search

cuckoosandbox / cuckoo

Cuckoo Sandbox is an automated dynamic malware analysis system
http://www.cuckoosandbox.org
Other
5.56k stars 1.7k forks source link

[cuckoo] CRITICAL: CuckooCriticalError: Couldn't connect to vSphere host: 'NoneType' object has no attribute 'rootSnapshotList' #2934

Closed samuelkneppel closed 4 years ago

samuelkneppel commented 4 years ago

Thanks for creating an issue! But first: did you read our community guidelines? https://cuckoo.sh/docs/introduction/community.html

My issue is:

Whenever I try to run Cuckoo in my environment, I receive the following error: [cuckoo] CRITICAL: CuckooCriticalError: Couldn't connect to vSphere host: 'NoneType' object has no attribute 'rootSnapshotList'.

Any help would be much appreciated.

My Cuckoo version and operating system are:

I am running Cuckoo version 2.0.7 on Ubuntu 18.04.3 LTS running within my vSphere environment. My Windows 7 sandbox VM is located elsewhere in vSphere. Each of my servers is running ESXi 6.7U3 and my vSphere Server Appliance is on version 6.7.0.41000.

This can be reproduced by:

Running cuckoo from my venv I have created. When I first created it, I also ran the following commands to get libvirt installed:

$ sudo apt install pkg-config
$ sudo apt insatll libvirt-dev
(venv)$ pip install libvirt-python
The log, error, files etc can be found at:

Here is a log of the error:

(venv) cuckoo@cuckoo:~$ cuckoo -d

                                 _|
     _|_|_|  _|    _|    _|_|_|  _|  _|      _|_|      _|_|
   _|        _|    _|  _|        _|_|      _|    _|  _|    _|
   _|        _|    _|  _|        _|  _|    _|    _|  _|    _|
     _|_|_|    _|_|_|    _|_|_|  _|    _|    _|_|      _|_|

 Cuckoo Sandbox 2.0.7
 www.cuckoosandbox.org
 Copyright (c) 2010-2018

2020-01-06 18:30:15,029 [cuckoo] DEBUG: Increasing resource limit for number of open files to 1048576
 Checking for updates...
 You're good to go!

 Our latest blogposts:
 * Cuckoo Sandbox 2.0.7, June 19, 2019.
   Stability and security
   More at https://cuckoosandbox.org/blog/207-interim-release

 * IQY malspam campaign, October 15, 2018.
   Analysis of a malspam campaign leveraging .IQY (Excel Web Query) files containing DDE to achieve code execution.
   More at https://hatching.io/blog/iqy-malspam

 * Hooking VBScript execution in Cuckoo, October 03, 2018.
   Details on implementation of Visual Basic Script instrumentation for Cuckoo Monitor for extraction of dynamically executed VBScript.
   More at https://hatching.io/blog/vbscript-hooking

 * Cuckoo Sandbox 2.0.6 pentest, September 18, 2018.
   Cuckoo Sandbox 2.0.6 public pentest performed by Cure53 and sponsored by PolySwarm!
   More at https://hatching.io/blog/cuckoo-206-pentest

 * Cuckoo Sandbox 2.0.6, June 07, 2018.
   Interim release awaiting the big release.
   More at https://cuckoosandbox.org/blog/206-interim-release

