When I analyse a malware on win7, there is no network activity while when I analyses same sample on winxp it try to access multiple domains (like cerber) and provides network analysis. My cuckoo is behind transparent proxy. Does proxy matter for network activity.

I can also see this finding using a TOR transparent proxy.
While sometimes, the engine report malicious traffic in the main dashboard (even in TCP), there are no connections displayed in "network activity". I don't really know why.

start wireshark or tshark or any other dump and start analysis, maybe there no req done, i saw it frequently, you can see it in behavior but nothing in network