Cuckoo Sandbox
Cuckoo Sandbox is a modular, automated malware analysis system. Running from command-line on a Linux or Mac host, it uses python and virtualization (VirtualBox, QEMU-KVM, etc) to create an isolated Windows guest environment to safely and automatically run and analyze files to collect comprehensive file behavior analysis. These results outline what the malware does while running inside an isolated Windows operating system, including Win32 API calls, files created/deleted, memory dumps, network traffic trace, screenshots of execution behavior, and full memory dumps of virtual machines. Malwr.com is a free, non-commercial, closed-source example of a running instance of Cuckoo Sandbox while also using VirusTotal (Google subsidiary) APIs and libraries to present the file analysis. Supported Host Operating Systems: GNU/Linux (Debian/Ubuntu preferred), Mac OS X Required Host Software: Python-2.7, Virtualization (VirtualBox, QEMU-KVM, etc) Supported Virtualized Operating Systems: Windows XP Service Pack 3, Windows Vista, Windows 7
