Giters

spender-sandbox / cuckoo-modified

Modified edition of cuckoo

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

[lib.cuckoo.core.scheduler] ERROR: Analysis failed: invalid string pointer 0x03AF1C8000000000

usmanm259 opened this issue · comments

commented

config files

File: auxiliary.conf

https://pastebin.com/fCMyBBtf

File: cuckoo.conf

https://pastebin.com/c6ET1PX8

File: virtualbox.conf

https://pastebin.com/LqeSEgjv

When i run cuckoo in debug mode, this is the error which it shows

[lib.cuckoo.core.scheduler] ERROR: Analysis failed: invalid string pointer 0x03AF1C8000000000

sudo ./cuckoo.py -d

Cuckoo Sandbox 1.3-Optiv
www.cuckoosandbox.org
Copyright (c) 2010-2015

2018-02-20 18:34:21,838 [root] DEBUG: Importing modules...
2018-02-20 18:34:25,426 [root] DEBUG: Imported "signatures" modules:
2018-02-20 18:34:25,427 [root] DEBUG: |-- Andromeda_APIs
2018-02-20 18:34:25,427 [root] DEBUG: |-- AntiAnalysisDetectFile
2018-02-20 18:34:25,428 [root] DEBUG: |-- AntiAnalysisDetectReg
2018-02-20 18:34:25,428 [root] DEBUG: |-- AvastDetectLibs
2018-02-20 18:34:25,428 [root] DEBUG: |-- BitdefenderDetectLibs
2018-02-20 18:34:25,428 [root] DEBUG: |-- AntiAVDetectFile
2018-02-20 18:34:25,429 [root] DEBUG: |-- AntiAVDetectReg
2018-02-20 18:34:25,429 [root] DEBUG: |-- AntiAVServiceStop
2018-02-20 18:34:25,429 [root] DEBUG: |-- AntiAVSRP
2018-02-20 18:34:25,429 [root] DEBUG: |-- AntiDBGDevices
2018-02-20 18:34:25,430 [root] DEBUG: |-- AntiDBGWindows
2018-02-20 18:34:25,430 [root] DEBUG: |-- WineDetectReg
2018-02-20 18:34:25,430 [root] DEBUG: |-- WineDetectFunc
2018-02-20 18:34:25,430 [root] DEBUG: |-- AntiCuckoo
2018-02-20 18:34:25,431 [root] DEBUG: |-- SandboxJoeAnubisDetectFiles
2018-02-20 18:34:25,431 [root] DEBUG: |-- HookMouse
2018-02-20 18:34:25,431 [root] DEBUG: |-- GetProductID
2018-02-20 18:34:25,431 [root] DEBUG: |-- SandboxieDetectLibs
2018-02-20 18:34:25,432 [root] DEBUG: |-- AntisandboxSboxieMutex
2018-02-20 18:34:25,432 [root] DEBUG: |-- AntiSandboxSboxieObjects
2018-02-20 18:34:25,432 [root] DEBUG: |-- AntiSandboxSleep
2018-02-20 18:34:25,432 [root] DEBUG: |-- SunbeltDetectFiles
2018-02-20 18:34:25,432 [root] DEBUG: |-- SunbeltDetectLibs
2018-02-20 18:34:25,433 [root] DEBUG: |-- AntiSandboxSuspend
2018-02-20 18:34:25,433 [root] DEBUG: |-- Unhook
2018-02-20 18:34:25,433 [root] DEBUG: |-- KnownVirustotal
2018-02-20 18:34:25,433 [root] DEBUG: |-- AntiVMDirectoryObjects
2018-02-20 18:34:25,433 [root] DEBUG: |-- AntiVMBios
2018-02-20 18:34:25,433 [root] DEBUG: |-- AntiVMCPU
2018-02-20 18:34:25,433 [root] DEBUG: |-- DiskInformation
2018-02-20 18:34:25,434 [root] DEBUG: |-- SetupAPIDiskInformation
2018-02-20 18:34:25,434 [root] DEBUG: |-- AntiVMDiskReg
2018-02-20 18:34:25,434 [root] DEBUG: |-- AntiVMSCSI
