Cuckoo Sandbox - An Open Source Automated Malware Analysis System

Cuckoo Sandbox - An Open Source Automated Malware Analysis System

Cuckoo Sandbox is an open source software for automating analysis of suspicious files.

It can be used to analyse the following file types:
  • Generic Windows executables
  • DLL files
  • PDF documents
  • Microsoft Office documents
  • URLs and HTML files
  • PHP scripts
  • CPL files
  • Visual Basic (VB) scripts
  • ZIP files
  • Java JAR
  • Python files
  • Almost anything else...

It can retrieve the following type of results:
  • Traces of calls performed by all processes spawned by the malware.
  • Files being created, deleted and downloaded by the malware during its execution.
  • Memory dumps of the malware processes.
  • Network traffic trace in PCAP format.
  • Screenshots taken during the execution of the malware.
  • Full memory dumps of the machines.

Comments