoo.core.startup] DEBUG: |-- Smtp_Mail_Ru 2019-01-07 10:36:35,430 [cuckoo.core.startup] DEBUG: |-- Smtp_Yahoo 2019-01-07 10:36:35,430 [cuckoo.core.startup] DEBUG: |-- SolarURL 2019-01-07 10:36:35,430 [cuckoo.core.startup] DEBUG: |-- SpyEyeMutexes 2019-01-07 10:36:35,430 [cuckoo.core.startup] DEBUG: |-- SpyeyeURL 2019-01-07 10:36:35,430 [cuckoo.core.startup] DEBUG: |-- SpynetRat 2019-01-07 10:36:35,430 [cuckoo.core.startup] DEBUG: |-- Spyrecorder 2019-01-07 10:36:35,431 [cuckoo.core.startup] DEBUG: |-- StackPivot 2019-01-07 10:36:35,431 [cuckoo.core.startup] DEBUG: |-- StackPivotShellcodeAPIs 2019-01-07 10:36:35,431 [cuckoo.core.startup] DEBUG: |-- StackPivotShellcodeCreateProcess 2019-01-07 10:36:35,431 [cuckoo.core.startup] DEBUG: |-- Staser 2019-01-07 10:36:35,431 [cuckoo.core.startup] DEBUG: |-- StealthChildProc 2019-01-07 10:36:35,431 [cuckoo.core.startup] DEBUG: |-- StealthHiddenExtension 2019-01-07 10:36:35,431 [cuckoo.core.startup] DEBUG: |-- StealthHiddenFile 2019-01-07 10:36:35,431 [cuckoo.core.startup] DEBUG: |-- StealthHiddenIcons 2019-01-07 10:36:35,431 [cuckoo.core.startup] DEBUG: |-- StealthHideNotifications 2019-01-07 10:36:35,432 [cuckoo.core.startup] DEBUG: |-- StealthSystemProcName 2019-01-07 10:36:35,432 [cuckoo.core.startup] DEBUG: |-- StopsService 2019-01-07 10:36:35,432 [cuckoo.core.startup] DEBUG: |-- SunbeltDetectFiles 2019-01-07 10:36:35,432 [cuckoo.core.startup] DEBUG: |-- SunBeltSandboxDetect 2019-01-07 10:36:35,432 [cuckoo.core.startup] DEBUG: |-- SuspiciousCommandTools 2019-01-07 10:36:35,432 [cuckoo.core.startup] DEBUG: |-- SuspiciousPowershell 2019-01-07 10:36:35,432 [cuckoo.core.startup] DEBUG: |-- SuspiciousWriteEXE 2019-01-07 10:36:35,432 [cuckoo.core.startup] DEBUG: |-- SweetorangeMutexes 2019-01-07 10:36:35,433 [cuckoo.core.startup] DEBUG: |-- Swrort 2019-01-07 10:36:35,433 [cuckoo.core.startup] DEBUG: |-- SysInternalsToolsUsage 2019-01-07 10:36:35,433 [cuckoo.core.startup] DEBUG: |-- SystemInfo 2019-01-07 10:36:35,433 [cuckoo.core.startup] DEBUG: |-- SystemMetrics 2019-01-07 10:36:35,433 [cuckoo.core.startup] DEBUG: |-- TapiDpMutexes 2019-01-07 10:36:35,433 [cuckoo.core.startup] DEBUG: |-- TDSSBackdoor 2019-01-07 10:36:35,433 [cuckoo.core.startup] DEBUG: |-- TeamviewerRat 2019-01-07 10:36:35,433 [cuckoo.core.startup] DEBUG: |-- TerminatesRemoteProcess 2019-01-07 10:36:35,434 [cuckoo.core.startup] DEBUG: |-- ThreatTrackDetectFiles 2019-01-07 10:36:35,434 [cuckoo.core.startup] DEBUG: |-- TinbaMutexes 2019-01-07 10:36:35,434 [cuckoo.core.startup] DEBUG: |-- TnegaMutexes 2019-01-07 10:36:35,434 [cuckoo.core.startup] DEBUG: |-- Tor 2019-01-07 10:36:35,434 [cuckoo.core.startup] DEBUG: |-- TorHiddenService 2019-01-07 10:36:35,434 [cuckoo.core.startup] DEBUG: |-- Travnet 2019-01-07 10:36:35,434 [cuckoo.core.startup] DEBUG: |-- Trogbot 2019-01-07 10:36:35,434 [cuckoo.core.startup] DEBUG: |-- TrojanJorik 2019-01-07 10:36:35,435 [cuckoo.core.startup] DEBUG: |-- TrojanLethic 2019-01-07 10:36:35,435 [cuckoo.core.startup] DEBUG: |-- TrojanLethic 2019-01-07 10:36:35,435 [cuckoo.core.startup] DEBUG: |-- trojanmrblack 2019-01-07 10:36:35,435 [cuckoo.core.startup] DEBUG: |-- TrojanRedosru 2019-01-07 10:36:35,435 [cuckoo.core.startup] DEBUG: |-- TrojanSysn 2019-01-07 10:36:35,435 [cuckoo.core.startup] DEBUG: |-- trojanyoddos 2019-01-07 10:36:35,435 [cuckoo.core.startup] DEBUG: |-- TufikMutexes 2019-01-07 10:36:35,435 [cuckoo.core.startup] DEBUG: |-- Turkojan 2019-01-07 10:36:35,436 [cuckoo.core.startup] DEBUG: |-- TurlaCarbon 2019-01-07 10:36:35,436 [cuckoo.core.startup] DEBUG: |-- UFRStealer 2019-01-07 10:36:35,436 [cuckoo.core.startup] DEBUG: |-- Unhook 2019-01-07 10:36:35,436 [cuckoo.core.startup] DEBUG: |-- Upatre 2019-01-07 10:36:35,436 [cuckoo.core.startup] DEBUG: |-- UpatreTDMutexes 2019-01-07 10:36:35,436 [cuckoo.core.startup] DEBUG: |-- UPXCompressed 2019-01-07 10:36:35,436 [cuckoo.core.startup] DEBUG: |-- UrkShortCN 2019-01-07 10:36:35,436 [cuckoo.core.startup] DEBUG: |-- URLFile 2019-01-07 10:36:35,437 [cuckoo.core.startup] DEBUG: |-- URLSpy 2019-01-07 10:36:35,437 [cuckoo.core.startup] DEBUG: |-- UroburosFile 2019-01-07 10:36:35,437 [cuckoo.core.startup] DEBUG: |-- UroburosMutexes 2019-01-07 10:36:35,437 [cuckoo.core.startup] DEBUG: |-- Urxbot 2019-01-07 10:36:35,437 [cuckoo.core.startup] DEBUG: |-- UsesWindowsUtilities 2019-01-07 10:36:35,437 [cuckoo.core.startup] DEBUG: |-- Vanbot 2019-01-07 10:36:35,437 [cuckoo.core.startup] DEBUG: |-- VBInject 2019-01-07 10:36:35,437 [cuckoo.core.startup] DEBUG: |-- VBoxDetectACPI 2019-01-07 10:36:35,437 [cuckoo.core.startup] DEBUG: |-- VBoxDetectDevices 2019-01-07 10:36:35,438 [cuckoo.core.startup] DEBUG: |-- VBoxDetectFiles 2019-01-07 10:36:35,438 [cuckoo.core.startup] DEBUG: |-- VBoxDetectKeys 2019-01-07 10:36:35,438 [cuckoo.core.startup] DEBUG: |-- VBoxDetectProvname 2019-01-07 