Threat Level: green Handler on Duty: Kevin Liston

SANS ISC: Cuckoo 0.5 is out and the world didn't end - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Cuckoo 0.5 is out and the world didn't end

This one kind of slipped by unnoticed over the holidays, but Claudio & company released a new version of the Cuckoo sandbox and it has some some nice new features.  Some of the more significant ones to me are:

  • full memory dumps of the virtual machines
  • added packages for jar, java applet, and zip files
  • support for Windows 7 (yippee!!!)

Add to that lots of other improvements and bug fixes (check them out at the link below) and I can't wait to play with it myself.  This project is turning into a very nice flexible automated malware analysis tool.  If any of our readers have had a chance to try out the new version and want to share their thoughts, please let us know in the comments or via the contact form.  If I get a chance to do some serious playing with it before my next shift, I'll try to write up my experiences.  In the meantime, kudos to Claudio & company, keep up the good work.

References:

http://cuckoosandbox.org/2012-12-20-to-the-end-of-the-world.html

---------------
Jim Clausing, GIAC GSE #26
jclausing --at-- isc [dot] sans (dot) edu

Jim

400 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!