2018-02-20 18:34:25,434 [root] DEBUG: |-- AntiVMServices
2018-02-20 18:34:25,434 [root] DEBUG: |-- AntiVMSystem
2018-02-20 18:34:25,434 [root] DEBUG: |-- VBoxDetectACPI
2018-02-20 18:34:25,434 [root] DEBUG: |-- VBoxDetectDevices
2018-02-20 18:34:25,434 [root] DEBUG: |-- VBoxDetectFiles
2018-02-20 18:34:25,435 [root] DEBUG: |-- VBoxDetectKeys
2018-02-20 18:34:25,435 [root] DEBUG: |-- VBoxDetectLibs
2018-02-20 18:34:25,435 [root] DEBUG: |-- VBoxDetectProvname
2018-02-20 18:34:25,435 [root] DEBUG: |-- VBoxDetectWindow
2018-02-20 18:34:25,435 [root] DEBUG: |-- VMwareDetectDevices
2018-02-20 18:34:25,435 [root] DEBUG: |-- VMwareDetectEvent
2018-02-20 18:34:25,435 [root] DEBUG: |-- VMwareDetectFiles
2018-02-20 18:34:25,435 [root] DEBUG: |-- VMwareDetectKeys
2018-02-20 18:34:25,436 [root] DEBUG: |-- VMwareDetectLibs
2018-02-20 18:34:25,436 [root] DEBUG: |-- VMwareDetectMutexes
2018-02-20 18:34:25,436 [root] DEBUG: |-- VPCDetectFiles
2018-02-20 18:34:25,436 [root] DEBUG: |-- VPCDetectKeys
2018-02-20 18:34:25,436 [root] DEBUG: |-- VPCDetectMutex
2018-02-20 18:34:25,436 [root] DEBUG: |-- BadCerts
2018-02-20 18:34:25,436 [root] DEBUG: |-- BadSSLCerts
2018-02-20 18:34:25,436 [root] DEBUG: |-- Cridex
2018-02-20 18:34:25,437 [root] DEBUG: |-- Geodo
2018-02-20 18:34:25,437 [root] DEBUG: |-- Prinimalka
2018-02-20 18:34:25,437 [root] DEBUG: |-- SpyEyeMutexes
2018-02-20 18:34:25,437 [root] DEBUG: |-- ZeusMutexes
2018-02-20 18:34:25,437 [root] DEBUG: |-- ZeusP2P
2018-02-20 18:34:25,437 [root] DEBUG: |-- ZeusURL
2018-02-20 18:34:25,437 [root] DEBUG: |-- BetaBot_APIs
2018-02-20 18:34:25,437 [root] DEBUG: |-- BitcoinOpenCL
2018-02-20 18:34:25,438 [root] DEBUG: |-- Bootkit
2018-02-20 18:34:25,438 [root] DEBUG: |-- AthenaHttp
2018-02-20 18:34:25,438 [root] DEBUG: |-- DirtJumper
2018-02-20 18:34:25,438 [root] DEBUG: |-- Drive
2018-02-20 18:34:25,438 [root] DEBUG: |-- Drive2
2018-02-20 18:34:25,438 [root] DEBUG: |-- Madness
2018-02-20 18:34:25,438 [root] DEBUG: |-- Ruskill
2018-02-20 18:34:25,438 [root] DEBUG: |-- BrowserAddon
2018-02-20 18:34:25,438 [root] DEBUG: |-- BrowserHelperObject
2018-02-20 18:34:25,439 [root] DEBUG: |-- ModifyProxy
2018-02-20 18:34:25,439 [root] DEBUG: |-- BrowserScanbox
2018-02-20 18:34:25,439 [root] DEBUG: |-- BrowserSecurity
2018-02-20 18:34:25,439 [root] DEBUG: |-- browser_startpage
2018-02-20 18:34:25,439 [root] DEBUG: |-- BypassFirewall
2018-02-20 18:34:25,439 [root] DEBUG: |-- CarberpMutexes
2018-02-20 18:34:25,439 [root] DEBUG: |-- Chimera_APIs
2018-02-20 18:34:25,439 [root] DEBUG: |-- ClickfraudCookies
2018-02-20 18:34:25,440 [root] DEBUG: |-- ClickfraudVolume
2018-02-20 18:34:25,440 [root] DEBUG: |-- CopiesSelf
2018-02-20 18:34:25,440 [root] DEBUG: |-- CreatesExe
