After the death of malwr.com (plain simple cuckoo sandbox without the hassle) I've switched to maldun (https://www.maldun.com/dashboard/). The only drawback it's in Chinese, but the links and css classes are pretty self-explanatory, so I've already got used to all its characters :)

Good point. I have a Cuckoo with 3 diff VMs, I can run it in there, too. I`ll wait for your thoughts.

I shall take a look and run it in Cuckoo see if anything interesting pops up. I'll report back if there is anything interesting.

Hi guys, I just want to pitch in with my little contribution. I've been trying to harden my VirtualBox 5.1.2 instance that I run under cuckoo on Debian against detections. My guest is a Win10 x64 installation. It was a huge pain in the ass and pretty much took two days of trial and error ...

... malwares (dynamic analysis) have similar behaviour (pattern). i have cuckoo sandbox and reports in malheur, json and maec formats. my question is: how can i use report ...

... sample_execution mlwr_smpl.exe C:\agent\agent.pyw C:\sandbox\starter.exe c:\ipf\BDCore_U.dll C:\cwsandbox_manager C:\cwsandbox ... Analysis C:\iDEFENSE\SysAnalyzer c:\gnu\bin C:\SandCastle\tools C:\cuckoo\dll C:\MDS\WinDump.exe C:\tsl\Raptorclient.exe C:\guest_tools\start.bat ...

Hi, I'm looking for a way to harden Cuckoo sandbox machines that are running on Ubuntu host using vbox. Is there any guide / documentation for hardening ...

Hi, I'm looking for a way to harden Cuckoo sandbox machines that are running on Ubuntu host using vbox. Is there any guide / documentation for hardening ...

Hi,

I'm looking for a way to harden Cuckoo sandbox machines that are running on Ubuntu host using vbox.
Is there any guide / documentation for hardening win7 64bit vm on VBOX installed on Linux hypervisor ?

I want to get rid from "80ee:cafe" & "80ee:beef" device ids.

Thanks,

... including bullshit. * Pafish (Paranoid fish) * Some anti(debugger/VM/sandbox) tricks used by malware for the general public. [*] Windows version: ... name ... OK [*] cpuid Intel wrong value for processor name ... OK [-] Cuckoo detection [*] Looking in the TLS for the hooks information structure ...