Released Buster Sandbox Analyzer 1.02. Change list: Added MD5, SHA1 and SHA256 hashing when file to process is specified Added custom registry...
Searching: I think it´s possible to circumvent that problem. In first place you should sandbox a loader, something like OllyDbg, and then load...
Searching: You can read this topic to know more about that kind of files: http://www.sandboxie.com/phpbb/viewtopic.php?t=4367
inka: Don´t worry, I don´t take it personally. :)
Yes, as consequence of Sandboxie not being able to sandbox certain files, the analysis can not be performed. Anyway the % of files that...
If anyone is suspicious about the DLL the source code is included in the package, so it can be compiled for peace of mind. :P At the moment I...
acuariano: I know. It has been commented in Sandboxie´s forum already. http://sandboxie.com/phpbb/viewtopic.php?t=6557&start=30
I don´t follow you. Could you explain it, please?
inka: I just pretend to approach the malware analysis to non advanced users. Meanwhile Buster Sandbox Analyzer is a malware analyzer for non...
Ok, thank you! ;)
Buster Sandbox Analyzer website can be visited here: http://bsa.qnea.de/
Yes, it´s specifically designed to work with Sandboxie. Thanks for adding it to your list.
I´m glad you like it. If you miss anything just let me know.
Buster Sandbox Analyzer is a tool designed to analyze the behaviour of sandboxed processes and determine if they are malware by their actions.
Did you ever have the chance to try Norman Sandbox Analyzer? I know that´s not much likely due it´s very restricted to professionals.
From SysAnalyzer I used the API logger into my project but even if I have SysAnalyzer installed in a virtual machine, I never used it, therefore I...
Please, consider adding Buster Sandbox Analyzer.
Come back here after you play with it and leave your comments, please. I´m still waiting to hear the comments from someone that tried it.
Between some of my favourite features are that two you mention: not limited to internet and not automated. The tool is "yours". You can have it...
That´s right. It´s a pretty simple configuration: just 2 lines added to Sandboxie.INI. In one line we tell Sandboxie to inject the API...
It´s required to read the manual before using the tool because Sandboxie must be configured in order to get it working along with BSA.
Two examples of the analysis and reports produced with Buster Sandbox Analyzer. Email-Worm.Win32.NetSky.p Analisis: Detailed report of...
Hi. I would like to announce the release of Buster Sandbox Analyzer. Buster Sandbox Analyzer, or BSA to short it, is a security tool focused...
Separate names with a comma.
