spender-sandbox
commented
8 years ago Did you disable UAC as well?
Open SmartResearcherME opened 8 years ago
spender-sandbox
commented
8 years ago Did you disable UAC as well?
SmartResearcherME
commented
8 years ago Yes i disabled UAC
SmartResearcherME
commented
8 years ago @spender-sandbox Any suggestion ?
spender-sandbox
commented
8 years ago Just noticed you're using Windows 10 as the guest -- that isn't supported yet, and I haven't tested any of the code with it.
-Brad
SmartResearcherME
commented
8 years ago @spender-sandbox : Some updates at my end. I am able to successfully complete the analysis on windows 10 x86. Now my target is win10 x64. I need you guidance to port it (may be with less feature) to win 10 x64.
SmartResearcherME
commented
8 years ago @spender-sandbox I have resolved the issue. Issue was with my ISO of windows 10 x64. Updates the windows 10 x65 ISO and it resolved the issue of successful running cuckoo for me :100:
eoinmiller-sfdc
commented
8 years ago I found this issue in Windows 8 as well. Apparently if you turn off UAC through the Control Panel, it isn't all the way off with Win 8 (and possibly above). You have to set the value for the following DWORD to 0: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
Reference: http://www.mkyong.com/computer-tips/cant-create-file-in-the-c-drive-root-directory-windows-8/
Hi,
I am using cuckoo modified build from following source.
https://codeload.github.com/brad-accuvant/cuckoo-modified/zip/master
I am trying to submit sample in windows 10 x64 VM in vmware. and getting following error.
See following logs of debug:
2016-03-16 12:39:33,406 [lib.cuckoo.core.guest] DEBUG: win10: analysis not completed yet (status=2) 2016-03-16 12:39:33,771 [lib.cuckoo.core.resultserver] DEBUG: New connection from: 172.16.148.130:49504 2016-03-16 12:39:33,772 [lib.cuckoo.core.resultserver] DEBUG: LogHandler for live analysis.log initialized. 2016-03-16 12:39:34,411 [lib.cuckoo.core.guest] DEBUG: win10: analysis not completed yet (status=2) 2016-03-16 12:39:35,417 [lib.cuckoo.core.scheduler] ERROR: Analysis failed: The package "modules.packages.regsvr" start function encountered an unhandled exception: [Errno 13] Permission denied: 'C:\3648.ini' 2016-03-16 12:39:35,636 [lib.cuckoo.core.plugins] DEBUG: Stopped auxiliary module: Sniffer 2016-03-16 12:39:35,637 [lib.cuckoo.core.plugins] DEBUG: Stopped auxiliary module: Tor 2016-03-16 12:39:35,637 [modules.machinery.vmware] DEBUG: Stopping vm /media/ali/I/Imported/Windows10x64/Windows10x64.vmx
Please advise how to get rid of this error?
I also tried steps mentioned on following link http://answers.microsoft.com/en-us/windows/forum/windows_7-security/windows-7-cannot-save-files-to-c-even-after-making/938f2b50-b063-475b-8c5e-905d136df2e3?tab=question&status=AllReplies&auth=1#tabs
but issue is still facing.
I can successfully submit and analysis sample in windows 7 32 bit. But this issue is valid for win10 x64 on vmware.
-thanks