Cuckoo Sandbox plugins for Malware Analysis

Bam, bam, bam - I just shot the malware down

You can try to reinvent something for Cuckoo Sandbox, or you can simply use the awesome community which provides a massive list of plugins which you can use for your private Cuckoo Sandbox lab.

Cuckoo Sandbox can be used to analyze malware samples. The Cuckoo Sandbox environment will run the malware in an isolated environment, which allows Cuckoo Sandbox to analyze the malware on behavior and connections.

The Cuckoo Sandbox allows you to gather various signatures which can be used in reports. Once you have gained unique signatures, you will be able to search them on the web to find similar or additional reports on the specified signature.

Cuckoo Sandbox uses the VirusTotal website to scan the sample for malware. The VirusTotal API will then report back to your own and private Cuckoo Sandbox environment. The report will provide insight on the antivirus hit rate.

Searching in Cuckoo Sandbox

The current Cuckoo Sandbox project does allow you to search your database for signatures, but it does not provide a clear interface on the “allowed” search queries which can be made on your private Cuckoo Sandbox environment.

Be the first to comment

Leave a Reply