10:36:35,438 [cuckoo.core.startup] DEBUG: |-- VBoxDetectWindow 2019-01-07 10:36:35,438 [cuckoo.core.startup] DEBUG: |-- Vertex 2019-01-07 10:36:35,438 [cuckoo.core.startup] DEBUG: |-- VertexSolarURL 2019-01-07 10:36:35,438 [cuckoo.core.startup] DEBUG: |-- VirtualPCDetect 2019-01-07 10:36:35,438 [cuckoo.core.startup] DEBUG: |-- VirtualPCDetectWindow 2019-01-07 10:36:35,439 [cuckoo.core.startup] DEBUG: |-- VirtualPCIllegalInstruction 2019-01-07 10:36:35,439 [cuckoo.core.startup] DEBUG: |-- Virut 2019-01-07 10:36:35,439 [cuckoo.core.startup] DEBUG: |-- VMFirmware 2019-01-07 10:36:35,439 [cuckoo.core.startup] DEBUG: |-- VMPPacked 2019-01-07 10:36:35,439 [cuckoo.core.startup] DEBUG: |-- VMWareDetectFiles 2019-01-07 10:36:35,439 [cuckoo.core.startup] DEBUG: |-- VMWareDetectKeys 2019-01-07 10:36:35,439 [cuckoo.core.startup] DEBUG: |-- VMwareDetectWindow 2019-01-07 10:36:35,439 [cuckoo.core.startup] DEBUG: |-- VMWareInInstruction 2019-01-07 10:36:35,439 [cuckoo.core.startup] DEBUG: |-- VncMutexes 2019-01-07 10:36:35,440 [cuckoo.core.startup] DEBUG: |-- VNLoaderURL 2019-01-07 10:36:35,440 [cuckoo.core.startup] DEBUG: |-- VolDevicetree1 2019-01-07 10:36:35,440 [cuckoo.core.startup] DEBUG: |-- VolHandles1 2019-01-07 10:36:35,440 [cuckoo.core.startup] DEBUG: |-- VolLdrModules1 2019-01-07 10:36:35,440 [cuckoo.core.startup] DEBUG: |-- VolLdrModules2 2019-01-07 10:36:35,440 [cuckoo.core.startup] DEBUG: |-- VolMalfind1 2019-01-07 10:36:35,440 [cuckoo.core.startup] DEBUG: |-- VolModscan1 2019-01-07 10:36:35,440 [cuckoo.core.startup] DEBUG: |-- VolSvcscan1 2019-01-07 10:36:35,441 [cuckoo.core.startup] DEBUG: |-- VolSvcscan2 2019-01-07 10:36:35,441 [cuckoo.core.startup] DEBUG: |-- VolSvcscan3 2019-01-07 10:36:35,441 [cuckoo.core.startup] DEBUG: |-- VPCDetectKeys 2019-01-07 10:36:35,441 [cuckoo.core.startup] DEBUG: |-- Wakbot 2019-01-07 10:36:35,441 [cuckoo.core.startup] DEBUG: |-- WarbotURL 2019-01-07 10:36:35,441 [cuckoo.core.startup] DEBUG: |-- Whimoo 2019-01-07 10:36:35,441 [cuckoo.core.startup] DEBUG: |-- Win32ProcessCreate 2019-01-07 10:36:35,441 [cuckoo.core.startup] DEBUG: |-- WineDetect 2019-01-07 10:36:35,442 [cuckoo.core.startup] DEBUG: |-- WinSCP 2019-01-07 10:36:35,442 [cuckoo.core.startup] DEBUG: |-- WinSxsBot 2019-01-07 10:36:35,442 [cuckoo.core.startup] DEBUG: |-- WMIAntiVM 2019-01-07 10:36:35,442 [cuckoo.core.startup] DEBUG: |-- WMIPersistance 2019-01-07 10:36:35,442 [cuckoo.core.startup] DEBUG: |-- WMIService 2019-01-07 10:36:35,442 [cuckoo.core.startup] DEBUG: |-- WormAllaple 2019-01-07 10:36:35,442 [cuckoo.core.startup] DEBUG: |-- WormKolabc 2019-01-07 10:36:35,442 [cuckoo.core.startup] DEBUG: |-- XenDetectKeys 2019-01-07 10:36:35,442 [cuckoo.core.startup] DEBUG: |-- XtremeRAT 2019-01-07 10:36:35,443 [cuckoo.core.startup] DEBUG: |-- Xworm 2019-01-07 10:36:35,443 [cuckoo.core.startup] DEBUG: |-- Zegost 2019-01-07 10:36:35,443 [cuckoo.core.startup] DEBUG: |-- ZeusMutexes 2019-01-07 10:36:35,443 [cuckoo.core.startup] DEBUG: |-- ZeusP2P 2019-01-07 10:36:35,443 [cuckoo.core.startup] DEBUG: |-- ZeusURL 2019-01-07 10:36:35,443 [cuckoo.core.startup] DEBUG:-- ZoneID 2019-01-07 10:36:35,443 [cuckoo.core.startup] DEBUG: Imported "reporting" modules: 2019-01-07 10:36:35,443 [cuckoo.core.startup] DEBUG: |-- ElasticSearch 2019-01-07 10:36:35,444 [cuckoo.core.startup] DEBUG: |-- Feedback 2019-01-07 10:36:35,444 [cuckoo.core.startup] DEBUG: |-- JsonDump 2019-01-07 10:36:35,444 [cuckoo.core.startup] DEBUG: |-- Mattermost 2019-01-07 10:36:35,444 [cuckoo.core.startup] DEBUG: |-- MISP 2019-01-07 10:36:35,444 [cuckoo.core.startup] DEBUG: |-- Moloch 2019-01-07 10:36:35,444 [cuckoo.core.startup] DEBUG: |-- MongoDB 2019-01-07 10:36:35,444 [cuckoo.core.startup] DEBUG: |-- Notification 2019-01-07 10:36:35,444 [cuckoo.core.startup] DEBUG: `-- SingleFile 2019-01-07 10:36:35,451 [cuckoo.core.startup] DEBUG: Checking for locked tasks.. 2019-01-07 10:36:35,463 [cuckoo.core.startup] DEBUG: Checking for pending service tasks.. 2019-01-07 10:36:35,473 [cuckoo.core.startup] DEBUG: Initializing Yara... 2019-01-07 10:36:35,475 [cuckoo.core.startup] DEBUG: |-- binaries embedded.yar 2019-01-07 10:36:35,475 [cuckoo.core.startup] DEBUG: |-- binaries filetypes.yar 2019-01-07 10:36:35,475 [cuckoo.core.startup] DEBUG: |-- binaries shellcodes.yar 2019-01-07 10:36:35,476 [cuckoo.core.startup] DEBUG: |-- binaries vmdetect.yar 2019-01-07 10:36:35,478 [cuckoo.core.startup] DEBUG: |-- scripts applocker_bypass.yar 2019-01-07 10:36:35,478 [cuckoo.core.startup] DEBUG: |-- scripts powerfun.yar 2019-01-07 10:36:35,478 [cuckoo.core.startup] DEBUG: |-- scripts powershell_AMSI.yar 2019-01-07 10:36:35,479 [cuckoo.core.startup] DEBUG: |-- scripts powershell_BITS_transfer.yar 2019-01-07 10:36:35,479 [cuckoo.core.startup] DEBUG: |-- scripts powershell_ddi_rc4.yar 2019-01-07 10:36:35,479 [cuckoo.core.startup] DEBUG: |-- scripts powershell_dfsp.yar 2019-01-07 10:36:35,479 [cuckoo.core.startup] DEBUG: |-- scripts powershell_di.yar 2019-01-07 10:36:35,479 [cuckoo.core.startup] DEBUG: |-- scripts powershell_empire.yar 2019-01-07 10:36:35,479 [cuckoo.core.startup] DEBUG: |-- scripts powershell_meterpreter.yar 2019-01-07 10:36:35,479 [cuckoo.core.startup] DEBUG: |-- scripts powershell_txt_c2.yar 2019-01-07 10:36:35,479 [cuckoo.core.startup] DEBUG: |-- scripts powershell_unicorn.yar 2019-01-07 10:36:35,479 [cuckoo.core.startup] DEBUG: |-- scripts powerworm.yar 2019-01-07 10:36:35,480 [cuckoo.core.startup] DEBUG: |-- shellcode metasploit.yar 2019-01-07 10:36:35,481 [cuckoo.core.startup] DEBUG: |-- office dde.yar 2019-01-07 10:36:35,481 [cuckoo.core.startup] DEBUG: |-- office ole.yar 2019-01-07 10:36:35,482 [cuckoo.core.resultserver] DEBUG: ResultServer running on 0.0.0.0:2042. 2019-01-07 10:36:35,483 [cuckoo.core.scheduler] INFO: Using "physical" as machine manager 2019-01-07 10:36:35,503 [cuckoo.machinery.physical] DEBUG: Getting status for machine: physical1. 2019-01-07 10:36:35,523 [cuckoo.core.scheduler] INFO: Loaded 1 machine/s 2019-01-07 10:36:35,537 [cuckoo.core.scheduler] INFO: Waiting for analysis tasks. 2019-01-07 10:37:15,269 [cuckoo.core.scheduler] DEBUG: Processing task #6 2019-01-07 10:37:15,279 [cuckoo.core.scheduler] INFO: Starting analysis of URL "http://www.google.com" (task #6, options "procmemdump=yes,route=none") 2019-01-07 10:37:15,302 [cuckoo.core.scheduler] INFO: Task #6: acquired machine physical1 (label=physical1) 2019-01-07 10:37:15,303 [cuckoo.core.plugins] DEBUG: Started auxiliary module: Replay 2019-01-07 10:37:15,308 [cuckoo.auxiliary.sniffer] INFO: Started sniffer with PID 2881 (interface=eth0, host=ip) 2019-01-07 10:37:15,308 [cuckoo.core.plugins] DEBUG: Started auxiliary module: Sniffer 2019-01-07 10:37:15,324 [cuckoo.machinery.physical] DEBUG: Checking if machine u'physical1' is running. 2019-01-07 10:37:15,324 [cuckoo.machinery.physical] DEBUG: Getting status for machine: physical1. 2019-01-07 10:37:15,331 [cuckoo.machinery.physical] DEBUG: Machine already running: physical1. 2019-01-07 10:37:15,347 [cuckoo.core.guest] INFO: Starting analysis on guest (id=physical1, ip=ip) 2019-01-07 10:37:15,355 [cuckoo.core.guest] DEBUG: physical1: waiting for status 0x0001 2019-01-07 10:37:15,363 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:37:16,369 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:37:17,374 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:37:18,380 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:37:19,386 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:37:20,392 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:37:21,398 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:37:22,405 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:37:23,410 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:37:24,416 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:37:25,424 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:37:26,429 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:37:27,435 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:37:28,440 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:37:29,446 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:37:30,454 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:37:31,459 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:37:32,465 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:37:33,470 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:37:34,476 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:37:35,482 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:37:36,487 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:37:37,493 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:37:38,499 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:37:39,504 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:37:40,510 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:37:41,515 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:37:42,521 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:37:43,527 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:37:44,533 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:37:45,540 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:37:46,545 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:37:47,551 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:37:48,556 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:37:49,561 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:37:50,567 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:37:51,573 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:37:52,579 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:37:53,585 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:37:54,590 