2020-01-06 18:30:15,653 [cuckoo.core.database] DEBUG: Using database-wide lock for sqlite
2020-01-06 18:30:15,786 [cuckoo.core.startup] DEBUG: Imported modules...
2020-01-06 18:30:15,789 [cuckoo.core.startup] DEBUG: Imported "auxiliary" modules:
2020-01-06 18:30:15,789 [cuckoo.core.startup] DEBUG:     |-- MITM
2020-01-06 18:30:15,789 [cuckoo.core.startup] DEBUG:     |-- Reboot
2020-01-06 18:30:15,789 [cuckoo.core.startup] DEBUG:     |-- Replay
2020-01-06 18:30:15,789 [cuckoo.core.startup] DEBUG:     |-- Services
2020-01-06 18:30:15,790 [cuckoo.core.startup] DEBUG:     `-- Sniffer
2020-01-06 18:30:15,790 [cuckoo.core.startup] DEBUG: Imported "machinery" modules:
2020-01-06 18:30:15,790 [cuckoo.core.startup] DEBUG:     |-- vSphere
2020-01-06 18:30:15,790 [cuckoo.core.startup] DEBUG:     |-- KVM
2020-01-06 18:30:15,790 [cuckoo.core.startup] DEBUG:     |-- ESX
2020-01-06 18:30:15,790 [cuckoo.core.startup] DEBUG:     |-- XenServer
2020-01-06 18:30:15,790 [cuckoo.core.startup] DEBUG:     |-- VirtualBox
2020-01-06 18:30:15,790 [cuckoo.core.startup] DEBUG:     |-- Avd
2020-01-06 18:30:15,790 [cuckoo.core.startup] DEBUG:     |-- QEMU
2020-01-06 18:30:15,791 [cuckoo.core.startup] DEBUG:     |-- VMware
2020-01-06 18:30:15,791 [cuckoo.core.startup] DEBUG:     `-- Physical
2020-01-06 18:30:15,791 [cuckoo.core.startup] DEBUG: Imported "processing" modules:
2020-01-06 18:30:15,791 [cuckoo.core.startup] DEBUG:     |-- AnalysisInfo
2020-01-06 18:30:15,791 [cuckoo.core.startup] DEBUG:     |-- ApkInfo
2020-01-06 18:30:15,791 [cuckoo.core.startup] DEBUG:     |-- Baseline
2020-01-06 18:30:15,791 [cuckoo.core.startup] DEBUG:     |-- BehaviorAnalysis
2020-01-06 18:30:15,791 [cuckoo.core.startup] DEBUG:     |-- Debug
2020-01-06 18:30:15,792 [cuckoo.core.startup] DEBUG:     |-- Droidmon
2020-01-06 18:30:15,792 [cuckoo.core.startup] DEBUG:     |-- Dropped
2020-01-06 18:30:15,792 [cuckoo.core.startup] DEBUG:     |-- DroppedBuffer
2020-01-06 18:30:15,792 [cuckoo.core.startup] DEBUG:     |-- Extracted
2020-01-06 18:30:15,792 [cuckoo.core.startup] DEBUG:     |-- GooglePlay
2020-01-06 18:30:15,792 [cuckoo.core.startup] DEBUG:     |-- Irma
2020-01-06 18:30:15,792 [cuckoo.core.startup] DEBUG:     |-- Memory
2020-01-06 18:30:15,792 [cuckoo.core.startup] DEBUG:     |-- MetaInfo
2020-01-06 18:30:15,792 [cuckoo.core.startup] DEBUG:     |-- MISP
2020-01-06 18:30:15,792 [cuckoo.core.startup] DEBUG:     |-- NetworkAnalysis
2020-01-06 18:30:15,793 [cuckoo.core.startup] DEBUG:     |-- ProcessMemory
2020-01-06 18:30:15,793 [cuckoo.core.startup] DEBUG:     |-- Procmon
2020-01-06 18:30:15,793 [cuckoo.core.startup] DEBUG:     |-- Screenshots
2020-01-06 18:30:15,793 [cuckoo.core.startup] DEBUG:     |-- Snort
2020-01-06 18:30:15,793 [cuckoo.core.startup] DEBUG:     |-- Static
2020-01-06 18:30:15,793 [cuckoo.core.startup] DEBUG:     |-- Strings
2020-01-06 18:30:15,793 [cuckoo.core.startup] DEBUG:     |-- Suricata
2020-01-06 18:30:15,793 [cuckoo.core.startup] DEBUG:     |-- TargetInfo
2020-01-06 18:30:15,793 [cuckoo.core.startup] DEBUG:     |-- TLSMasterSecrets
2020-01-06 18:30:15,794 [cuckoo.core.startup] DEBUG:     `-- VirusTotal
2020-01-06 18:30:15,794 [cuckoo.core.startup] DEBUG: Imported "signatures" modules:
2020-01-06 18:30:15,794 [cuckoo.core.startup] DEBUG:     |-- AndroidAbortBroadcast
2020-01-06 18:30:15,794 [cuckoo.core.startup] DEBUG:     |-- AndroidAccountInfo
2020-01-06 18:30:15,794 [cuckoo.core.startup] DEBUG:     |-- AndroidAppInfo
2020-01-06 18:30:15,794 [cuckoo.core.startup] DEBUG:     |-- AndroidAudio
2020-01-06 18:30:15,794 [cuckoo.core.startup] DEBUG:     |-- AndroidCamera
2020-01-06 18:30:15,794 [cuckoo.core.startup] DEBUG:     |-- AndroidDangerousPermissions
2020-01-06 18:30:15,794 [cuckoo.core.startup] DEBUG:     |-- AndroidDeletedApp
2020-01-06 18:30:15,794 [cuckoo.core.startup] DEBUG:     |-- AndroidDynamicCode
2020-01-06 18:30:15,795 [cuckoo.core.startup] DEBUG:     |-- AndroidEmbeddedApk
2020-01-06 18:30:15,795 [cuckoo.core.startup] DEBUG:     |-- AndroidGooglePlayDiff
2020-01-06 18:30:15,795 [cuckoo.core.startup] DEBUG:     |-- AndroidInstalledApps
2020-01-06 18:30:15,795 [cuckoo.core.startup] DEBUG:     |-- AndroidNativeCode
2020-01-06 18:30:15,795 [cuckoo.core.startup] DEBUG:     |-- AndroidPhoneNumber
2020-01-06 18:30:15,795 [cuckoo.core.startup] DEBUG:     |-- AndroidPrivateInfoQuery
2020-01-06 18:30:15,795 [cuckoo.core.startup] DEBUG:     |-- AndroidReflectionCode
2020-01-06 18:30:15,795 [cuckoo.core.startup] DEBUG:     |-- AndroidRegisteredReceiver
2020-01-06 18:30:15,796 [cuckoo.core.startup] DEBUG:     |-- AndroidShellCommands
2020-01-06 18:30:15,796 [cuckoo.core.startup] DEBUG:     |-- AndroidSMS
2020-01-06 18:30:15,796 [cuckoo.core.startup] DEBUG:     |-- AndroidStopProcess
2020-01-06 18:30:15,796 [cuckoo.core.startup] DEBUG:     |-- ApplicationUsesLocation
2020-01-06 18:30:15,796 [cuckoo.core.startup] DEBUG:     |-- KnownVirustotal
2020-01-06 18:30:15,796 [cuckoo.core.startup] DEBUG:     |-- AntiAnalysisJavascript
2020-01-06 18:30:15,796 [cuckoo.core.startup] DEBUG:     |-- DumpedBuffer
2020-01-06 18:30:15,796 [cuckoo.core.startup] DEBUG:     |-- DumpedBuffer2
2020-01-06 18:30:15,796 [cuckoo.core.startup] DEBUG:     |-- EncryptionKeys
2020-01-06 18:30:15,796 [cuckoo.core.startup] DEBUG:     |-- EvalJS
2020-01-06 18:30:15,797 [cuckoo.core.startup] DEBUG:     |-- HtmlFlash
2020-01-06 18:30:15,797 [cuckoo.core.startup] DEBUG:     |-- JsIframe
2020-01-06 18:30:15,797 [cuckoo.core.startup] DEBUG:     |-- PDFAttachments
2020-01-06 18:30:15,797 [cuckoo.core.startup] DEBUG:     |-- PDFJavaScript
2020-01-06 18:30:15,797 [cuckoo.core.startup] DEBUG:     |-- PDFOpenAction
2020-01-06 18:30:15,797 [cuckoo.core.startup] DEBUG:     |-- PDFOpenActionJS
2020-01-06 18:30:15,797 [cuckoo.core.startup] DEBUG:     |-- SuspiciousJavascript
2020-01-06 18:30:15,797 [cuckoo.core.startup] DEBUG:     |-- DarwinCodeInjection
2020-01-06 18:30:15,797 [cuckoo.core.startup] DEBUG:     |-- TaskForPid
2020-01-06 18:30:15,798 [cuckoo.core.startup] DEBUG:     |-- DeadHost
2020-01-06 18:30:15,798 [cuckoo.core.startup] DEBUG:     |-- NetworkBIND
2020-01-06 18:30:15,798 [cuckoo.core.startup] DEBUG:     |-- NetworkCnCHTTP
2020-01-06 18:30:15,798 [cuckoo.core.startup] DEBUG:     |-- NetworkDNSTXTLookup
2020-01-06 18:30:15,798 [cuckoo.core.startup] DEBUG:     |-- NetworkDynDNS
2020-01-06 18:30:15,798 [cuckoo.core.startup] DEBUG:     |-- NetworkHTTP
2020-01-06 18:30:15,798 [cuckoo.core.startup] DEBUG:     |-- NetworkHTTPPOST
2020-01-06 18:30:15,798 [cuckoo.core.startup] DEBUG:     |-- NetworkICMP
2020-01-06 18:30:15,798 [cuckoo.core.startup] DEBUG:     |-- NetworkIRC
2020-01-06 18:30:15,798 [cuckoo.core.startup] DEBUG:     |-- NetworkSMTP
2020-01-06 18:30:15,799 [cuckoo.core.startup] DEBUG:     |-- NoLookupCommunication
2020-01-06 18:30:15,799 [cuckoo.core.startup] DEBUG:     |-- P2PCnC
2020-01-06 18:30:15,799 [cuckoo.core.startup] DEBUG:     |-- SnortAlert
2020-01-06 18:30:15,799 [cuckoo.core.startup] DEBUG:     |-- SuricataAlert
2020-01-06 18:30:15,799 [cuckoo.core.startup] DEBUG:     |-- Suspicious_TLD
2020-01-06 18:30:15,799 [cuckoo.core.startup] DEBUG:     |-- TorGateway
