kmd wrote:do you still looking for ways of evading sandboxie from detection?Yes, always. ;)
How could you help with that?
How could you help with that?
A forum for reverse engineering, OS internals and malware analysis
How could you help with that?
Buster_BSA wrote:Another detector of sandboxie course :) if u interestedkmd wrote:do you still looking for ways of evading sandboxie from detection?Yes, always. ;)
How could you help with that?
kmd wrote:Another detector of sandboxie course :) if u interestedSure, I´m. Could you provide more details in private, please?
Released Buster Sandbox Analyzer 1.84.
Changes:
+ Added “[Custom_File_Entries]” section to BSA.DAT
+ Added a feature to extract files from PCap files in automatic mode
+ Added new malware behaviors
+ Included new malware behaviours at “Risk Evaluation Ratings”
+ GUI has been redesigned
+ Updated BSA.DAT
+ Updated LOG_API
+ Fixed several bugs
Changes:
+ Added “[Custom_File_Entries]” section to BSA.DAT
+ Added a feature to extract files from PCap files in automatic mode
+ Added new malware behaviors
+ Included new malware behaviours at “Risk Evaluation Ratings”
+ GUI has been redesigned
+ Updated BSA.DAT
+ Updated LOG_API
+ Fixed several bugs
Buster_BSA wrote:i'm a little busy this time, but in near future will take a look on your hiding methods again.kmd wrote:Another detector of sandboxie course :) if u interestedSure, I´m. Could you provide more details in private, please?
kmd wrote:i'm a little busy this time, but in near future will take a look on your hiding methods again.Nice, thank you!
Released Buster Sandbox Analyzed 1.85.
Changes:
+Added a feature to run silently setups if possible in automatic mode
+Added a feature to view malware analysis on finish in manual mode
+Added a feature to save connection information to CSV file in “Pcap Explorer” feature
+Added a feature to refresh BSA window
+Removed several program dependencies (REG.EXE, STRINGS.EXE, …)
+DAT files move to “DATA” folder
+Improved “File Strings” feature
+Updated BSA.DAT
+Updated LOG_API
+Fixed several bugs
Changes:
+Added a feature to run silently setups if possible in automatic mode
+Added a feature to view malware analysis on finish in manual mode
+Added a feature to save connection information to CSV file in “Pcap Explorer” feature
+Added a feature to refresh BSA window
+Removed several program dependencies (REG.EXE, STRINGS.EXE, …)
+DAT files move to “DATA” folder
+Improved “File Strings” feature
+Updated BSA.DAT
+Updated LOG_API
+Fixed several bugs
Released Buster Sandbox Analyzer 1.86.
Changes:
+ LOG_API completely rewritten and improved
+ Added “Use Deep Dump Method” feature
+ Added “Send a Return Every 10 seconds” feature
+ Added a feature to show all logged APIs
+ Added a feature to save connection information to HTML file in “Pcap Explorer” feature
+ Added new malware behaviors
+ Included new malware behaviours at “Risk Evaluation Ratings”
+ Updated “Process Explorer” feature
+ Updated BSA.DAT
+ Updated PeID´s USERDB.TXT
+ Updated Exeinfo´s Ext_Detector.DLL
+ Fixed several bugs
Changes:
+ LOG_API completely rewritten and improved
+ Added “Use Deep Dump Method” feature
+ Added “Send a Return Every 10 seconds” feature
+ Added a feature to show all logged APIs
+ Added a feature to save connection information to HTML file in “Pcap Explorer” feature
+ Added new malware behaviors
+ Included new malware behaviours at “Risk Evaluation Ratings”
+ Updated “Process Explorer” feature
+ Updated BSA.DAT
+ Updated PeID´s USERDB.TXT
+ Updated Exeinfo´s Ext_Detector.DLL
+ Fixed several bugs
Released Buster Sandbox Analyzer 1.87.
Changes:
+ Added new malware behaviors
+ Included new malware behaviours at “Risk Evaluation Ratings”
+ Improved “Include VirusTotal Malware Information of Dropped Files” feature
+ Updated XML and Json format schemas
+ Updated LOG_API
+ Updated BSA.DAT
+ Fixed several bugs
Changes:
+ Added new malware behaviors
+ Included new malware behaviours at “Risk Evaluation Ratings”
+ Improved “Include VirusTotal Malware Information of Dropped Files” feature
+ Updated XML and Json format schemas
+ Updated LOG_API
+ Updated BSA.DAT
+ Fixed several bugs
Released Buster Sandbox Analyzer 1.87.Bag in report
Code: Select all
* VirusTotal detections from 2013-02-13 01:40:37 UTC:
: MicroWorld-eScan
: 20130213
: nProtect
: 20130212
: CAT-QuickHeal
: 20130212
: McAfee
: 20130213
: Malwarebytes
: 20130212
Code: Select all
"GI_VIRUSTOTAL": [
{
"NAME": "",
"MALWARENAME": " MicroWorld-eScan",
},
