•  

Cuckoo sandbox - malware beware

A session at SIGINT 2013

Saturday 6th July, 2013

9:00pm to 9:45pm (CET)

Open Source Dynamic Malware Analysis

Cuckoo Sandbox is a widely used open-source project for automated dynamic malware analysis. It takes malicious documents or URLs as input and provides both high-level overview reports as well as detailed API call traces of the activities observed inside a virtual machine. The project was founded by Claudio Guarnieri and is mainly developed by four developers in their free time and during weekends.

Cuckoo Sandbox distinguishes from other solutions thanks to its modular design and flexible customization features. Because of this unique emphasis several large IT corporations and security companies run Cuckoo Sandbox to analyze malware samples on a daily basis and it’s often placed alongside with traditional perimeter security products as an added weapon to incident response and security teams’ arsenals. Being open-source, it also empowers independent and academic security researchers to use a full-fledged malware analysis sandbox freely.

For the latest available version we saw more than 8000 downloads and a few hundred constantly running deployments with enabled update-checks. This community also contributes to the project in various forms such as setup instructions, code contributions, behavioral signatures, feature requests and usability feedback and is actively engaged in conversations over mailing lists and IRC.

About the speakers

This person is speaking at this event.
Mark Schloesser
This person is speaking at this event.
Jurriaan Bremer

Freelance Security Researcher. Low-Level stuff. Member of De Eindbazen CTF Team. Cuckoo Sandbox Developer. I like emulators and (de)obfuscation. bio from Twitter

This person is speaking at this event.
Claudio

Security Researcher at @Rapid7, @Shadowserver member, @ProjectHoneynet member, @CuckooSandbox and @Malwr creator. Tweets are my own, right? bio from Twitter

Next session in Saal

10pm Benutze Krake mit Gerät by ths and Dmitry Nedospasov

Sign in to add slides, notes or videos to this session

SIGINT 2013

Germany Germany, Cologne

5th7th July 2013

Tell your friends!

When

Time 9:00pm9:45pm CET

Date Sat 6th July 2013

Where

Saal, KOMED

Short URL

lanyrd.com/sckcfk

Official session page

frab.cccv.de/…t13/events/5074.html

View the schedule

Share

Topics

See something wrong?

Report an issue with this session