Brad Spengler
Brad Spengler
I've just sent you both some sanitized MIST reports to use for testing purposes. The filename of each is the analysis ID from the Cuckoo instance, so you should be...
It's actually generated from the summary results instead of the API logs, as the summary results are a bit more stable, it allows us to pull in more information easily,...
Thanks! I'll look into implementing those changes. -Brad
What's the hash of the file that was being analyzed? This error can be seen sometimes, but generally you should at least have some behavioral/static results still. It's a last-ditch...
That sample works fine here. Are you sure you set up the VM properly with the agent running at the time the VM was snapshotted?
Could you show me some logs or screenshots (or maybe a hash) of a sample that plays with safeboot via registry writes?
You must have specified the zip package. How many files are in the zip? If it was just the one html file, just submit the file without specifying the zip...
https://github.com/idanr1986/cuckoo-droid should be usable without any porting. As for the Linux analyzer, I don't really like that it's simply using strace. I'd like to have something with more thought/effort put...
The signature API was updated at the same time of a mass conversion of all signatures to use the new API -- I didn't (and don't) feel that it really...
Can you provide me with the bson logs for that analysis so I can see if it's the same issue of the bad version of bson?