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:37:55,596 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:37:56,602 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:37:57,608 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:37:58,613 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:37:59,619 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:38:00,626 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:38:01,632 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:38:02,639 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:38:03,645 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:38:04,650 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:38:05,657 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:38:06,662 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:38:10,740 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:38:11,745 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:38:12,751 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:38:13,757 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:38:14,764 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:38:15,769 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:38:16,774 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:38:17,780 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:38:18,785 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:38:19,799 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:38:20,805 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:38:21,810 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:38:22,816 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:38:23,821 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:38:24,827 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:38:25,831 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:38:26,837 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:38:27,843 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:38:28,848 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:38:29,854 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:38:30,860 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:38:31,868 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:38:32,874 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:38:33,879 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:38:34,884 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:38:35,890 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:38:36,895 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:38:37,901 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:38:38,907 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:38:39,913 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:38:40,919 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:38:41,925 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:38:42,930 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:38:43,935 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:38:44,941 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:38:45,947 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:38:46,955 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:38:47,961 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:38:48,966 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:38:49,972 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:38:50,978 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:38:51,984 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:38:52,989 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:38:53,995 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:38:55,001 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:38:56,007 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:38:57,013 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:38:58,019 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:38:59,025 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:00,030 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:01,035 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:02,045 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:03,050 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:04,056 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:05,062 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:06,067 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:07,073 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:08,078 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:09,084 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:10,090 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:11,095 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:12,101 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:13,107 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:14,113 