My next class:
LINUX Incident Response and Threat HuntingOnline | Japan Standard TimeOct 21st - Oct 26th 2024

Cuckoo 0.5 is out and the world didn't end

Published: 2013-01-08. Last Updated: 2013-01-08 02:34:56 UTC
by Jim Clausing (Version: 1)
0 comment(s)

This one kind of slipped by unnoticed over the holidays, but Claudio & company released a new version of the Cuckoo sandbox and it has some some nice new features.  Some of the more significant ones to me are:

  • full memory dumps of the virtual machines
  • added packages for jar, java applet, and zip files
  • support for Windows 7 (yippee!!!)

Add to that lots of other improvements and bug fixes (check them out at the link below) and I can't wait to play with it myself.  This project is turning into a very nice flexible automated malware analysis tool.  If any of our readers have had a chance to try out the new version and want to share their thoughts, please let us know in the comments or via the contact form.  If I get a chance to do some serious playing with it before my next shift, I'll try to write up my experiences.  In the meantime, kudos to Claudio & company, keep up the good work.

References:

http://cuckoosandbox.org/2012-12-20-to-the-end-of-the-world.html

---------------
Jim Clausing, GIAC GSE #26
jclausing --at-- isc [dot] sans (dot) edu

0 comment(s)
My next class:
LINUX Incident Response and Threat HuntingOnline | Japan Standard TimeOct 21st - Oct 26th 2024

Comments


Diary Archives