9 Ocak 2014 Perşembe

Automated Malware Analysis Cuckoo Sandbox 1.0

Cuckoo is an open source automated malware analysis system.
It’s used to automatically run and analyze files and collect comprehensive analysis results that outline what the malware does while running inside an isolated Windows operating system.
It can retrieve the following type of results:

  • Traces of win32 API calls performed by all processes spawned by the malware.
  • Files being created, deleted and downloaded by the malware during its execution.
  • Memory dumps of the malware processes.
  • Network traffic trace in PCAP format.
  • Screenshots of Windows desktop taken during the execution of the malware.
  • Full memory dumps of the machines.
You can download Cuckoo;  http://cuckoosandbox.org/download.html 

Hiç yorum yok:

Yorum Gönder