Chapter 2. Using Cuckoo Sandbox to Analyze a Sample Malware

The first chapter has explained about how to install Cuckoo Sandbox and configure the Host OS and Guest OS. In this chapter, we will cover the following topics:

  • How to submit a malware sample
  • How to analyze a sample of malware
  • Memory forensic analysis in Cuckoo Sandbox

Starting Cuckoo

First, we must go to the root directory of the previously extracted Cuckoo. This time, the root directory is home/user/Documents/cuckoo.

We do not need to start VirtualBox to run the Guest OS (in this case, the guest OS is Windows XP SP3) in order to receive the malware sample. You must turn it off after configuring and installing some Windows applications mentioned before (for example, Adobe Reader, Microsoft ...

Get Cuckoo Malware Analysis now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.