cuckoo is a very famous automated malware analysis sandbox using which you can create your own poor guy's malware analysis lab. so let's see how we achieve the goal, stay with me.





Installation & First Run





installation so i'll simply not let you suffer the huge article pain for installation, if you feel free to install you are pretty good to go with As the Focus is notso i'll simply not let you suffer the huge article pain for installation, if you feel free to install you are pretty good to go with default installation url and if you feel like lost ping me and i'll help you in setting it as much as i can. okay so i assume you guys have already installed cuckoo and let's first run the cuckoo sandbox and virtual-box as well so that cuckoo can find our guest windows xp.





as cuckoo is running and loaded our guest xp so let's submit a file to analyze, i'm going to use the darkcomet malware sample so let's do it.





cuckoo malware submit





and here is cuckoo log for the malware analysis completion.

analysis completed

now it's time to analyze all the reports and check hash sums and..... yes you got all.

cuckoo malware analyzed file

if we look at report.json we'll find many many useful things like i got below. if we look atwe'll find many many useful things like i got below.





Api Calls





VIDEO:









and much more will be seen in the report file this is just the begining, please watch the below video for detailed tutorial.