Buster Sandbox Analyzer

Discussion in 'sandboxing & virtualization' started by Buster_BSA, May 4, 2020.

  1. steve123455

    steve123455 Registered Member

    Joined:
    Dec 16, 2020
    Posts:
    89
    Location:
    china
    When analyzing pdf files
     
  2. steve123455

    steve123455 Registered Member

    Joined:
    Dec 16, 2020
    Posts:
    89
    Location:
    china
    BSAtest5 No error is sent temporarily
     
  3. steve123455

    steve123455 Registered Member

    Joined:
    Dec 16, 2020
    Posts:
    89
    Location:
    china
    I will try the latter
     
  4. steve123455

    steve123455 Registered Member

    Joined:
    Dec 16, 2020
    Posts:
    89
    Location:
    china
    There is no problem in the later versions. I will install another operating system and try again. What is the cause of this bug?
     
  5. steve123455

    steve123455 Registered Member

    Joined:
    Dec 16, 2020
    Posts:
    89
    Location:
    china
    Ok. I test it
     
  6. steve123455

    steve123455 Registered Member

    Joined:
    Dec 16, 2020
    Posts:
    89
    Location:
    china
    upload_2020-12-31_13-31-50.png

    BSATest-NoMouseMovement_rar is no problem, but the next two downloads are stuck.
     
  7. steve123455

    steve123455 Registered Member

    Joined:
    Dec 16, 2020
    Posts:
    89
    Location:
    china
    Just tested it. No errors were reported in the three versions. I will continue testing
     
  8. Buster_BSA

    Buster_BSA Registered Member

    Joined:
    Nov 29, 2009
    Posts:
    748
    Released Buster Sandbox Analyzer 1.90 Beta 4 fixing the "System Error. Code: 5".

    This rare problem may be caused by a security feature in the OS. Probably the desktop of the computer having problems was created with restricted access, so when BSA tries to use the "SetCursorPos" function, the OS denies the operation and reports the system error code 5.

    Try this version and let me know if it works fine and the error is not showed anymore, please.
     
  9. Buster_BSA

    Buster_BSA Registered Member

    Joined:
    Nov 29, 2009
    Posts:
    748
    Glad to hear problem is solved.

    I guess video can not be played when analysis is too short. Just check in "REPORT.TXT" how long was the "Analysis duration".
     
  10. steve123455

    steve123455 Registered Member

    Joined:
    Dec 16, 2020
    Posts:
    89
    Location:
    china
  11. Buster_BSA

    Buster_BSA Registered Member

    Joined:
    Nov 29, 2009
    Posts:
    748
    Command line to record videos is always the same so it's not a problem in BSA.

    I suggest you use your own video recorder.
     
  12. steve123455

    steve123455 Registered Member

    Joined:
    Dec 16, 2020
    Posts:
    89
    Location:
    china
    ok
     

    Attached Files:

  13. Buster_BSA

    Buster_BSA Registered Member

    Joined:
    Nov 29, 2009
    Posts:
    748
    Released Buster Sandbox Analyzer 1.90 Beta 5.

    The only change in this version is the Sandboxie version required to run BSA. From version 1.90 Beta 5, Sandboxie 5.46.0 is the minimun version required.
     
  14. Buster_BSA

    Buster_BSA Registered Member

    Joined:
    Nov 29, 2009
    Posts:
    748
    Released Buster Sandbox Analyzer 1.91.

    Changes:

    + "Check For Updates" feature is working again.
     
  15. Vikterola62

    Vikterola62 Registered Member

    Joined:
    Dec 14, 2020
    Posts:
    16
    Location:
    USA
    Really struggling to get BSA going with the only thing holding me
    back is an error msg when starting BSE.exe " Sandboxie could not be found, try running BSA
    with admin rights!". I have latest Sandboxie plus 0.5.5 and followed the install instructions
    to the best of my ability. I cannot get BSA to show a gui and yes I have installed Winpcap.
    I see where I need to paste a path - but without the app opening, I don't know how to do it.
    Any tip would be appreciated!
     
  16. Buster_BSA

    Buster_BSA Registered Member

    Joined:
    Nov 29, 2009
    Posts:
    748
    Seems there is a bug in Sandboxie:

    https://www.wilderssecurity.com/threads/sandboxie-plus-0-5-5.435979/#post-2983963

    There you have a solution to fix the issue.
     
    Last edited: Jan 25, 2021
  17. steve123455

    steve123455 Registered Member

    Joined:
    Dec 16, 2020
    Posts:
    89
    Location:
    china
    What protocol is BSA open source based on?
     
  18. Buster_BSA

    Buster_BSA Registered Member

    Joined:
    Nov 29, 2009
    Posts:
    748
    Sorry?
     
  19. Stukalide

    Stukalide Registered Member

    Joined:
    Jul 12, 2013
    Posts:
    65
    Thanks Buster, this tool is a life-saver, and I rely on it all the time. I'm really surprised there haven't been others that have made a tool such as this. Really appreciate the work you do on it!
     
  20. Buster_BSA

    Buster_BSA Registered Member

    Joined:
    Nov 29, 2009
    Posts:
    748
    Thank you!

    There is other public malware behaviour analyzer named Cuckoo Sandbox.
     
  21. steve123455

    steve123455 Registered Member

    Joined:
    Dec 16, 2020
    Posts:
    89
    Location:
    china
    Hello, BSA author, you know the SoReL-20M malware classifier. Can you integrate the SoReL-20M malware classifier into BSA?
     
  22. Buster_BSA

    Buster_BSA Registered Member

    Joined:
    Nov 29, 2009
    Posts:
    748
    I didn't know about it.

    What would be the purpose of adding support for it?

    What results could be generated using it?

    Give a detailed explanation of the input and output data, please.
     
  23. dFosB

    dFosB Registered Member

    Joined:
    Jun 5, 2020
    Posts:
    14
    Location:
    HSH
    Does BSA support:
    1. Sandboxie 5.50.9
    2. SandboxiePlus 0.8.9

    Just insatlled SandboxiePlus (that is in fact just a new GUI, because driver remains teh same and "Plus" even includes a classic SbieCtrl.exe inside) ans put configs and BSA 1.91 from old instal.
    Now BSA "cannot find Sandboxie" even when started with admin permissions.

    What's wrong?
     
  24. Buster_BSA

    Buster_BSA Registered Member

    Joined:
    Nov 29, 2009
    Posts:
    748
    Try this:

    In Sandboxie Classic go to "Configure", then to "Windows Shell Integration" and check both "Run Sandboxed Actions" options are enabled.

    Add right-click action "Run Sandboxed" to files and folders
    Add sandboxes as targets for "Send To" action
     
  25. dFosB

    dFosB Registered Member

    Joined:
    Jun 5, 2020
    Posts:
    14
    Location:
    HSH
    No success:

    Screenshot 2021-07-30 082039.png

    Screenshot 2021-07-30 082120.png
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.