Chapter 2. Using Cuckoo Sandbox to Analyze a Sample Malware
The first chapter has explained about how to install Cuckoo Sandbox and configure the Host OS and Guest OS. In this chapter, we will cover the following topics:
- How to submit a malware sample
- How to analyze a sample of malware
- Memory forensic analysis in Cuckoo Sandbox
First, we must go to the root directory of the previously extracted Cuckoo. This time, the root directory is
We do not need to start VirtualBox to run the Guest OS (in this case, the guest OS is Windows XP SP3) in order to receive the malware sample. You must turn it off after configuring and installing some Windows applications mentioned before (for example, Adobe Reader, Microsoft ...