2020-01-06 18:30:15,799 [cuckoo.core.startup] DEBUG:     |-- WscriptDownloader
2020-01-06 18:30:15,799 [cuckoo.core.startup] DEBUG:     |-- AddsUser
2020-01-06 18:30:15,799 [cuckoo.core.startup] DEBUG:     |-- AddsUserAdmin
2020-01-06 18:30:15,800 [cuckoo.core.startup] DEBUG:     |-- ADS
2020-01-06 18:30:15,800 [cuckoo.core.startup] DEBUG:     |-- Adzok
2020-01-06 18:30:15,800 [cuckoo.core.startup] DEBUG:     |-- AlinaFile
2020-01-06 18:30:15,800 [cuckoo.core.startup] DEBUG:     |-- AlineURL
2020-01-06 18:30:15,800 [cuckoo.core.startup] DEBUG:     |-- AllocatesExecuteRemoteProccess
2020-01-06 18:30:15,800 [cuckoo.core.startup] DEBUG:     |-- AllocatesRWX
2020-01-06 18:30:15,800 [cuckoo.core.startup] DEBUG:     |-- AmsiBypass
2020-01-06 18:30:15,800 [cuckoo.core.startup] DEBUG:     |-- Andromeda
2020-01-06 18:30:15,800 [cuckoo.core.startup] DEBUG:     |-- AntiAnalysisDetectFile
2020-01-06 18:30:15,800 [cuckoo.core.startup] DEBUG:     |-- AntiAVDetectFile
2020-01-06 18:30:15,801 [cuckoo.core.startup] DEBUG:     |-- AntiAVDetectReg
2020-01-06 18:30:15,801 [cuckoo.core.startup] DEBUG:     |-- AntiAVServiceStop
2020-01-06 18:30:15,801 [cuckoo.core.startup] DEBUG:     |-- AntiAVSRP
2020-01-06 18:30:15,801 [cuckoo.core.startup] DEBUG:     |-- AntiDBGDevices
2020-01-06 18:30:15,801 [cuckoo.core.startup] DEBUG:     |-- AntiDBGWindows
2020-01-06 18:30:15,801 [cuckoo.core.startup] DEBUG:     |-- AntisandboxClipboard
2020-01-06 18:30:15,801 [cuckoo.core.startup] DEBUG:     |-- AntiSandboxFile
2020-01-06 18:30:15,801 [cuckoo.core.startup] DEBUG:     |-- AntiSandboxForegroundWindow
2020-01-06 18:30:15,801 [cuckoo.core.startup] DEBUG:     |-- AntiSandboxIdleTime
2020-01-06 18:30:15,802 [cuckoo.core.startup] DEBUG:     |-- AntiSandboxRestart
2020-01-06 18:30:15,802 [cuckoo.core.startup] DEBUG:     |-- AntiSandboxSleep
2020-01-06 18:30:15,802 [cuckoo.core.startup] DEBUG:     |-- AntiVirusIRMA
2020-01-06 18:30:15,802 [cuckoo.core.startup] DEBUG:     |-- AntiVMBios
2020-01-06 18:30:15,802 [cuckoo.core.startup] DEBUG:     |-- AntiVMComputernameQuery
2020-01-06 18:30:15,802 [cuckoo.core.startup] DEBUG:     |-- AntiVMCPU
2020-01-06 18:30:15,802 [cuckoo.core.startup] DEBUG:     |-- AntiVMDiskSize
2020-01-06 18:30:15,802 [cuckoo.core.startup] DEBUG:     |-- AntiVMIDE
2020-01-06 18:30:15,802 [cuckoo.core.startup] DEBUG:     |-- AntiVMSCSI
2020-01-06 18:30:15,802 [cuckoo.core.startup] DEBUG:     |-- AntiVMServices
2020-01-06 18:30:15,803 [cuckoo.core.startup] DEBUG:     |-- AntiVMSharedDevice
2020-01-06 18:30:15,803 [cuckoo.core.startup] DEBUG:     |-- ApplicationExceptionCrash
2020-01-06 18:30:15,803 [cuckoo.core.startup] DEBUG:     |-- AppLockerBypass
2020-01-06 18:30:15,803 [cuckoo.core.startup] DEBUG:     |-- APT_Carbunak
2020-01-06 18:30:15,803 [cuckoo.core.startup] DEBUG:     |-- APT_CloudAtlas
2020-01-06 18:30:15,803 [cuckoo.core.startup] DEBUG:     |-- apt_sandworm_ip
2020-01-06 18:30:15,803 [cuckoo.core.startup] DEBUG:     |-- apt_sandworm_url
2020-01-06 18:30:15,803 [cuckoo.core.startup] DEBUG:     |-- ArdamaxMutexes
2020-01-06 18:30:15,803 [cuckoo.core.startup] DEBUG:     |-- AthenaHttp
2020-01-06 18:30:15,804 [cuckoo.core.startup] DEBUG:     |-- AthenaURL
2020-01-06 18:30:15,804 [cuckoo.core.startup] DEBUG:     |-- Autorun
2020-01-06 18:30:15,804 [cuckoo.core.startup] DEBUG:     |-- AvastDetectLibs
2020-01-06 18:30:15,804 [cuckoo.core.startup] DEBUG:     |-- AVDetectionChinaKey
2020-01-06 18:30:15,804 [cuckoo.core.startup] DEBUG:     |-- BadCerts
2020-01-06 18:30:15,804 [cuckoo.core.startup] DEBUG:     |-- Bagle
2020-01-06 18:30:15,804 [cuckoo.core.startup] DEBUG:     |-- Bandook
2020-01-06 18:30:15,804 [cuckoo.core.startup] DEBUG:     |-- banker_bancos
2020-01-06 18:30:15,804 [cuckoo.core.startup] DEBUG:     |-- BankingMutexes
2020-01-06 18:30:15,805 [cuckoo.core.startup] DEBUG:     |-- Banload
2020-01-06 18:30:15,805 [cuckoo.core.startup] DEBUG:     |-- Beastdoor
2020-01-06 18:30:15,805 [cuckoo.core.startup] DEBUG:     |-- BeebusMutexes
2020-01-06 18:30:15,805 [cuckoo.core.startup] DEBUG:     |-- BegseabugTDMutexes
2020-01-06 18:30:15,805 [cuckoo.core.startup] DEBUG:     |-- BetabotURL
2020-01-06 18:30:15,805 [cuckoo.core.startup] DEBUG:     |-- Bifrose
2020-01-06 18:30:15,805 [cuckoo.core.startup] DEBUG:     |-- BitcoinOpenCL
2020-01-06 18:30:15,805 [cuckoo.core.startup] DEBUG:     |-- BitcoinWallet
2020-01-06 18:30:15,805 [cuckoo.core.startup] DEBUG:     |-- BitdefenderDetectLibs
2020-01-06 18:30:15,805 [cuckoo.core.startup] DEBUG:     |-- BlackEnergyMutexes
2020-01-06 18:30:15,806 [cuckoo.core.startup] DEBUG:     |-- Blackhole
2020-01-06 18:30:15,806 [cuckoo.core.startup] DEBUG:     |-- BlackholeURL
2020-01-06 18:30:15,806 [cuckoo.core.startup] DEBUG:     |-- Blackice
2020-01-06 18:30:15,806 [cuckoo.core.startup] DEBUG:     |-- BlackposURL
2020-01-06 18:30:15,806 [cuckoo.core.startup] DEBUG:     |-- BlackRevMutexes
2020-01-06 18:30:15,806 [cuckoo.core.startup] DEBUG:     |-- Blackshades
2020-01-06 18:30:15,806 [cuckoo.core.startup] DEBUG:     |-- BladabindiMutexes
2020-01-06 18:30:15,806 [cuckoo.core.startup] DEBUG:     |-- BochsDetectKeys
2020-01-06 18:30:15,806 [cuckoo.core.startup] DEBUG:     |-- Bootkit
2020-01-06 18:30:15,807 [cuckoo.core.startup] DEBUG:     |-- Bottilda
2020-01-06 18:30:15,807 [cuckoo.core.startup] DEBUG:     |-- BozokKey
2020-01-06 18:30:15,807 [cuckoo.core.startup] DEBUG:     |-- browser_startpage
2020-01-06 18:30:15,807 [cuckoo.core.startup] DEBUG:     |-- BrowserSecurity
2020-01-06 18:30:15,807 [cuckoo.core.startup] DEBUG:     |-- BrowserStealer
2020-01-06 18:30:15,807 [cuckoo.core.startup] DEBUG:     |-- Btcbotnet
2020-01-06 18:30:15,807 [cuckoo.core.startup] DEBUG:     |-- Bublik
2020-01-06 18:30:15,807 [cuckoo.core.startup] DEBUG:     |-- BuildLangID
2020-01-06 18:30:15,807 [cuckoo.core.startup] DEBUG:     |-- BuzusMutexes
2020-01-06 18:30:15,807 [cuckoo.core.startup] DEBUG:     |-- BypassFirewall
2020-01-06 18:30:15,808 [cuckoo.core.startup] DEBUG:     |-- c24URL
2020-01-06 18:30:15,808 [cuckoo.core.startup] DEBUG:     |-- CarberpMutexes
2020-01-06 18:30:15,808 [cuckoo.core.startup] DEBUG:     |-- Ceatrg
2020-01-06 18:30:15,808 [cuckoo.core.startup] DEBUG:     |-- ChanitorMutexes
2020-01-06 18:30:15,808 [cuckoo.core.startup] DEBUG:     |-- CheckIP
2020-01-06 18:30:15,808 [cuckoo.core.startup] DEBUG:     |-- ChecksDebugger
2020-01-06 18:30:15,808 [cuckoo.core.startup] DEBUG:     |-- ChecksKernelDebugger
2020-01-06 18:30:15,808 [cuckoo.core.startup] DEBUG:     |-- ClearPermissionEventLogs
2020-01-06 18:30:15,808 [cuckoo.core.startup] DEBUG:     |-- ClearsEventLogs
2020-01-06 18:30:15,809 [cuckoo.core.startup] DEBUG:     |-- ClickfraudCookies
2020-01-06 18:30:15,809 [cuckoo.core.startup] DEBUG:     |-- cloud_mediafire
2020-01-06 18:30:15,809 [cuckoo.core.startup] DEBUG:     |-- cloud_wetransfer
2020-01-06 18:30:15,809 [cuckoo.core.startup] DEBUG:     |-- CloudFlare
2020-01-06 18:30:15,809 [cuckoo.core.startup] DEBUG:     |-- CloudGoogle
2020-01-06 18:30:15,809 [cuckoo.core.startup] DEBUG:     |-- CoinminerMutexes