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:15,118 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:16,123 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:17,131 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:18,137 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:19,142 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:20,146 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:21,152 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:22,158 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:23,165 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:24,171 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:25,176 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:26,182 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:27,187 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:28,192 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:29,198 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:30,203 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:31,209 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:32,216 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:33,221 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:34,227 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:35,232 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:36,238 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:37,244 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:38,249 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:39,254 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:40,260 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:41,265 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:42,271 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:43,277 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:44,282 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:45,288 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:46,293 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:47,301 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:48,306 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:49,312 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:50,317 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:51,323 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:52,328 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:53,334 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:54,340 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:55,345 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:56,351 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:57,356 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:58,362 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:39:59,367 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:40:00,373 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:40:01,379 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:40:02,385 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:40:03,390 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:40:04,397 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:40:05,403 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:40:06,409 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:40:07,415 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:40:08,421 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:40:09,427 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:40:10,433 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:40:11,439 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:40:12,445 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:40:13,450 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:40:14,455 [cuckoo.core.guest] DEBUG: physical1: not ready yet 2019-01-07 10:40:15,459 [cuckoo.core.scheduler] ERROR: Error from machine 'physical1': it appears that this Virtual Machine hasn't been configured properly as the Cuckoo Host wasn't able to connect to the Guest. There could be a few reasons for this, please refer to our documentation on the matter: https://cuckoo.sh/docs/faq/index.html#troubleshooting-vm-network-configuration 2019-01-07 10:40:15,464 [cuckoo.core.plugins] DEBUG: Stopped auxiliary module: Replay 2019-01-07 10:40:15,494 [cuckoo.core.plugins] DEBUG: Stopped auxiliary module: Sniffer 2019-01-07 10:40:15,494 [cuckoo.machinery.physical] DEBUG: Getting status for machine: physical1. 2019-01-07 10:40:15,501 [cuckoo.machinery.physical] DEBUG: Rebooting machine: physical1.My Cuckoo version and operating system are:
Windows_Server-2008-R2_SP1-English-64Bit-Base-2018.12.12
This can be reproduced by:
The log, error, files etc can be found at:
curl output: curl ip:8000
Error response
Error code 501.
Message: Unsupported method ('GET').
Error code explanation: 501 = Server does not support this operation.