You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Some malware samples fail to infect the VM properly when run inside VBox's shared folder.
I don't know the root cause as to why these samples fail, but as discussed with @obilodeau, it might be a good idea to find an alternative solution for sharing malware samples.
The text was updated successfully, but these errors were encountered:
running from a share in general
some malware might not be ready to run from a network share in general. Firs copying to c:\temp or something like that would probably fix the issue.
anti-anti-malware / sandbox detection<
The network sharing in the virtual box requires the vbox drivers to be installed - which is detected by some malware. To avoid this it might be possible to use ftp or http from the host system (which would require ftp-server or http-server on the host system).
Is there any updates on this? Regarding the 2 recommendations by @malwarenights, I know VMCloak transfers files by HTTP with the agent running INSIDE the VM but that would require a client inside and I don't think we would want that. Vagrant can upload files with the file provisioner so I think we should go with that and upload them to temp or, even better, to a configurable path. Thoughts?
Some malware samples fail to infect the VM properly when run inside VBox's shared folder.
I don't know the root cause as to why these samples fail, but as discussed with @obilodeau, it might be a good idea to find an alternative solution for sharing malware samples.
The text was updated successfully, but these errors were encountered: