Buster Sandbox Analyzer

Discussion in 'sandboxing & virtualization' started by Buster_BSA, May 4, 2020.

Page 6 of 10
  1. steve123455

    steve123455 Registered Member

    Hello hello~ Do you know what the problem I described above is going on?
     
    steve123455, Dec 19, 2020
    #126
  2. Buster_BSA

    Buster_BSA Registered Member

    Ok, then for "bsa1" the pipe name will be "BSA100", for "bsa2" will be "BSA200" and for "bsa3" will be "BSA300".

    Now you just miss next steps:

    1) Run BSA.EXE from "[...]\bsa1" folder and at "Program Options > Change Title" introduce "BSA100".

    2) Then go to "Utilities > LOG_API > LOG_API Patcher" and select "logapi64.dll" from "[...] \bsa1" folder.

    Repeat the two steps for "bsa2" and "bsa3" using "BSA200" and "BSA300".

    That's all.
     
    Buster_BSA, Dec 19, 2020
    #127
  3. steve123455

    steve123455 Registered Member

    okay, thank you. Let me try
     
    steve123455, Dec 19, 2020
    #128
  4. steve123455

    steve123455 Registered Member

    Thank you very much for your answer, the modification was successful. But I still get stuck here. After testing multiple bsa before

    upload_2020-12-20_10-58-21.png
     

    Attached Files:

    steve123455, Dec 19, 2020
    #129
  5. Buster_BSA

    Buster_BSA Registered Member

    Did you try already what I told you in message #112?
     
    Buster_BSA, Dec 19, 2020
    #130
  6. Buster_BSA

    Buster_BSA Registered Member

    This screenshot is strange. You analyzed a document file but seems like the extension (.docx) is not associated to anything in the system. I don't understand why Microsoft Word was not launched.
     
    Buster_BSA, Dec 19, 2020
    #131
  7. steve123455

    steve123455 Registered Member

    Hello~ I did everything you said
     
    steve123455, Dec 19, 2020
    #132
  8. Buster_BSA

    Buster_BSA Registered Member

    When you analyzed the microsoft word document, did your PC open it?
     
    Buster_BSA, Dec 19, 2020
    #133
  9. steve123455

    steve123455 Registered Member

    upload_2020-12-20_11-21-20.png


    My analysis of txt can end normally, but the analysis of docx will get stuck
     
    steve123455, Dec 19, 2020
    #134
  10. steve123455

    steve123455 Registered Member

    Word not opened
     
    steve123455, Dec 19, 2020
    #135
  11. steve123455

    steve123455 Registered Member

    upload_2020-12-20_11-26-20.png


    upload_2020-12-20_11-26-36.png


    bmp and word will stop
     
    steve123455, Dec 19, 2020
    #136
  12. Buster_BSA

    Buster_BSA Registered Member

    As soon as possible I'll prepare a special version of BSA that will help me to find the problem. Wait until I have it ready, please.
     
    Buster_BSA, Dec 19, 2020
    #137
  13. steve123455

    steve123455 Registered Member

    ok
     
    steve123455, Dec 19, 2020
    #138
  14. steve123455

    steve123455 Registered Member

    How to disable PEID?
     
    steve123455, Dec 20, 2020
    #139
  15. steve123455

    steve123455 Registered Member

    I found a problem, as long as the file content is empty it will stop
     
    steve123455, Dec 20, 2020
    #140
  16. steve123455

    steve123455 Registered Member

    upload_2020-12-20_14-30-17.png


    upload_2020-12-20_14-30-53.png



    There is another problem. If the docx is not empty, it will become a zip when opened with BSA
     
    steve123455, Dec 20, 2020
    #141
  17. steve123455

    steve123455 Registered Member

    How does peid work with Bsa?
     
    steve123455, Dec 20, 2020
    #142
  18. Buster_BSA

    Buster_BSA Registered Member

    Options > Report Options > Information

    Disable everything and check if BSA stops.
     
    Buster_BSA, Dec 20, 2020
    #143
  19. steve123455

    steve123455 Registered Member

    ok Thank you ,How about the special version of BSA
     
    steve123455, Dec 22, 2020
    #144
  20. Buster_BSA

    Buster_BSA Registered Member

    First do this:

    Options > Report Options > Information

    Disable everything

    and tell me if BSA stops.
     
    Buster_BSA, Dec 22, 2020
    #145
  21. steve123455

    steve123455 Registered Member

    upload_2020-12-23_9-53-53.png


    upload_2020-12-23_9-54-28.png






    I disabled all functions, but it still stops if the analysis is empty.
     
    steve123455, Dec 22, 2020
    #146
  22. Buster_BSA

    Buster_BSA Registered Member

    Upload the file somewhere and send me the link,please.

    I'll use it to make tests.
     
    Buster_BSA, Dec 23, 2020
    #147
  23. steve123455

    steve123455 Registered Member

    steve123455, Dec 23, 2020
    #148
  24. Buster_BSA

    Buster_BSA Registered Member

    Buster_BSA, Dec 23, 2020
    #149
  25. Pliskin

    Pliskin Registered Member

    anonfiles.com is really simple
     
    Pliskin, Dec 24, 2020
    #150
Page 6 of 10
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice