Open Shersto opened 4 years ago
Hi,
This is occurring when I run a sample on a Windows7 64 bit guest everytime. Any suggestions on what the issue is?
2020-04-17 05:57:19,433 [analyzer] DEBUG: Starting analyzer from: C:\tmpomuhhr 2020-04-17 05:57:19,464 [analyzer] DEBUG: Pipe server name: \??\PIPE\FSGrOzuNdUQfgPuBXzosvXTLBpO 2020-04-17 05:57:19,464 [analyzer] DEBUG: Log pipe server name: \??\PIPE\YTEXCCMZXAsKNGax 2020-04-17 05:57:19,963 [analyzer] DEBUG: Started auxiliary module DbgView 2020-04-17 05:57:20,852 [analyzer] DEBUG: Started auxiliary module Disguise 2020-04-17 05:57:21,071 [modules.auxiliary.dumptls] WARNING: You're not running the Cuckoo Agent as Administrator. Doing so will improve your analysis results! 2020-04-17 05:57:21,071 [analyzer] DEBUG: Started auxiliary module DumpTLSMasterSecrets 2020-04-17 05:57:21,086 [analyzer] DEBUG: Started auxiliary module Human 2020-04-17 05:57:21,086 [analyzer] DEBUG: Started auxiliary module InstallCertificate 2020-04-17 05:57:21,086 [analyzer] DEBUG: Started auxiliary module Reboot 2020-04-17 05:57:21,148 [analyzer] DEBUG: Started auxiliary module RecentFiles 2020-04-17 05:57:21,148 [modules.auxiliary.screenshots] INFO: Python Image Library (either PIL or Pillow) is not installed, screenshots are disabled. 2020-04-17 05:57:21,148 [analyzer] DEBUG: Started auxiliary module Screenshots 2020-04-17 05:57:21,148 [analyzer] DEBUG: Started auxiliary module LoadZer0m0n 2020-04-17 05:57:22,006 [lib.api.process] ERROR: Failed to execute process from path u'C:\Users\analysis\AppData\Local\Temp\sample.exe' with arguments ['bin\inject-x64.exe', '--resume-thread', '--pid', '2596', '--tid', '2612', '--apc', '--dll', 'C:\tmpomuhhr\bin\monitor-x64.dll', '--config', 'c:\users\analysis\appdata\local\temp\tmp1ppy3c'] (Error: Command '['bin\inject-x64.exe', '--resume-thread', '--pid', '2596', '--tid', '2612', '--apc', '--dll', 'C:\tmpomuhhr\bin\monitor-x64.dll', '--config', 'c:\users\analysis\appdata\local\temp\tmp1ppy3c']' returned non-zero exit status 1)
export CUCKOO=/opt/cuckoo
TimelifeCzy
commented
4 years ago TimelifeCzy
commented
4 years ago
Hi,
This is occurring when I run a sample on a Windows7 64 bit guest everytime. Any suggestions on what the issue is?
2020-04-17 05:57:19,433 [analyzer] DEBUG: Starting analyzer from: C:\tmpomuhhr 2020-04-17 05:57:19,464 [analyzer] DEBUG: Pipe server name: \??\PIPE\FSGrOzuNdUQfgPuBXzosvXTLBpO 2020-04-17 05:57:19,464 [analyzer] DEBUG: Log pipe server name: \??\PIPE\YTEXCCMZXAsKNGax 2020-04-17 05:57:19,963 [analyzer] DEBUG: Started auxiliary module DbgView 2020-04-17 05:57:20,852 [analyzer] DEBUG: Started auxiliary module Disguise 2020-04-17 05:57:21,071 [modules.auxiliary.dumptls] WARNING: You're not running the Cuckoo Agent as Administrator. Doing so will improve your analysis results! 2020-04-17 05:57:21,071 [analyzer] DEBUG: Started auxiliary module DumpTLSMasterSecrets 2020-04-17 05:57:21,086 [analyzer] DEBUG: Started auxiliary module Human 2020-04-17 05:57:21,086 [analyzer] DEBUG: Started auxiliary module InstallCertificate 2020-04-17 05:57:21,086 [analyzer] DEBUG: Started auxiliary module Reboot 2020-04-17 05:57:21,148 [analyzer] DEBUG: Started auxiliary module RecentFiles 2020-04-17 05:57:21,148 [modules.auxiliary.screenshots] INFO: Python Image Library (either PIL or Pillow) is not installed, screenshots are disabled. 2020-04-17 05:57:21,148 [analyzer] DEBUG: Started auxiliary module Screenshots 2020-04-17 05:57:21,148 [analyzer] DEBUG: Started auxiliary module LoadZer0m0n 2020-04-17 05:57:22,006 [lib.api.process] ERROR: Failed to execute process from path u'C:\Users\analysis\AppData\Local\Temp\sample.exe' with arguments ['bin\inject-x64.exe', '--resume-thread', '--pid', '2596', '--tid', '2612', '--apc', '--dll', 'C:\tmpomuhhr\bin\monitor-x64.dll', '--config', 'c:\users\analysis\appdata\local\temp\tmp1ppy3c'] (Error: Command '['bin\inject-x64.exe', '--resume-thread', '--pid', '2596', '--tid', '2612', '--apc', '--dll', 'C:\tmpomuhhr\bin\monitor-x64.dll', '--config', 'c:\users\analysis\appdata\local\temp\tmp1ppy3c']' returned non-zero exit status 1)