Tuesday, 6 March 2018

Additional Crispiness on the MacOS box of apples sandbox

In November 2015 we first released our MacOS sandbox. We now have an incremental feature improvements live on our site to help our users get further behavioral information from samples scanned with VirusTotal

Several improvements visible to users are:

  • Sandbox updated to OSX 10.11 El Capitan in sandbox.  We have a High sierra update planned for later this year. 
  • Detailed HTML analysis report is now available. 
  • Screenshots of the software under analysis to provide more contextual information:
    • Show screenshots of what a user would see
    • Help determine if the sample is waiting for user input
  • Network traffic reports updated
    • Country Detection
  • Timestamps on file operations,  to help show the sequence of events.
  • Process tree is shown if there is more than one level of processes

To view the detailed behavior report, click on the behavior tab, then select the Box of Apples sandbox, then click on the detailed report link

Click on the detailed behavior report. 

Some Samples that might be interesting, that contain the new features:

Screenshots and File operations

DNS, IP Traffic and Behavior tags

This is part of the Multi-Sandbox project.    We’ll continue to improve our own and 3rd party sandbox providers that wish to integrate sandboxes into VirusTotal.

If you find any issues, or have feature requests, please don’t hesitate to reach out to us by emailing  contact@virustotal.com

No comments:

Post a Comment