Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Alternative File Sharing for Malware Samples #48

Open
Corb3nik opened this issue Mar 31, 2017 · 3 comments
Open

Alternative File Sharing for Malware Samples #48

Corb3nik opened this issue Mar 31, 2017 · 3 comments
Labels
enhancement good first issue Good for newcomers hacktoberfest help wanted Extra attention is needed

Comments

@Corb3nik
Copy link

Some malware samples fail to infect the VM properly when run inside VBox's shared folder.

I don't know the root cause as to why these samples fail, but as discussed with @obilodeau, it might be a good idea to find an alternative solution for sharing malware samples.

@malwarenights
Copy link
Contributor

malwarenights commented Apr 10, 2017

This could be 2 different things:

  1. running from a share in general
    some malware might not be ready to run from a network share in general. Firs copying to c:\temp or something like that would probably fix the issue.

  2. anti-anti-malware / sandbox detection<
    The network sharing in the virtual box requires the vbox drivers to be installed - which is detected by some malware. To avoid this it might be possible to use ftp or http from the host system (which would require ftp-server or http-server on the host system).

@Svieg
Copy link
Collaborator

Svieg commented Apr 22, 2017

Is there any updates on this? Regarding the 2 recommendations by @malwarenights, I know VMCloak transfers files by HTTP with the agent running INSIDE the VM but that would require a client inside and I don't think we would want that. Vagrant can upload files with the file provisioner so I think we should go with that and upload them to temp or, even better, to a configurable path. Thoughts?

@obilodeau
Copy link
Contributor

Yes, having an additional method of file sharing (more like file copying to the VM) would be interesting and I would support that development.

@obilodeau obilodeau added enhancement good first issue Good for newcomers hacktoberfest help wanted Extra attention is needed labels Oct 3, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement good first issue Good for newcomers hacktoberfest help wanted Extra attention is needed
Projects
None yet
Development

No branches or pull requests

4 participants