Results 1 to 2 of 2
  1. #1
    Senior Member
    Join Date
    Jan 2003

    CWSandbox Review

    Hey Hey,

    I just wanted to share this with everyone... I completed a review this morning on our corporate blog and it's a product/service that I think many of the members here will be interested in if they haven't seen it already..

    Lately, I've been more and more interested in malware analysis... I've been gathering viruses I receive and watching how they operate inside VMs. Due to this interest I've added more blogs to my seemingly never-ending list of RSS Feeds... Today a very interesting one came across the wire. Sunbelt Software had a blog posting announcing the official launch of CWSandbox. I must say, the software looks pretty damn cool.

    Essentially the malware that you submit is executed in what I'm guessing is a VM environment. The software operates by injecting itself in a manner similar to how malware injects itself and has multiple means of protecting against detection by the malware. CWSandbox then monitors the file system, registry and other applications along with network activity and extracts important data (FTP or IRC login data).
    To read the rest visit the blog posting

    IT Blog: .:Computer Defense:.
    PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

  2. #2
    Senior Member
    Join Date
    Aug 2003
    nepenthes 0.2.0 now supports CWsandbox
    you may have a look at xml file generated by the cwsandbox
    the analyzed executable : burimi bot package
    Last edited by stanger; February 8th, 2007 at 01:08 AM.
    Industry Kills Music.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

We have made updates to our Privacy Policy to reflect the implementation of the General Data Protection Regulation.