We're back online!

By -
Welcome to Leechermods 2026: The Signal is Amplified We’re officially heading into our 20th year! After a long period of strategic silence and low-frequency operations from our previous rural Eastern and Northern European outpost, we have fully transitioned to our new operational cycle. The Current Deployment: We are now alternating between the regulatory sanctuary of Iceland and the high-speed intelligence hubs of Singapore , before relocating to the Mekong Delta Hub for a longer-term signal persistence. Apologies for the recent downtime; I've been busy hardening our DNS configurations for enhanced security (Global HTTPS/TLS). A full site redesign (CSS, HTML, JS, and AI-integrated features) is underway to optimize our new CDN backbone and eliminate legacy graphical debt. Stay tuned. The audit never stops. Status: Moving Out. Moving Up. Operational.
Post a Comment

Buster Sandbox Analyzer for Sandboxie

By -
Buster Sandbox Analyzer is a tool that has been designed to analyze the behaviour of processes and the changes made to system and then evaluate if they are malware suspicious.
The changes made to system can be of several types: file system changes, registry changes and port changes.
A file system change happens when a file is created, deleted or modified. Depending of what type of file has been created (executable, library, javascript, batch, etc) and where was created (what folder) we will be able to get valuable information.
Registry changes are those changes made to Windows registry. In this case we will be able to get valuable information from the modified value keys and the new created or deleted registry keys.
Port changes are produced when a connection is done outside, to other computers, or a port is opened locally and this port starts listening for incoming connections.
From all these changes we will obtain the necessary information to evaluate the "risk" of some of the actions taken by sandboxed applications.
Watching all these operations in an easy and safe manner is possible thanks to Sandboxie (http://sandboxie.com), an excellent tool created by Ronen Tzur.
Even if Buster Sandbox Analyzer's main goal is to evaluate if sandboxed processes have a malware behaviour, the tool can be used also to simply obtain a list of changes made to system, so if you install a software you will know exactly what installs and where.

Additionally apart of system changes we can consider other actions as malware suspicious: keyboard logging, end the Windows session, load a driver, start a service, connect to Internet, etc.
All the above operations can be considered as not malicious but if they are performed when it's not expected, that's something we must take in consideration. Therefore it's not only important to consider what actions are performed. It's also important to consider if it's reasonable certain actions are performed.



Actually there are several webs and software doing the same task than Buster Sandbox Analyzer.

Web services:
http://www.joebox.org
(Joebox)

http://anubis.iseclab.org
(Anubis)

http://www.norman.com/security_center/security_tools/submit_file|
(Norman)

http://mwanalysis.org/
(Sunbelt's CWSandbox)

http://www.threatexpert.com
(Threat Expert)

http://camas.comodo.com/cgi-bin/submit
(Comodo Instant Malware Analysis)

http://autovin.pandasecurity.my/?page_id=332
(Autovin - Automated Tools for Virus Incidents)

https://aerie.cs.berkeley.edu/
(BitBlaze Malware Analysis Service)

http://eureka.cyber-ta.org/
(EUREKA Malware Analysis)

http://www.xandora.net/xangui/
(Xandora Binary Analyser)

http://malbox.xjtu.edu.cn/
(Malbox)

http://vicheck.ca/
(ViCheck)



Malware analyzing software:

http://www.cuckoobox.org
(Cuckoo)

http://www.norman.com/enterprise/all_products/malware_analyzer/
(Norman Sandbox Analyzer)

http://cert.at/downloads/software/minibis_en.html
(Minibis)

http://zerowine.sourceforge.net
(Zero Wine)

http://zerowine-tryout.sourceforge.net/
(Zero Wine Tryouts)

Web services are free of charge and can be used publicly.

Zero Wine is an open source project but it has been abandoned lately.
Zero Wine Tryouts seems to be a resumed version of Zero Wine.
Norman Sandbox Analyzer is a professional malware analyzer and it's oriented to professionals.
Buster Sandbox Analyzer is freeware. If you like this software, please, buy a license of Sandboxie.

Homepage
Forum

Download

1.37 beta 1

Comments

  1. Siddharth29 June, 2011

    Nice info.

    ReplyDelete
  2. Buster16 July, 2011

    Released Buster Sandbox Analyzer 1.37.





    Changes:





    * Improved hiding feature


    * Updated BSA.DAT


    * Removed evaluation risk feature


    * Fixed several bugs





    Part of the improved hiding feature is the possibility of naming LOG_API.DLL with the file name you prefer.





    Evaluation risk was removed from malware analysis report because it was
    too misleading. Probably I will reintroduce the feature in the near
    future but having other format.

    ReplyDelete

Post a Comment

We would appreciate if you as readers of our blog, show us some feedback by signing up to this site with Friend Connect.
This will encourage us to publish updates in the future.

Popular posts from this blog

15x avast! Pro Antivirus 1 year 1 PC and 5x avast! Internet Security Version 6 - Review and GiveAway

By -
avast! Pro Antivirus 6 Full antivirus and anti-spyware protection, now with next-generation virtualization technology Powered by avast! Sandbox and avast! AutoSandboxing Unique boot-time scanner cleans your PC before Windows even starts Quickly detects even previously unknown threats avast! Pro Antivirus comes in a radical new user interface. The installation of Avast! AntiVirus Pro 6 is painless and takes less than 2 minutes on a modern PC. A reboot is not require. Very remarkable is that the uninstaller left no traces of the Product, other as by most AV's and uninstall really clean which is a lack by many AV's.
Continue reading... »

eMule v0.50a -XdP- v5.6 RC3

By hooligan -
Image
Changelog: ---------------- UPDATE : Crypto++ v5.6.2 (umeK) UPDATE : libpng v1.6.2 (umeK) UPDATE : zlib v1.2.8 (umeK) ADD : BadHash Detection to Anti-Leecher System (umeK) ADD : SharedView Ed2kType (WiZaRd, parts by Avi3k) ADD : new flags to countryflag32.dll in order to meet ISO 3166-1 standard (Stulle) IMPROVE : added recognition of some more file types (Tuxman) IMPROVE : removed some debug-related functions in release builds (YumeYao) IMPROVE : Better mod defaults (umeK) IMPROVE : added some more logging stuff to Log Extensions feature (umeK) IMPROVE : changed Fakealyzer algorithm slightly to reduce false positives (netfinity) IMPROVE : Show client ip in clientdetaildialog (umeK) IMPROVE : increased buffersize for custom leecherlists (umeK) IMPROVE : make some Infos in clientdetaildialog copyable for better use with features like CountryBlock , IPfilter , BadNick , BadMod & BadHash Detection (umeK) CHANGE : some code changes,improvements and fixes for ...
Continue reading... »

Malwarebytes Anti-Malware PRO review - write a comment and one from 16 Licenses can be yours

By -
The era in which a single antivirus installation sufficed for comprehensive digital protection has concluded. Malware , encompassing viruses , worms , Trojans , rootkits , and spyware , is continuously evolving, thereby presenting increasing challenges in detection and remediation. To mitigate these sophisticated malware and security threats, Malwarebytes Anti-Malware , widely recognized as MBAM , offers a robust solution. MBAM stands out as a highly effective, powerful, and sophisticated anti-malware application, distinguished by its lightweight design and user-friendly interface, which positions it favorably against competitors. To mitigate the risks posed by various forms of malware and security threats, we utilize Malwarebytes Anti-Malware, commonly referred to as MBAM. MBAM stands out as a highly effective, robust, and advanced anti-malware application. Its lightweight design and user-friendly interface position it as a leader in its competitive landscape. The setup and operatio...
Continue reading... »