2020-01-06 18:30:15,809 [cuckoo.core.startup] DEBUG:     |-- ComRAT
2020-01-06 18:30:15,809 [cuckoo.core.startup] DEBUG:     |-- ConsoleOutput
2020-01-06 18:30:15,809 [cuckoo.core.startup] DEBUG:     |-- Crash
2020-01-06 18:30:15,809 [cuckoo.core.startup] DEBUG:     |-- CreatesAutorunInf
2020-01-06 18:30:15,810 [cuckoo.core.startup] DEBUG:     |-- CreatesDocument
2020-01-06 18:30:15,810 [cuckoo.core.startup] DEBUG:     |-- CreatesExe
2020-01-06 18:30:15,810 [cuckoo.core.startup] DEBUG:     |-- CreatesHiddenFile
2020-01-06 18:30:15,810 [cuckoo.core.startup] DEBUG:     |-- CreatesLargeKey
2020-01-06 18:30:15,810 [cuckoo.core.startup] DEBUG:     |-- CreatesNullRegistryEntry
2020-01-06 18:30:15,810 [cuckoo.core.startup] DEBUG:     |-- CreatesService
2020-01-06 18:30:15,810 [cuckoo.core.startup] DEBUG:     |-- CreatesShortcut
2020-01-06 18:30:15,810 [cuckoo.core.startup] DEBUG:     |-- CreatesSuspiciousProcess
2020-01-06 18:30:15,810 [cuckoo.core.startup] DEBUG:     |-- CreatesUserFolderEXE
2020-01-06 18:30:15,811 [cuckoo.core.startup] DEBUG:     |-- CredentialDumpingLsass
2020-01-06 18:30:15,811 [cuckoo.core.startup] DEBUG:     |-- CredentialDumpingLsassAccess
2020-01-06 18:30:15,811 [cuckoo.core.startup] DEBUG:     |-- Cridex
2020-01-06 18:30:15,811 [cuckoo.core.startup] DEBUG:     |-- CryptGenKey
2020-01-06 18:30:15,811 [cuckoo.core.startup] DEBUG:     |-- Cryptolocker
2020-01-06 18:30:15,811 [cuckoo.core.startup] DEBUG:     |-- CryptoMiningStratumCommand
2020-01-06 18:30:15,811 [cuckoo.core.startup] DEBUG:     |-- CuckooDetectFiles
2020-01-06 18:30:15,811 [cuckoo.core.startup] DEBUG:     |-- Cybergate
2020-01-06 18:30:15,811 [cuckoo.core.startup] DEBUG:     |-- Dapato
2020-01-06 18:30:15,811 [cuckoo.core.startup] DEBUG:     |-- Darkcloud
2020-01-06 18:30:15,812 [cuckoo.core.startup] DEBUG:     |-- DarkddosMutexes
2020-01-06 18:30:15,812 [cuckoo.core.startup] DEBUG:     |-- Darkshell
2020-01-06 18:30:15,812 [cuckoo.core.startup] DEBUG:     |-- Ddos556
2020-01-06 18:30:15,812 [cuckoo.core.startup] DEBUG:     |-- Decay
2020-01-06 18:30:15,812 [cuckoo.core.startup] DEBUG:     |-- DecebalMutexes
2020-01-06 18:30:15,812 [cuckoo.core.startup] DEBUG:     |-- DeepFreezeMutex
2020-01-06 18:30:15,812 [cuckoo.core.startup] DEBUG:     |-- DeletesExecutedFiles
2020-01-06 18:30:15,812 [cuckoo.core.startup] DEBUG:     |-- DelfTrojan
2020-01-06 18:30:15,812 [cuckoo.core.startup] DEBUG:     |-- DEPHeapBypass
2020-01-06 18:30:15,813 [cuckoo.core.startup] DEBUG:     |-- DEPStackBypass
2020-01-06 18:30:15,813 [cuckoo.core.startup] DEBUG:     |-- DerusbiMutexes
2020-01-06 18:30:15,813 [cuckoo.core.startup] DEBUG:     |-- Dexter
2020-01-06 18:30:15,813 [cuckoo.core.startup] DEBUG:     |-- Dibik
2020-01-06 18:30:15,813 [cuckoo.core.startup] DEBUG:     |-- DirtJumper
2020-01-06 18:30:15,813 [cuckoo.core.startup] DEBUG:     |-- DisableCmd
2020-01-06 18:30:15,813 [cuckoo.core.startup] DEBUG:     |-- DisableRegedit
2020-01-06 18:30:15,813 [cuckoo.core.startup] DEBUG:     |-- DisablesAppLaunch
2020-01-06 18:30:15,813 [cuckoo.core.startup] DEBUG:     |-- DisablesBrowserWarn
2020-01-06 18:30:15,813 [cuckoo.core.startup] DEBUG:     |-- DisablesIEHTTP2
2020-01-06 18:30:15,814 [cuckoo.core.startup] DEBUG:     |-- DisablesProxy
2020-01-06 18:30:15,814 [cuckoo.core.startup] DEBUG:     |-- DisablesSecurity
2020-01-06 18:30:15,814 [cuckoo.core.startup] DEBUG:     |-- DisablesSPDYChrome
2020-01-06 18:30:15,814 [cuckoo.core.startup] DEBUG:     |-- DisablesSPDYFirefox
2020-01-06 18:30:15,814 [cuckoo.core.startup] DEBUG:     |-- DisablesSPDYIE
2020-01-06 18:30:15,814 [cuckoo.core.startup] DEBUG:     |-- DisablesSystemRestore
2020-01-06 18:30:15,814 [cuckoo.core.startup] DEBUG:     |-- DisablesWER
2020-01-06 18:30:15,814 [cuckoo.core.startup] DEBUG:     |-- DisablesWindowsUpdate
2020-01-06 18:30:15,814 [cuckoo.core.startup] DEBUG:     |-- DisableTaskMgr
2020-01-06 18:30:15,815 [cuckoo.core.startup] DEBUG:     |-- DiskInformation
2020-01-06 18:30:15,815 [cuckoo.core.startup] DEBUG:     |-- Dns_Freehosting_Domain
2020-01-06 18:30:15,815 [cuckoo.core.startup] DEBUG:     |-- dnsserver_dynamic
2020-01-06 18:30:15,815 [cuckoo.core.startup] DEBUG:     |-- DocumentClose
2020-01-06 18:30:15,815 [cuckoo.core.startup] DEBUG:     |-- DocumentOpen
2020-01-06 18:30:15,815 [cuckoo.core.startup] DEBUG:     |-- DoFoil
2020-01-06 18:30:15,815 [cuckoo.core.startup] DEBUG:     |-- DownloaderCabby
2020-01-06 18:30:15,815 [cuckoo.core.startup] DEBUG:     |-- Dridex_APIs
2020-01-06 18:30:15,815 [cuckoo.core.startup] DEBUG:     |-- Drive
2020-01-06 18:30:15,815 [cuckoo.core.startup] DEBUG:     |-- Drive2
2020-01-06 18:30:15,816 [cuckoo.core.startup] DEBUG:     |-- DriverLoad
2020-01-06 18:30:15,816 [cuckoo.core.startup] DEBUG:     |-- DropBox
2020-01-06 18:30:15,816 [cuckoo.core.startup] DEBUG:     |-- Dropper
2020-01-06 18:30:15,816 [cuckoo.core.startup] DEBUG:     |-- Dyreza
2020-01-06 18:30:15,816 [cuckoo.core.startup] DEBUG:     |-- EclipseMutexes
2020-01-06 18:30:15,816 [cuckoo.core.startup] DEBUG:     |-- Emotet
2020-01-06 18:30:15,816 [cuckoo.core.startup] DEBUG:     |-- Emotet_APIs
2020-01-06 18:30:15,816 [cuckoo.core.startup] DEBUG:     |-- Evilbot
2020-01-06 18:30:15,816 [cuckoo.core.startup] DEBUG:     |-- ExcelDataLinks
2020-01-06 18:30:15,817 [cuckoo.core.startup] DEBUG:     |-- ExeAppData
2020-01-06 18:30:15,817 [cuckoo.core.startup] DEBUG:     |-- ExecBitsAdmin
2020-01-06 18:30:15,817 [cuckoo.core.startup] DEBUG:     |-- ExecWaitFor
2020-01-06 18:30:15,817 [cuckoo.core.startup] DEBUG:     |-- exp_3322_dom
2020-01-06 18:30:15,817 [cuckoo.core.startup] DEBUG:     |-- Expiro
2020-01-06 18:30:15,817 [cuckoo.core.startup] DEBUG:     |-- ExploitHeapspray
2020-01-06 18:30:15,817 [cuckoo.core.startup] DEBUG:     |-- ExploitKitMutexes
2020-01-06 18:30:15,817 [cuckoo.core.startup] DEBUG:     |-- FakeAVMutexes
2020-01-06 18:30:15,817 [cuckoo.core.startup] DEBUG:     |-- FakeAVMutexes
2020-01-06 18:30:15,817 [cuckoo.core.startup] DEBUG:     |-- FakeRean
2020-01-06 18:30:15,818 [cuckoo.core.startup] DEBUG:     |-- FarFli
2020-01-06 18:30:15,818 [cuckoo.core.startup] DEBUG:     |-- FesberMutexes
2020-01-06 18:30:15,818 [cuckoo.core.startup] DEBUG:     |-- Fingerprint
2020-01-06 18:30:15,818 [cuckoo.core.startup] DEBUG:     |-- Flame
2020-01-06 18:30:15,818 [cuckoo.core.startup] DEBUG:     |-- Flystudio
2020-01-06 18:30:15,818 [cuckoo.core.startup] DEBUG:     |-- FortinetDetectFiles
2020-01-06 18:30:15,818 [cuckoo.core.startup] DEBUG:     |-- FTPStealer
2020-01-06 18:30:15,818 [cuckoo.core.startup] DEBUG:     |-- Fynloski
2020-01-06 18:30:15,818 [cuckoo.core.startup] DEBUG:     |-- Gaelicum
2020-01-06 18:30:15,818 [cuckoo.core.startup] DEBUG:     |-- Ghostbot
2020-01-06 18:30:15,818 [cuckoo.core.startup] DEBUG:     |-- HasAuthenticode
2020-01-06 18:30:15,819 [cuckoo.core.startup] DEBUG:     |-- HasOfficeEps
2020-01-06 18:30:15,819 [cuckoo.core.startup] DEBUG:     |-- HasPdb
2020-01-06 18:30:15,819 [cuckoo.core.startup] DEBUG:     |-- HasWMI
2020-01-06 18:30:15,819 [cuckoo.core.startup] DEBUG:     |-- Hesperbot
2020-01-06 18:30:15,819 [cuckoo.core.startup] DEBUG:     |-- Hidden_Window
