This is a non-IMPACT record, meaning that access to the data is not controlled by IMPACT. For access, see the directions below.

Disclaimer:
This Resource is offered and provided outside of the IMPACT mediation framework. IMPACT and the IMPACT Coordination Council/Blackfire Technology, Inc. expressly disclaim all conditions, representations and warranties including but not limited to Resource availability, quality, accuracy, non-infringement, and non-interference. All Resource information and access is controlled by entities and under terms that are external to the IMPACT legal framework.

Summary

DS-1229
cuckoo
External Tool
External Data Source
GitHub
Unknown
Unknown
55 (lowest rank is 55)

Category & Restrictions

Other
cyber attack, cyber defense, malware, forensics
Unrestricted
true

Description


Cuckoo Sandbox is an automated dynamic malware analysis system

Cuckoo Sandbox is the leading open sourceautomated malware analysis system. You can throw any suspicious file atit and in a matter of seconds Cuckoo will provide you back some detailedresults outlining what such file did when executed inside an isolatedenvironment.

Cuckoo Sandbox is free software that automated the task of analyzing any malicious file under Windows, OS X, Linux, and Android.

What can it do?

Cuckoo Sandbox is an advanced, extremely modular, and 100% open source automated malware analysis system with infinite application opportunities. By default it is able to:


      Analyze many different malicious files (executables, office documents, pdf files, emails, etc) as well as malicious websites under Windows, Linux, Mac OS X, and Android virtualized environments.
      Trace API calls and general behavior of the file and distill this into high level information and signatures comprehensible by anyone.
      Dump and analyze network traffic, even when encrypted with SSL/TLS. With native network routing support to drop all traffic or route it through InetSIM, a network interface, or a VPN.
      Perform advanced memory analysis of the infected virtualized system through Volatility as well as on a process memory granularity using YARA.


Due to Cuckoo s open source nature and extensive modular design one may customize any aspect of the analysis environment, analysis results processing, and reporting stage. Cuckoo provides you all the requirements to easily integrate the sandbox into your existing framework and backend in the way you want, with the format you want, and all of that without licensing requirements.

.

Additional Details

48.8KB
false
Unknown
network layer protocols, smartphone, memory, application programming interface, interactive media, android, communication protocol, world wide web, alphabet inc, volatility, google software, yara, open source hardware, external data source, malware analysis, data protection, telecom, cryptosystem, modular design, email, google acquisitions, website, ciphertext, malware, internet privacy, routing protocol, inferlink corporation, technical communication, network architecture, digital media, network interface, networking algorithms, cuckoo, virtual private network, exceptional memory, computer forensics, 1229