tag:blogger.com,1999:blog-7966155342629773411.post4415544311945799572..comments2022-10-06T18:41:49.255+03:00Comments on Computers rule us, and we rule them!: Dynamic malware analysis Part IIClaudiu Francuhttp://www.blogger.com/profile/07806438391191720861noreply@blogger.comBlogger4125tag:blogger.com,1999:blog-7966155342629773411.post-44158693635354687162010-07-23T16:09:42.982+03:002010-07-23T16:09:42.982+03:00Hi,
I'll look more into it and i'll post ...Hi,<br /><br />I'll look more into it and i'll post my findings. Thank you for your feedback!Claudiu Francuhttps://www.blogger.com/profile/07806438391191720861noreply@blogger.comtag:blogger.com,1999:blog-7966155342629773411.post-19721748180142637472010-07-23T15:45:57.112+03:002010-07-23T15:45:57.112+03:00Hi.
Glad to hear you like my tool, Claudiu.
You ...Hi.<br /><br />Glad to hear you like my tool, Claudiu.<br /><br />You commented about BSA: "it totally missed the NtCreateFile and alike functions, and also the port connections."<br /><br />If I file is created or modified at the sandbox folder BSA will not miss it.<br /><br />Could you give more details about what you mean with that it totally missed the NtCreateFile, please?<br /><br />Port connections will not be missed when BSA is properly configured. For this you must select the adapter at "Packet sniffer" config.<br /><br />Maybe you missed to configure it properly.<br /><br />Regards.Buster_BSAhttp://bsa.isoftware.nl/noreply@blogger.comtag:blogger.com,1999:blog-7966155342629773411.post-41963093223740139332010-07-20T09:35:58.767+03:002010-07-20T09:35:58.767+03:00Anonymous,
I have fixed the link now, everything ...Anonymous,<br /><br />I have fixed the link now, everything should be in order. Thank you for your feedback!Claudiu Francuhttps://www.blogger.com/profile/07806438391191720861noreply@blogger.comtag:blogger.com,1999:blog-7966155342629773411.post-65329501460287134732010-07-20T04:18:36.648+03:002010-07-20T04:18:36.648+03:00The link http://claudiufrancu.ro/files/BSAReport.r...The link http://claudiufrancu.ro/files/BSAReport.rar does not work. Please fix that.<br /><br />Could you please upload the malware to somewhere, such as OffensiveComputing? I would like to try that with my sandbox, and compare that with your result.<br /><br />Thanks a lot,<br />NAnonymousnoreply@blogger.com