Automating e-mail attachments with Cuckoo MX

Have you ever heard about CuckooMX? It is a project by Xavier Mertens, you can read it at http://blog.rootshell.be/2012/06/20/cuckoomx-automating-email-attachments-scanning-with-cuckoo/.

CuckooMX automatically sends all the e-mail attachments to Cuckoo Sandbox, obviously, so that it can be analyzed whether the attachments—of types such as PDF, MS Office, ZIP, or other executable files—contain malware or not.

Here is a figure that might help us get a better picture of what CuckooMX does:

Automating e-mail attachments with Cuckoo MX

In the preceding figure, we can see that CuckooMX performs these tasks:

  1. It captures the e-mail flow at MTA (Message/Mail ...

Get Cuckoo Malware Analysis now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.