Quote:
Lately, I've been more and more interested in malware analysis... I've been gathering viruses I receive and watching how they operate inside VMs. Due to this interest I've added more blogs to my seemingly never-ending list of RSS Feeds... Today a very interesting one came across the wire. Sunbelt Software had a blog posting announcing the official launch of CWSandbox. I must say, the software looks pretty damn cool.
Essentially the malware that you submit is executed in what I'm guessing is a VM environment. The software operates by injecting itself in a manner similar to how malware injects itself and has multiple means of protecting against detection by the malware. CWSandbox then monitors the file system, registry and other applications along with network activity and extracts important data (FTP or IRC login data).
To read the rest visit