2020-01-06 18:30:15,819 [cuckoo.core.startup] DEBUG:     |-- Hikit
2020-01-06 18:30:15,819 [cuckoo.core.startup] DEBUG:     |-- HookMouse
2020-01-06 18:30:15,819 [cuckoo.core.startup] DEBUG:     |-- Hupigon
2020-01-06 18:30:15,819 [cuckoo.core.startup] DEBUG:     |-- HyperVDetectKeys
2020-01-06 18:30:15,820 [cuckoo.core.startup] DEBUG:     |-- IcePoint
2020-01-06 18:30:15,820 [cuckoo.core.startup] DEBUG:     |-- im_btb
2020-01-06 18:30:15,820 [cuckoo.core.startup] DEBUG:     |-- im_qq
2020-01-06 18:30:15,820 [cuckoo.core.startup] DEBUG:     |-- IMStealer
2020-01-06 18:30:15,820 [cuckoo.core.startup] DEBUG:     |-- InceptionAPT
2020-01-06 18:30:15,820 [cuckoo.core.startup] DEBUG:     |-- Infinity
2020-01-06 18:30:15,820 [cuckoo.core.startup] DEBUG:     |-- InfoStealerClipboard
2020-01-06 18:30:15,820 [cuckoo.core.startup] DEBUG:     |-- InjectionCreateRemoteThread
2020-01-06 18:30:15,820 [cuckoo.core.startup] DEBUG:     |-- InjectionExplorer
2020-01-06 18:30:15,820 [cuckoo.core.startup] DEBUG:     |-- InjectionModifiesMemory
2020-01-06 18:30:15,821 [cuckoo.core.startup] DEBUG:     |-- InjectionNetworkTraffic
2020-01-06 18:30:15,821 [cuckoo.core.startup] DEBUG:     |-- InjectionProcessSearch
2020-01-06 18:30:15,821 [cuckoo.core.startup] DEBUG:     |-- InjectionQueueApcThread
2020-01-06 18:30:15,821 [cuckoo.core.startup] DEBUG:     |-- InjectionRunPE
2020-01-06 18:30:15,821 [cuckoo.core.startup] DEBUG:     |-- InjectionWriteMemory
2020-01-06 18:30:15,821 [cuckoo.core.startup] DEBUG:     |-- InjectionWriteMemoryEXE
2020-01-06 18:30:15,821 [cuckoo.core.startup] DEBUG:     |-- InstalledApps
2020-01-06 18:30:15,821 [cuckoo.core.startup] DEBUG:     |-- InstallsAppInit
2020-01-06 18:30:15,821 [cuckoo.core.startup] DEBUG:     |-- InstallsBHO
2020-01-06 18:30:15,822 [cuckoo.core.startup] DEBUG:     |-- InstallsWinpcap
2020-01-06 18:30:15,822 [cuckoo.core.startup] DEBUG:     |-- IPKillerMutexes
2020-01-06 18:30:15,822 [cuckoo.core.startup] DEBUG:     |-- Ircbrute
2020-01-06 18:30:15,822 [cuckoo.core.startup] DEBUG:     |-- ISRstealerURL
2020-01-06 18:30:15,822 [cuckoo.core.startup] DEBUG:     |-- iStealerURL
2020-01-06 18:30:15,822 [cuckoo.core.startup] DEBUG:     |-- JackPOSFile
2020-01-06 18:30:15,822 [cuckoo.core.startup] DEBUG:     |-- JackposURL
2020-01-06 18:30:15,822 [cuckoo.core.startup] DEBUG:     |-- JavaScriptCommandline
2020-01-06 18:30:15,822 [cuckoo.core.startup] DEBUG:     |-- JeefoMutexes
2020-01-06 18:30:15,823 [cuckoo.core.startup] DEBUG:     |-- Jewdo
2020-01-06 18:30:15,823 [cuckoo.core.startup] DEBUG:     |-- JintorMutexes
2020-01-06 18:30:15,823 [cuckoo.core.startup] DEBUG:     |-- JorikTrojan
2020-01-06 18:30:15,823 [cuckoo.core.startup] DEBUG:     |-- Karagany
2020-01-06 18:30:15,823 [cuckoo.core.startup] DEBUG:     |-- Karakum
2020-01-06 18:30:15,823 [cuckoo.core.startup] DEBUG:     |-- Katusha
2020-01-06 18:30:15,823 [cuckoo.core.startup] DEBUG:     |-- KelihosBot
2020-01-06 18:30:15,823 [cuckoo.core.startup] DEBUG:     |-- Keylogger
2020-01-06 18:30:15,823 [cuckoo.core.startup] DEBUG:     |-- Kilim
2020-01-06 18:30:15,824 [cuckoo.core.startup] DEBUG:     |-- Killdisk
2020-01-06 18:30:15,824 [cuckoo.core.startup] DEBUG:     |-- KnownVirustotal
2020-01-06 18:30:15,824 [cuckoo.core.startup] DEBUG:     |-- Koobface
2020-01-06 18:30:15,824 [cuckoo.core.startup] DEBUG:     |-- Koutodoor
2020-01-06 18:30:15,824 [cuckoo.core.startup] DEBUG:     |-- KovterBot
2020-01-06 18:30:15,824 [cuckoo.core.startup] DEBUG:     |-- KrepperMutexes
2020-01-06 18:30:15,824 [cuckoo.core.startup] DEBUG:     |-- KuluozMutexes
2020-01-06 18:30:15,824 [cuckoo.core.startup] DEBUG:     |-- Likseput
2020-01-06 18:30:15,824 [cuckoo.core.startup] DEBUG:     |-- LocatesBrowser
2020-01-06 18:30:15,824 [cuckoo.core.startup] DEBUG:     |-- LocatesSniffer
2020-01-06 18:30:15,825 [cuckoo.core.startup] DEBUG:     |-- Lockscreen
2020-01-06 18:30:15,825 [cuckoo.core.startup] DEBUG:     |-- LolBot
2020-01-06 18:30:15,825 [cuckoo.core.startup] DEBUG:     |-- Luder
2020-01-06 18:30:15,825 [cuckoo.core.startup] DEBUG:     |-- Madness
2020-01-06 18:30:15,825 [cuckoo.core.startup] DEBUG:     |-- Madness
2020-01-06 18:30:15,825 [cuckoo.core.startup] DEBUG:     |-- MadnessURL
2020-01-06 18:30:15,825 [cuckoo.core.startup] DEBUG:     |-- MaganiaMutexes
2020-01-06 18:30:15,825 [cuckoo.core.startup] DEBUG:     |-- MailStealer
2020-01-06 18:30:15,825 [cuckoo.core.startup] DEBUG:     |-- MaliciousDocumentURLs
2020-01-06 18:30:15,826 [cuckoo.core.startup] DEBUG:     |-- MartianCommandProcess
2020-01-06 18:30:15,826 [cuckoo.core.startup] DEBUG:     |-- MegaUpload
2020-01-06 18:30:15,826 [cuckoo.core.startup] DEBUG:     |-- MemoryAvailable
2020-01-06 18:30:15,826 [cuckoo.core.startup] DEBUG:     |-- MemoryProtectionRX
2020-01-06 18:30:15,826 [cuckoo.core.startup] DEBUG:     |-- MetasploitShellcode
2020-01-06 18:30:15,826 [cuckoo.core.startup] DEBUG:     |-- Minerbot
2020-01-06 18:30:15,826 [cuckoo.core.startup] DEBUG:     |-- miningpool
2020-01-06 18:30:15,826 [cuckoo.core.startup] DEBUG:     |-- MircFile
2020-01-06 18:30:15,826 [cuckoo.core.startup] DEBUG:     |-- ModifiesBootConfig
2020-01-06 18:30:15,827 [cuckoo.core.startup] DEBUG:     |-- ModifiesCertificates
2020-01-06 18:30:15,827 [cuckoo.core.startup] DEBUG:     |-- ModifiesDesktopWallpaper
2020-01-06 18:30:15,827 [cuckoo.core.startup] DEBUG:     |-- ModifiesFirefoxConfiguration
2020-01-06 18:30:15,827 [cuckoo.core.startup] DEBUG:     |-- ModifiesProxyAutoConfig
2020-01-06 18:30:15,827 [cuckoo.core.startup] DEBUG:     |-- ModifiesProxyOverride
2020-01-06 18:30:15,827 [cuckoo.core.startup] DEBUG:     |-- ModifiesProxyWPAD
2020-01-06 18:30:15,827 [cuckoo.core.startup] DEBUG:     |-- ModifiesUACNotify
2020-01-06 18:30:15,827 [cuckoo.core.startup] DEBUG:     |-- ModifySecurityCenterWarnings
2020-01-06 18:30:15,827 [cuckoo.core.startup] DEBUG:     |-- MovesSelf
2020-01-06 18:30:15,827 [cuckoo.core.startup] DEBUG:     |-- Multiple_UA
2020-01-06 18:30:15,828 [cuckoo.core.startup] DEBUG:     |-- MyBot
2020-01-06 18:30:15,828 [cuckoo.core.startup] DEBUG:     |-- Nakbot
2020-01-06 18:30:15,828 [cuckoo.core.startup] DEBUG:     |-- Napolar
2020-01-06 18:30:15,828 [cuckoo.core.startup] DEBUG:     |-- Nebuler
2020-01-06 18:30:15,828 [cuckoo.core.startup] DEBUG:     |-- Netobserve
2020-01-06 18:30:15,828 [cuckoo.core.startup] DEBUG:     |-- Netshadow
2020-01-06 18:30:15,828 [cuckoo.core.startup] DEBUG:     |-- Netwire
2020-01-06 18:30:15,828 [cuckoo.core.startup] DEBUG:     |-- NetworkAdapters
2020-01-06 18:30:15,828 [cuckoo.core.startup] DEBUG:     |-- NetworkDocumentFile
2020-01-06 18:30:15,829 [cuckoo.core.startup] DEBUG:     |-- NetworkEXE
2020-01-06 18:30:15,829 [cuckoo.core.startup] DEBUG:     |-- Nitol
2020-01-06 18:30:15,829 [cuckoo.core.startup] DEBUG:     |-- NjRat
2020-01-06 18:30:15,829 [cuckoo.core.startup] DEBUG:     |-- NtSetContextThreadRemote
2020-01-06 18:30:15,829 [cuckoo.core.startup] DEBUG:     |-- Nymaim_APIs
2020-01-06 18:30:15,829 [cuckoo.core.startup] DEBUG:     |-- ObfusMutexes
2020-01-06 18:30:15,829 [cuckoo.core.startup] DEBUG:     |-- OfficeCheckName