2018-02-20 18:34:25,440 [root] DEBUG: |-- CreatesLargeKey
2018-02-20 18:34:25,440 [root] DEBUG: |-- CreatesNullValue
2018-02-20 18:34:25,440 [root] DEBUG: |-- CriticalProcess
2018-02-20 18:34:25,440 [root] DEBUG: |-- CryptoWall_APIs
2018-02-20 18:34:25,440 [root] DEBUG: |-- DarkCometRegkeys
2018-02-20 18:34:25,441 [root] DEBUG: |-- DeadLink
2018-02-20 18:34:25,441 [root] DEBUG: |-- DebugsSelf
2018-02-20 18:34:25,441 [root] DEBUG: |-- DeepFreezeMutex
2018-02-20 18:34:25,441 [root] DEBUG: |-- DeletesSelf
2018-02-20 18:34:25,441 [root] DEBUG: |-- DeletesShadowCopies
2018-02-20 18:34:25,441 [root] DEBUG: |-- DEPBypass
2018-02-20 18:34:25,441 [root] DEBUG: |-- DEPDisable
2018-02-20 18:34:25,441 [root] DEBUG: |-- DisablesBrowserWarn
2018-02-20 18:34:25,442 [root] DEBUG: |-- DisablesSPDY
2018-02-20 18:34:25,442 [root] DEBUG: |-- DisablesSystemRestore
2018-02-20 18:34:25,442 [root] DEBUG: |-- DisablesUAC
2018-02-20 18:34:25,442 [root] DEBUG: |-- DisablesWER
2018-02-20 18:34:25,442 [root] DEBUG: |-- DisablesWFP
2018-02-20 18:34:25,442 [root] DEBUG: |-- DisablesWindowsUpdate
2018-02-20 18:34:25,442 [root] DEBUG: |-- DownloaderCabby
2018-02-20 18:34:25,442 [root] DEBUG: |-- Dridex_APIs
2018-02-20 18:34:25,443 [root] DEBUG: |-- DriverLoad
2018-02-20 18:34:25,443 [root] DEBUG: |-- Dropper
2018-02-20 18:34:25,443 [root] DEBUG: |-- Dyre_APIs
2018-02-20 18:34:25,443 [root] DEBUG: |-- Angler_JS
2018-02-20 18:34:25,443 [root] DEBUG: |-- Gondad_JS
2018-02-20 18:34:25,443 [root] DEBUG: |-- HeapSpray_JS
2018-02-20 18:34:25,443 [root] DEBUG: |-- Java_JS
2018-02-20 18:34:25,443 [root] DEBUG: |-- Neutrino_JS
2018-02-20 18:34:25,443 [root] DEBUG: |-- Nuclear_JS
2018-02-20 18:34:25,444 [root] DEBUG: |-- RIG_JS
2018-02-20 18:34:25,444 [root] DEBUG: |-- Silverlight_JS
2018-02-20 18:34:25,444 [root] DEBUG: |-- Virtualcheck_JS
2018-02-20 18:34:25,444 [root] DEBUG: |-- EncryptedIOC
2018-02-20 18:34:25,444 [root] DEBUG: |-- Crash
2018-02-20 18:34:25,444 [root] DEBUG: |-- SystemMetrics
2018-02-20 18:34:25,444 [root] DEBUG: |-- Generic_Phish
2018-02-20 18:34:25,444 [root] DEBUG: |-- HawkEye_APIs
2018-02-20 18:34:25,445 [root] DEBUG: |-- BitcoinWallet
2018-02-20 18:34:25,445 [root] DEBUG: |-- BrowserStealer
2018-02-20 18:34:25,445 [root] DEBUG: |-- FTPStealer
2018-02-20 18:34:25,445 [root] DEBUG: |-- IMStealer
2018-02-20 18:34:25,445 [root] DEBUG: |-- KeyLogger
2018-02-20 18:34:25,445 [root] DEBUG: |-- EmailStealer
2018-02-20 18:34:25,445 [root] DEBUG: |-- InjectionCRT
2018-02-20 18:34:25,445 [root] DEBUG: |-- InjectionExplorer
2018-02-20 18:34:25,445 [root] DEBUG: |-- InjectionExtension
2018-02-20 18:34:25,446 [root] DEBUG: |-- InjectionRUNPE
2018-02-20 18:34:25,446 [root] DEBUG: |-- InjectionRWX
2018-02-20 18:34:25,446 [root] DEBUG: |-- Internet_Dropper
