Cuckoo is a leading open source malware analyser. The Cuckoo sandbox facilitates effective analysis of various types of malware by monitoring their behaviour in a secure and isolated environment with the help of virtual machines. Based on Python, it is de
‘Malware’ is a term that refers to all types of malicious software, and is a serious threat to the IT backbone of any organisation. The impact of malware is far-reaching in both technical and economical dimensions. The wide spectrum of malware, comprising various types of attacks targeting different vulnerabilities, have made their detection and analysis a complex mission. Figure 1 illustrates a few important types of malware.
Though the mode of attack, payload, etc, of one type of malware might be different from that of another category, all of them hamper the smooth functioning of a system. Hence, it becomes mandatory to restrict their proliferation and protect systems from their negative impact. To achieve this goal, one important step is to analyse the malware’s various dimensions. This article explores a leading open source
malware analysis tool called Cuckoo.