2020-01-06 18:30:15,829 [cuckoo.core.startup] DEBUG:     |-- OfficeCheckProjectName
2020-01-06 18:30:15,829 [cuckoo.core.startup] DEBUG:     |-- OfficeCheckVersion
2020-01-06 18:30:15,829 [cuckoo.core.startup] DEBUG:     |-- OfficeCheckWindow
2020-01-06 18:30:15,830 [cuckoo.core.startup] DEBUG:     |-- OfficeCountDirectories
2020-01-06 18:30:15,830 [cuckoo.core.startup] DEBUG:     |-- OfficeCreateObject
2020-01-06 18:30:15,830 [cuckoo.core.startup] DEBUG:     |-- OfficeDDE
2020-01-06 18:30:15,830 [cuckoo.core.startup] DEBUG:     |-- OfficeEpsStrings
2020-01-06 18:30:15,830 [cuckoo.core.startup] DEBUG:     |-- OfficeHttpRequest
2020-01-06 18:30:15,830 [cuckoo.core.startup] DEBUG:     |-- OfficeIndirectCall
2020-01-06 18:30:15,830 [cuckoo.core.startup] DEBUG:     |-- OfficePackager
2020-01-06 18:30:15,830 [cuckoo.core.startup] DEBUG:     |-- OfficePlatformDetect
2020-01-06 18:30:15,830 [cuckoo.core.startup] DEBUG:     |-- OfficeRecentFiles
2020-01-06 18:30:15,831 [cuckoo.core.startup] DEBUG:     |-- OfficeVulnerableGuid
2020-01-06 18:30:15,831 [cuckoo.core.startup] DEBUG:     |-- OfficeVulnModules
2020-01-06 18:30:15,831 [cuckoo.core.startup] DEBUG:     |-- Oldrea
2020-01-06 18:30:15,831 [cuckoo.core.startup] DEBUG:     |-- PackerEntropy
2020-01-06 18:30:15,831 [cuckoo.core.startup] DEBUG:     |-- Palevo
2020-01-06 18:30:15,831 [cuckoo.core.startup] DEBUG:     |-- ParallelsDetectKeys
2020-01-06 18:30:15,831 [cuckoo.core.startup] DEBUG:     |-- ParallelsDetectWindow
2020-01-06 18:30:15,831 [cuckoo.core.startup] DEBUG:     |-- Pasta
2020-01-06 18:30:15,831 [cuckoo.core.startup] DEBUG:     |-- PcClientMutexes
2020-01-06 18:30:15,831 [cuckoo.core.startup] DEBUG:     |-- PEFeatures
2020-01-06 18:30:15,832 [cuckoo.core.startup] DEBUG:     |-- PEIDPacker
2020-01-06 18:30:15,832 [cuckoo.core.startup] DEBUG:     |-- PerfLogger
2020-01-06 18:30:15,832 [cuckoo.core.startup] DEBUG:     |-- PersistenceBootexecute
2020-01-06 18:30:15,832 [cuckoo.core.startup] DEBUG:     |-- PersistenceRegistryEXE
2020-01-06 18:30:15,832 [cuckoo.core.startup] DEBUG:     |-- PersistenceRegistryJavaScript
2020-01-06 18:30:15,832 [cuckoo.core.startup] DEBUG:     |-- PersistenceRegistryPowershell
2020-01-06 18:30:15,832 [cuckoo.core.startup] DEBUG:     |-- PEUnknownResourceName
2020-01-06 18:30:15,832 [cuckoo.core.startup] DEBUG:     |-- Phorpiex
2020-01-06 18:30:15,832 [cuckoo.core.startup] DEBUG:     |-- Pidief
2020-01-06 18:30:15,833 [cuckoo.core.startup] DEBUG:     |-- Plugx
2020-01-06 18:30:15,833 [cuckoo.core.startup] DEBUG:     |-- Poebot
2020-01-06 18:30:15,833 [cuckoo.core.startup] DEBUG:     |-- PoisonIvy
2020-01-06 18:30:15,833 [cuckoo.core.startup] DEBUG:     |-- Polymorphic
2020-01-06 18:30:15,833 [cuckoo.core.startup] DEBUG:     |-- Ponfoy
2020-01-06 18:30:15,833 [cuckoo.core.startup] DEBUG:     |-- PonyURL
2020-01-06 18:30:15,833 [cuckoo.core.startup] DEBUG:     |-- PosCardStealerURL
2020-01-06 18:30:15,833 [cuckoo.core.startup] DEBUG:     |-- Powerfun
2020-01-06 18:30:15,833 [cuckoo.core.startup] DEBUG:     |-- PowershellBitsTransfer
2020-01-06 18:30:15,833 [cuckoo.core.startup] DEBUG:     |-- PowershellCcDns
2020-01-06 18:30:15,834 [cuckoo.core.startup] DEBUG:     |-- PowershellDdiRc4
2020-01-06 18:30:15,834 [cuckoo.core.startup] DEBUG:     |-- PowershellDFSP
2020-01-06 18:30:15,834 [cuckoo.core.startup] DEBUG:     |-- PowershellDI
2020-01-06 18:30:15,834 [cuckoo.core.startup] DEBUG:     |-- PowershellDownload
2020-01-06 18:30:15,834 [cuckoo.core.startup] DEBUG:     |-- PowershellEmpire
2020-01-06 18:30:15,834 [cuckoo.core.startup] DEBUG:     |-- PowershellMeterpreter
2020-01-06 18:30:15,834 [cuckoo.core.startup] DEBUG:     |-- PowershellRegAdd
2020-01-06 18:30:15,834 [cuckoo.core.startup] DEBUG:     |-- PowershellRequest
2020-01-06 18:30:15,834 [cuckoo.core.startup] DEBUG:     |-- PowershellUnicorn
2020-01-06 18:30:15,835 [cuckoo.core.startup] DEBUG:     |-- Powerworm
2020-01-06 18:30:15,835 [cuckoo.core.startup] DEBUG:     |-- Prinimalka
2020-01-06 18:30:15,835 [cuckoo.core.startup] DEBUG:     |-- PrivilegeLUIDCheck
2020-01-06 18:30:15,835 [cuckoo.core.startup] DEBUG:     |-- ProcessInterest
2020-01-06 18:30:15,835 [cuckoo.core.startup] DEBUG:     |-- ProcessMartian
2020-01-06 18:30:15,835 [cuckoo.core.startup] DEBUG:     |-- ProcessNeeded
2020-01-06 18:30:15,835 [cuckoo.core.startup] DEBUG:     |-- ProcMemDumpIPURLs
2020-01-06 18:30:15,835 [cuckoo.core.startup] DEBUG:     |-- ProcMemDumpTorURLs
2020-01-06 18:30:15,835 [cuckoo.core.startup] DEBUG:     |-- ProcMemDumpURLs
2020-01-06 18:30:15,836 [cuckoo.core.startup] DEBUG:     |-- ProcMemDumpYara
2020-01-06 18:30:15,836 [cuckoo.core.startup] DEBUG:     |-- Psyokym
2020-01-06 18:30:15,836 [cuckoo.core.startup] DEBUG:     |-- PuceMutexes
2020-01-06 18:30:15,836 [cuckoo.core.startup] DEBUG:     |-- PutterpandaMutexes
2020-01-06 18:30:15,836 [cuckoo.core.startup] DEBUG:     |-- Putty
2020-01-06 18:30:15,836 [cuckoo.core.startup] DEBUG:     |-- PWDumpFile
2020-01-06 18:30:15,836 [cuckoo.core.startup] DEBUG:     |-- Pykse
2020-01-06 18:30:15,836 [cuckoo.core.startup] DEBUG:     |-- Qakbot
2020-01-06 18:30:15,836 [cuckoo.core.startup] DEBUG:     |-- QueriesInstalledApps
2020-01-06 18:30:15,837 [cuckoo.core.startup] DEBUG:     |-- Ragebot
2020-01-06 18:30:15,837 [cuckoo.core.startup] DEBUG:     |-- RaisesException
2020-01-06 18:30:15,837 [cuckoo.core.startup] DEBUG:     |-- Ramnit
2020-01-06 18:30:15,837 [cuckoo.core.startup] DEBUG:     |-- RamsomwareFileMoves
2020-01-06 18:30:15,837 [cuckoo.core.startup] DEBUG:     |-- ransomware_viruscoder
2020-01-06 18:30:15,837 [cuckoo.core.startup] DEBUG:     |-- RansomwareAppendsExtension
2020-01-06 18:30:15,837 [cuckoo.core.startup] DEBUG:     |-- RansomwareBcdedit
2020-01-06 18:30:15,837 [cuckoo.core.startup] DEBUG:     |-- RansomwareDroppedFiles
2020-01-06 18:30:15,837 [cuckoo.core.startup] DEBUG:     |-- RansomwareExtensions
2020-01-06 18:30:15,837 [cuckoo.core.startup] DEBUG:     |-- RansomwareFiles
2020-01-06 18:30:15,838 [cuckoo.core.startup] DEBUG:     |-- RansomwareMassFileDelete
2020-01-06 18:30:15,838 [cuckoo.core.startup] DEBUG:     |-- RansomwareMessage
2020-01-06 18:30:15,838 [cuckoo.core.startup] DEBUG:     |-- RansomwareMessageOCR
2020-01-06 18:30:15,838 [cuckoo.core.startup] DEBUG:     |-- RansomwareRecyclebin
2020-01-06 18:30:15,838 [cuckoo.core.startup] DEBUG:     |-- RansomwareShadowcopy
2020-01-06 18:30:15,838 [cuckoo.core.startup] DEBUG:     |-- RansomwareWbadmin
2020-01-06 18:30:15,838 [cuckoo.core.startup] DEBUG:     |-- RapidShare
2020-01-06 18:30:15,838 [cuckoo.core.startup] DEBUG:     |-- rat_fexel_ip
2020-01-06 18:30:15,838 [cuckoo.core.startup] DEBUG:     |-- rat_naid_ip
2020-01-06 18:30:15,839 [cuckoo.core.startup] DEBUG:     |-- RatSiggen
2020-01-06 18:30:15,839 [cuckoo.core.startup] DEBUG:     |-- RBot
2020-01-06 18:30:15,839 [cuckoo.core.startup] DEBUG:     |-- RdpMutexes
2020-01-06 18:30:15,839 [cuckoo.core.startup] DEBUG:     |-- ReadsUserAgent
2020-01-06 18:30:15,839 [cuckoo.core.startup] DEBUG:     |-- Recon_Beacon
2020-01-06 18:30:15,839 [cuckoo.core.startup] DEBUG:     |-- RemovesZoneIdADS
2020-01-06 18:30:15,839 [cuckoo.core.startup] DEBUG:     |-- Renocide
2020-01-06 18:30:15,839 [cuckoo.core.startup] DEBUG:     |-- RenosTrojan
2020-01-06 18:30:15,839 [cuckoo.core.startup] DEBUG:     |-- ResumeThread
2020-01-06 18:30:15,840 [cuckoo.core.startup] DEBUG:     |-- Rovnix
2020-01-06 18:30:15,840 [cuckoo.core.startup] DEBUG:     |-- RTFCharacterSet
2020-01-06 18:30:15,840 [cuckoo.core.startup] DEBUG:     |-- RTFUnknownVersion
2020-01-06 18:30:15,840 [cuckoo.core.startup] DEBUG:     |-- Runbu
2020-01-06 18:30:15,840 [cuckoo.core.startup] DEBUG:     |-- RunouceMutexes
2020-01-06 18:30:15,840 [cuckoo.core.startup] DEBUG:     |-- Ruskill
2020-01-06 18:30:15,840 [cuckoo.core.startup] DEBUG:     |-- Sadbot
2020-01-06 18:30:15,840 [cuckoo.core.startup] DEBUG:     |-- SandboxieDetect
2020-01-06 18:30:15,840 [cuckoo.core.startup] DEBUG:     |-- SandboxJoeAnubisDetectFiles
2020-01-06 18:30:15,840 [cuckoo.core.startup] DEBUG:     |-- SDBot
2020-01-06 18:30:15,841 [cuckoo.core.startup] DEBUG:     |-- SelfDeleteBat
2020-01-06 18:30:15,841 [cuckoo.core.startup] DEBUG:     |-- Senna
2020-01-06 18:30:15,841 [cuckoo.core.startup] DEBUG:     |-- Shadowbot
2020-01-06 18:30:15,841 [cuckoo.core.startup] DEBUG:     |-- SharingRGhost
2020-01-06 18:30:15,841 [cuckoo.core.startup] DEBUG:     |-- SharpStealerURL
2020-01-06 18:30:15,841 [cuckoo.core.startup] DEBUG:     |-- ShellcodeWriteProcessMemory
2020-01-06 18:30:15,841 [cuckoo.core.startup] DEBUG:     |-- Shiz
2020-01-06 18:30:15,841 [cuckoo.core.startup] DEBUG:     |-- Shylock
2020-01-06 18:30:15,841 [cuckoo.core.startup] DEBUG:     |-- SipStun
2020-01-06 18:30:15,842 [cuckoo.core.startup] DEBUG:     |-- Smtp_GMail
2020-01-06 18:30:15,842 [cuckoo.core.startup] DEBUG:     |-- Smtp_Live
2020-01-06 18:30:15,842 [cuckoo.core.startup] DEBUG:     |-- Smtp_Mail_Ru
2020-01-06 18:30:15,842 [cuckoo.core.startup] DEBUG:     |-- Smtp_Yahoo
2020-01-06 18:30:15,842 [cuckoo.core.startup] DEBUG:     |-- SolarURL
2020-01-06 18:30:15,842 [cuckoo.core.startup] DEBUG:     |-- SpyEyeMutexes
2020-01-06 18:30:15,842 [cuckoo.core.startup] DEBUG:     |-- SpyeyeURL
2020-01-06 18:30:15,842 [cuckoo.core.startup] DEBUG:     |-- SpynetRat
2020-01-06 18:30:15,842 [cuckoo.core.startup] DEBUG:     |-- Spyrecorder
2020-01-06 18:30:15,842 [cuckoo.core.startup] DEBUG:     |-- StackPivot
2020-01-06 18:30:15,843 [cuckoo.core.startup] DEBUG:     |-- StackPivotShellcodeAPIs
2020-01-06 18:30:15,843 [cuckoo.core.startup] DEBUG:     |-- StackPivotShellcodeCreateProcess
2020-01-06 18:30:15,843 [cuckoo.core.startup] DEBUG:     |-- Staser
2020-01-06 18:30:15,843 [cuckoo.core.startup] DEBUG:     |-- StealthChildProc
2020-01-06 18:30:15,843 [cuckoo.core.startup] DEBUG:     |-- StealthHiddenExtension
2020-01-06 18:30:15,843 [cuckoo.core.startup] DEBUG:     |-- StealthHiddenFile
2020-01-06 18:30:15,843 [cuckoo.core.startup] DEBUG:     |-- StealthHiddenIcons
2020-01-06 18:30:15,843 [cuckoo.core.startup] DEBUG:     |-- StealthHideNotifications
2020-01-06 18:30:15,843 [cuckoo.core.startup] DEBUG:     |-- StealthSystemProcName
2020-01-06 18:30:15,844 [cuckoo.core.startup] DEBUG:     |-- StopsService
2020-01-06 18:30:15,844 [cuckoo.core.startup] DEBUG:     |-- SunbeltDetectFiles
2020-01-06 18:30:15,844 [cuckoo.core.startup] DEBUG:     |-- SunBeltSandboxDetect
2020-01-06 18:30:15,844 [cuckoo.core.startup] DEBUG:     |-- SuspiciousCommandTools
2020-01-06 18:30:15,844 [cuckoo.core.startup] DEBUG:     |-- SuspiciousPowershell
2020-01-06 18:30:15,844 [cuckoo.core.startup] DEBUG:     |-- SuspiciousWriteEXE
2020-01-06 18:30:15,844 [cuckoo.core.startup] DEBUG:     |-- SweetorangeMutexes
2020-01-06 18:30:15,844 [cuckoo.core.startup] DEBUG:     |-- Swrort
2020-01-06 18:30:15,844 [cuckoo.core.startup] DEBUG:     |-- SysInternalsToolsUsage
2020-01-06 18:30:15,844 [cuckoo.core.startup] DEBUG:     |-- SystemInfo
2020-01-06 18:30:15,845 [cuckoo.core.startup] DEBUG:     |-- SystemMetrics
2020-01-06 18:30:15,845 [cuckoo.core.startup] DEBUG:     |-- TapiDpMutexes
2020-01-06 18:30:15,845 [cuckoo.core.startup] DEBUG:     |-- TDSSBackdoor
2020-01-06 18:30:15,845 [cuckoo.core.startup] DEBUG:     |-- TeamviewerRat
2020-01-06 18:30:15,845 [cuckoo.core.startup] DEBUG:     |-- TerminatesRemoteProcess
2020-01-06 18:30:15,845 [cuckoo.core.startup] DEBUG:     |-- ThreatTrackDetectFiles
2020-01-06 18:30:15,845 [cuckoo.core.startup] DEBUG:     |-- TinbaMutexes
2020-01-06 18:30:15,845 [cuckoo.core.startup] DEBUG:     |-- TnegaMutexes
2020-01-06 18:30:15,845 [cuckoo.core.startup] DEBUG:     |-- Tor
2020-01-06 18:30:15,846 [cuckoo.core.startup] DEBUG:     |-- TorHiddenService
2020-01-06 18:30:15,846 [cuckoo.core.startup] DEBUG:     |-- Travnet
2020-01-06 18:30:15,846 [cuckoo.core.startup] DEBUG:     |-- Trogbot
2020-01-06 18:30:15,846 [cuckoo.core.startup] DEBUG:     |-- TrojanJorik
2020-01-06 18:30:15,846 [cuckoo.core.startup] DEBUG:     |-- TrojanLethic
2020-01-06 18:30:15,846 [cuckoo.core.startup] DEBUG:     |-- TrojanLethic
2020-01-06 18:30:15,846 [cuckoo.core.startup] DEBUG:     |-- trojanmrblack
2020-01-06 18:30:15,846 [cuckoo.core.startup] DEBUG:     |-- TrojanRedosru
2020-01-06 18:30:15,846 [cuckoo.core.startup] DEBUG:     |-- TrojanSysn
2020-01-06 18:30:15,847 [cuckoo.core.startup] DEBUG:     |-- trojanyoddos
2020-01-06 18:30:15,847 [cuckoo.core.startup] DEBUG:     |-- TufikMutexes
2020-01-06 18:30:15,847 [cuckoo.core.startup] DEBUG:     |-- Turkojan
2020-01-06 18:30:15,847 [cuckoo.core.startup] DEBUG:     |-- TurlaCarbon
2020-01-06 18:30:15,847 [cuckoo.core.startup] DEBUG:     |-- UFRStealer
2020-01-06 18:30:15,847 [cuckoo.core.startup] DEBUG:     |-- Unhook
2020-01-06 18:30:15,847 [cuckoo.core.startup] DEBUG:     |-- Upatre
2020-01-06 18:30:15,847 [cuckoo.core.startup] DEBUG:     |-- UpatreTDMutexes
2020-01-06 18:30:15,847 [cuckoo.core.startup] DEBUG:     |-- UPXCompressed
2020-01-06 18:30:15,847 [cuckoo.core.startup] DEBUG:     |-- UrkShortCN
2020-01-06 18:30:15,848 [cuckoo.core.startup] DEBUG:     |-- URLFile
2020-01-06 18:30:15,848 [cuckoo.core.startup] DEBUG:     |-- URLSpy
2020-01-06 18:30:15,848 [cuckoo.core.startup] DEBUG:     |-- UroburosFile
2020-01-06 18:30:15,848 [cuckoo.core.startup] DEBUG:     |-- UroburosMutexes
2020-01-06 18:30:15,848 [cuckoo.core.startup] DEBUG:     |-- Urxbot
2020-01-06 18:30:15,848 [cuckoo.core.startup] DEBUG:     |-- UsesWindowsUtilities
2020-01-06 18:30:15,848 [cuckoo.core.startup] DEBUG:     |-- Vanbot
2020-01-06 18:30:15,848 [cuckoo.core.startup] DEBUG:     |-- VBInject
2020-01-06 18:30:15,848 [cuckoo.core.startup] DEBUG:     |-- VBoxDetectACPI
2020-01-06 18:30:15,849 [cuckoo.core.startup] DEBUG:     |-- VBoxDetectDevices
2020-01-06 18:30:15,849 [cuckoo.core.startup] DEBUG:     |-- VBoxDetectFiles
2020-01-06 18:30:15,849 [cuckoo.core.startup] DEBUG:     |-- VBoxDetectKeys
2020-01-06 18:30:15,849 [cuckoo.core.startup] DEBUG:     |-- VBoxDetectProvname
2020-01-06 18:30:15,849 [cuckoo.core.startup] DEBUG:     |-- VBoxDetectWindow
2020-01-06 18:30:15,849 [cuckoo.core.startup] DEBUG:     |-- Vertex
2020-01-06 18:30:15,849 [cuckoo.core.startup] DEBUG:     |-- VertexSolarURL
2020-01-06 18:30:15,849 [cuckoo.core.startup] DEBUG:     |-- VirtualPCDetect
2020-01-06 18:30:15,849 [cuckoo.core.startup] DEBUG:     |-- VirtualPCDetectWindow
2020-01-06 18:30:15,849 [cuckoo.core.startup] DEBUG:     |-- VirtualPCIllegalInstruction
2020-01-06 18:30:15,850 [cuckoo.core.startup] DEBUG:     |-- Virut
2020-01-06 18:30:15,850 [cuckoo.core.startup] DEBUG:     |-- VMFirmware
2020-01-06 18:30:15,850 [cuckoo.core.startup] DEBUG:     |-- VMPPacked
2020-01-06 18:30:15,850 [cuckoo.core.startup] DEBUG:     |-- VMWareDetectFiles
2020-01-06 18:30:15,850 [cuckoo.core.startup] DEBUG:     |-- VMWareDetectKeys
2020-01-06 18:30:15,850 [cuckoo.core.startup] DEBUG:     |-- VMwareDetectWindow
2020-01-06 18:30:15,850 [cuckoo.core.startup] DEBUG:     |-- VMWareInInstruction
2020-01-06 18:30:15,850 [cuckoo.core.startup] DEBUG:     |-- VncMutexes
2020-01-06 18:30:15,850 [cuckoo.core.startup] DEBUG:     |-- VNLoaderURL
2020-01-06 18:30:15,851 [cuckoo.core.startup] DEBUG:     |-- VolDevicetree1
2020-01-06 18:30:15,851 [cuckoo.core.startup] DEBUG:     |-- VolHandles1
2020-01-06 18:30:15,851 [cuckoo.core.startup] DEBUG:     |-- VolLdrModules1
2020-01-06 18:30:15,851 [cuckoo.core.startup] DEBUG:     |-- VolLdrModules2
2020-01-06 18:30:15,851 [cuckoo.core.startup] DEBUG:     |-- VolMalfind1
2020-01-06 18:30:15,851 [cuckoo.core.startup] DEBUG:     |-- VolModscan1
2020-01-06 18:30:15,851 [cuckoo.core.startup] DEBUG:     |-- VolSvcscan1
2020-01-06 18:30:15,851 [cuckoo.core.startup] DEBUG:     |-- VolSvcscan2
2020-01-06 18:30:15,851 [cuckoo.core.startup] DEBUG:     |-- VolSvcscan3
2020-01-06 18:30:15,852 [cuckoo.core.startup] DEBUG:     |-- VPCDetectKeys
2020-01-06 18:30:15,852 [cuckoo.core.startup] DEBUG:     |-- Wakbot
2020-01-06 18:30:15,852 [cuckoo.core.startup] DEBUG:     |-- WarbotURL
2020-01-06 18:30:15,852 [cuckoo.core.startup] DEBUG:     |-- Whimoo
2020-01-06 18:30:15,852 [cuckoo.core.startup] DEBUG:     |-- Win32ProcessCreate
2020-01-06 18:30:15,852 [cuckoo.core.startup] DEBUG:     |-- WineDetect
2020-01-06 18:30:15,852 [cuckoo.core.startup] DEBUG:     |-- WinSCP
2020-01-06 18:30:15,852 [cuckoo.core.startup] DEBUG:     |-- WinSxsBot
2020-01-06 18:30:15,852 [cuckoo.core.startup] DEBUG:     |-- WMIAntiVM
2020-01-06 18:30:15,852 [cuckoo.core.startup] DEBUG:     |-- WMIPersistance
2020-01-06 18:30:15,853 [cuckoo.core.startup] DEBUG:     |-- WMIService
2020-01-06 18:30:15,853 [cuckoo.core.startup] DEBUG:     |-- WormAllaple
2020-01-06 18:30:15,853 [cuckoo.core.startup] DEBUG:     |-- WormKolabc
2020-01-06 18:30:15,853 [cuckoo.core.startup] DEBUG:     |-- XenDetectKeys
2020-01-06 18:30:15,853 [cuckoo.core.startup] DEBUG:     |-- XtremeRAT
2020-01-06 18:30:15,853 [cuckoo.core.startup] DEBUG:     |-- Xworm
2020-01-06 18:30:15,853 [cuckoo.core.startup] DEBUG:     |-- Zegost
2020-01-06 18:30:15,853 [cuckoo.core.startup] DEBUG:     |-- ZeusMutexes
2020-01-06 18:30:15,853 [cuckoo.core.startup] DEBUG:     |-- ZeusP2P
2020-01-06 18:30:15,854 [cuckoo.core.startup] DEBUG:     |-- ZeusURL
2020-01-06 18:30:15,854 [cuckoo.core.startup] DEBUG:     `-- ZoneID
2020-01-06 18:30:15,854 [cuckoo.core.startup] DEBUG: Imported "reporting" modules:
2020-01-06 18:30:15,854 [cuckoo.core.startup] DEBUG:     |-- ElasticSearch
2020-01-06 18:30:15,854 [cuckoo.core.startup] DEBUG:     |-- Feedback
2020-01-06 18:30:15,854 [cuckoo.core.startup] DEBUG:     |-- JsonDump
2020-01-06 18:30:15,854 [cuckoo.core.startup] DEBUG:     |-- Mattermost
2020-01-06 18:30:15,854 [cuckoo.core.startup] DEBUG:     |-- MISP
2020-01-06 18:30:15,854 [cuckoo.core.startup] DEBUG:     |-- Moloch
2020-01-06 18:30:15,854 [cuckoo.core.startup] DEBUG:     |-- MongoDB
2020-01-06 18:30:15,855 [cuckoo.core.startup] DEBUG:     |-- Notification
2020-01-06 18:30:15,855 [cuckoo.core.startup] DEBUG:     `-- SingleFile
2020-01-06 18:30:15,863 [cuckoo.core.startup] DEBUG: Checking for locked tasks..
2020-01-06 18:30:15,871 [cuckoo.core.startup] DEBUG: Checking for pending service tasks..
2020-01-06 18:30:15,875 [cuckoo.core.startup] DEBUG: Initializing Yara...
2020-01-06 18:30:15,878 [cuckoo.core.startup] DEBUG:     |-- binaries embedded.yar
2020-01-06 18:30:15,878 [cuckoo.core.startup] DEBUG:     |-- binaries filetypes.yar
2020-01-06 18:30:15,878 [cuckoo.core.startup] DEBUG:     |-- binaries shellcodes.yar
2020-01-06 18:30:15,878 [cuckoo.core.startup] DEBUG:     |-- binaries vmdetect.yar
2020-01-06 18:30:15,881 [cuckoo.core.startup] DEBUG:     |-- scripts applocker_bypass.yar
2020-01-06 18:30:15,881 [cuckoo.core.startup] DEBUG:     |-- scripts powerfun.yar
2020-01-06 18:30:15,881 [cuckoo.core.startup] DEBUG:     |-- scripts powershell_AMSI.yar
2020-01-06 18:30:15,882 [cuckoo.core.startup] DEBUG:     |-- scripts powershell_BITS_transfer.yar
2020-01-06 18:30:15,882 [cuckoo.core.startup] DEBUG:     |-- scripts powershell_ddi_rc4.yar
2020-01-06 18:30:15,882 [cuckoo.core.startup] DEBUG:     |-- scripts powershell_dfsp.yar
2020-01-06 18:30:15,882 [cuckoo.core.startup] DEBUG:     |-- scripts powershell_di.yar
2020-01-06 18:30:15,882 [cuckoo.core.startup] DEBUG:     |-- scripts powershell_empire.yar
2020-01-06 18:30:15,882 [cuckoo.core.startup] DEBUG:     |-- scripts powershell_meterpreter.yar
2020-01-06 18:30:15,882 [cuckoo.core.startup] DEBUG:     |-- scripts powershell_txt_c2.yar
2020-01-06 18:30:15,882 [cuckoo.core.startup] DEBUG:     |-- scripts powershell_unicorn.yar
2020-01-06 18:30:15,882 [cuckoo.core.startup] DEBUG:     |-- scripts powerworm.yar
2020-01-06 18:30:15,883 [cuckoo.core.startup] DEBUG:     |-- shellcode metasploit.yar
2020-01-06 18:30:15,884 [cuckoo.core.startup] DEBUG:     |-- office dde.yar
2020-01-06 18:30:15,884 [cuckoo.core.startup] DEBUG:     |-- office ole.yar
2020-01-06 18:30:15,920 [cuckoo.core.scheduler] INFO: Using "vsphere" as machine manager
2020-01-06 18:30:15,968 [cuckoo.machinery.vsphere] WARNING: Turning off SSL certificate verification!
2020-01-06 18:30:16,552 [cuckoo] CRITICAL: CuckooCriticalError: Couldn't connect to vSphere host: 'NoneType' object has no attribute 'rootSnapshotList'
samuelkneppel commented 4 years ago

So, I am revisiting trying to get this sandbox up and running.

Would anyone be able to point me in the right direction as to what my issue could be?

samuelkneppel commented 4 years ago

FWIW, a user on the Slack channel helped me figure out how to get this to work.

After taking a look at his vsphere.py file, I replaced this code:

try:
    from pyVim.connect import SmartConnection
    HAVE_PYVMOMI = True
except ImportError:
    HAVE_PYVMOMI = False

log = logging.getLogger(__name__)
logging.getLogger("requests").setLevel(logging.WARNING)

with the following code:

try:
    from pyVim.connect import SmartConnection as SC, SmartConnectNoSSL
    HAVE_PYVMOMI = True
except ImportError:
    HAVE_PYVMOMI = False

log = logging.getLogger(__name__)
logging.getLogger("requests").setLevel(logging.WARNING)

try:
    class SmartConnection(SC):
        def __enter__(self, *args, **kwargs):
            self.si = SmartConnectNoSSL(*self.args, **self.kwargs)
            return self.si
except:
    HAVE_PYVMOMI = False

Once I changed this, I did not receive the error again.