Network Analysis of Malwares is empty on Win7
masifpak opened this issue · comments
Muhammad Asif commented
When I analyse a malware on win7, there is no network activity while when I analyses same sample on winxp it try to access multiple domains (like cerber) and provides network analysis. My cuckoo is behind transparent proxy. Does proxy matter for network activity.
Nagaev commented
I can also see this finding using a TOR transparent proxy.
While sometimes, the engine report malicious traffic in the main dashboard (even in TCP), there are no connections displayed in "network activity". I don't really know why.
doomedraven commented
start wireshark or tshark or any other dump and start analysis, maybe there no req done, i saw it frequently, you can see it in behavior but nothing in network