Analyzing malwares embedded in pdf files

[arunppsg]

When a malware is embedded in a pdf file and submitted to cuckoo, cuckoo was not able to detect it. But when the same malware is submitted to cuckoo as it is, cuckoo was able to detect it successfully.

The issue is: I would like to know what part of code deals with embedded file / how embedded files are handled in cuckoo.

What I have tried so far:

• I have read the source code in the repository and the development docs. I am not able pin point this is the part of code which deals with extracting malwares in embedded files for analysis.

Any help in the relevant directions will be helpful.

[pavit939]

I had the same issue. When I tried to embed malware in a pdf file and send it to cuckoo, it was unable to detect the Malware. While, when the executable file was sent directly cuckoo was able to detect the Malware. Where you able to come out with the solution for this problem?

[mfc]

i can confirm this issue with Cuckoo version 2.0.7