Summary

In this chapter, you have learned how to submit malware samples to Cuckoo Sandbox. This chapter also described multiple examples of the submission of malicious files that consist of MS Office documents, PDF files, binary files, and malicious URLs. In addition, this chapter also describes how to use Volatility as a memory forensic tool as part of additional tools in Cuckoo Sandbox. With volatility, you can analyze RAM dumps from 32-bit and 64-bit Windows, Linux, Mac OS, and Android systems. You just need to set up the profile before performing a memory forensic using Volatility. For example, if you want to perform memory forensics using Volatility for Windows XP, you need to change the Volatility profile using the Windows XP profile.

In ...

Get Cuckoo Malware Analysis now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.