ramius1521
commented
4 years ago I have the same problem, Yara don't work on my analysis.
YARA version 3.10
My cuckoo version are 2.0.7 and my operating system are UBUNTU 16.04
Open ebolanoso opened 5 years ago
ramius1521
commented
4 years ago I have the same problem, Yara don't work on my analysis.
YARA version 3.10
My cuckoo version are 2.0.7 and my operating system are UBUNTU 16.04
ebolanoso
commented
4 years ago Can you help us, please? @RicoVZ , @jbremer
flycows01
commented
4 years ago I have the same problem ,Have you solved it。
ramius1521
commented
4 years ago I have the same problem ,Have you solved it。
This is the answer that i received
Hi Sebastian,
Great to hear you like Cuckoo Sandbox!
Always having a score of 0 is certainly not supposed to happen.
Have you downloaded and installed the Cuckoo signatures? The score depends on how many and which signatures are triggered. You can do this by running: 'cuckoo community --force'.
The force flag ensures it will overwrite any existing/outdated files. We recommend running this command once every few weeks, as this will update the Cuckoo monitor and signatures.
A different cause can be that the analyses crash when starting. This can be caused by an unsupported OS in the analysis machines. The recommended OS to use for analyzing samples is Windows 7. This OS is best supported by the Cuckoo monitor (the component that tracks process behavior).
I noticed the file is an office file, are macros etc enabled inside of the VM?
Hope that helps!
Regards, Ricardo van Zutphen
nadir3392
commented
4 years ago Hi for evry one witch repertoire you are make the YARA rules,
I installed YARA in my host, and enabled [yarascan] in "memory.conf", but the summary report don't show the signatures.
YARA version 3.7.1
My cuckoo version are 2.0.7 and my operating system are UBUNTU 18