Cuckoo Sandbox mentions (18)

• How to analyze malicious PDF?

  You can detonate it into a VM running an instance of Cuckoo Sandbox. If you want to go the extra mile, you can dump the memory of said VM and analyse it with Volatility Framework. Also, if you want to quickly identify behavioural patterns in executable code, you can use Mandiant's CAPA tool (though idk if it works on .pdfs). Source: about 1 year ago

• "PDF".exe pwns my user, but how exactly?

  You should save a copy of the .exe, copy it into a VM running Cuckoo and get a report on exactly what the .exe does. Without this automated dissection, people are making educated guesses. They're probably right, but why not be certain? There is an online version too - https://cuckoosandbox.org. Source: about 1 year ago

• Exist a way, that can tell X file that I want to download not contain any malicious file?

  You could use a service like cuckoo to check links/files. Source: over 1 year ago

• Best practices for malware analysis and securing the environment you're testing in.

  I made my own lab in college using a series of VM's, A windows 10 machine that was packed with analysis tools, a kali listening machine (running inetsim or fakenet, I can't remember.) and I had remnux on another machine (which I ended up not really making use of, but it was there.) I used virtualbox and ran these VM's in an internal network, no internet access. Disabled all clipboard and file sharing after... Source: over 1 year ago

• Sandbox?

  Another option if you want to self-host is https://cuckoosandbox.org/ . Of note, it's currently an unmaintained project so issues may not receive support, but it is free. Source: over 1 year ago

OPSWAT mentions (0)