2018-02-20 18:34:25,446 [root] DEBUG: |-- JS_Phish
2018-02-20 18:34:25,446 [root] DEBUG: |-- KazyBot_APIs
2018-02-20 18:34:25,446 [root] DEBUG: |-- Kibex_APIs
2018-02-20 18:34:25,446 [root] DEBUG: |-- KrakenMutexes
2018-02-20 18:34:25,446 [root] DEBUG: |-- DisableRegedit
2018-02-20 18:34:25,446 [root] DEBUG: |-- DisableTaskMgr
2018-02-20 18:34:25,447 [root] DEBUG: |-- MartiansIE
2018-02-20 18:34:25,447 [root] DEBUG: |-- MimicsAgent
2018-02-20 18:34:25,447 [root] DEBUG: |-- MimicsExtension
2018-02-20 18:34:25,447 [root] DEBUG: |-- MimicsFiletime
2018-02-20 18:34:25,447 [root] DEBUG: |-- MimicsIcon
2018-02-20 18:34:25,447 [root] DEBUG: |-- ModifiesCerts
2018-02-20 18:34:25,447 [root] DEBUG: |-- Modifies_HostFile
2018-02-20 18:34:25,447 [root] DEBUG: |-- ModifySecurityCenterWarnings
2018-02-20 18:34:25,447 [root] DEBUG: |-- ModifiesUACNotify
2018-02-20 18:34:25,447 [root] DEBUG: |-- Multiple_UA
2018-02-20 18:34:25,448 [root] DEBUG: |-- NetworkAnomaly
2018-02-20 18:34:25,448 [root] DEBUG: |-- NetworkBIND
2018-02-20 18:34:25,448 [root] DEBUG: |-- NetworkCnCHTTP
2018-02-20 18:34:25,448 [root] DEBUG: |-- NetworkDGA
2018-02-20 18:34:25,448 [root] DEBUG: |-- NetworkHTTP
2018-02-20 18:34:25,448 [root] DEBUG: |-- NetworkICMP
2018-02-20 18:34:25,448 [root] DEBUG: |-- NetworkIRC
2018-02-20 18:34:25,448 [root] DEBUG: |-- NetworkSMTP
2018-02-20 18:34:25,448 [root] DEBUG: |-- Tor
2018-02-20 18:34:25,449 [root] DEBUG: |-- TorHiddenService
2018-02-20 18:34:25,449 [root] DEBUG: |-- TorGateway
2018-02-20 18:34:25,449 [root] DEBUG: |-- OfficeDLWritesEXE
2018-02-20 18:34:25,449 [root] DEBUG: |-- Office_Macro
2018-02-20 18:34:25,449 [root] DEBUG: |-- OfficeSecurity
2018-02-20 18:34:25,449 [root] DEBUG: |-- Office_Suspicious
2018-02-20 18:34:25,449 [root] DEBUG: |-- BuildLangID
2018-02-20 18:34:25,449 [root] DEBUG: |-- ResourceLangID
2018-02-20 18:34:25,449 [root] DEBUG: |-- ArmadilloMutex
2018-02-20 18:34:25,449 [root] DEBUG: |-- ArmadilloRegKey
2018-02-20 18:34:25,450 [root] DEBUG: |-- PackerEntropy
2018-02-20 18:34:25,450 [root] DEBUG: |-- ThemidaPacked
2018-02-20 18:34:25,450 [root] DEBUG: |-- UPXCompressed
2018-02-20 18:34:25,450 [root] DEBUG: |-- VMPPacked
2018-02-20 18:34:25,450 [root] DEBUG: |-- PDF_Annot_URLs
2018-02-20 18:34:25,450 [root] DEBUG: |-- PDF_EOF
2018-02-20 18:34:25,450 [root] DEBUG: |-- PDF_Page
2018-02-20 18:34:25,450 [root] DEBUG: |-- ADS
2018-02-20 18:34:25,450 [root] DEBUG: |-- Autorun
2018-02-20 18:34:25,451 [root] DEBUG: |-- PersistenceService
2018-02-20 18:34:25,451 [root] DEBUG: |-- Polymorphic
2018-02-20 18:34:25,451 [root] DEBUG: |-- Pony_APIs
2018-02-20 18:34:25,451 [root] DEBUG: |-- PowershellCommand
2018-02-20 18:34:25,451 [root] DEBUG: |-- PreventsSafeboot
2018-02-20 18:34:25,451 [root] DEBUG: |-- ProcessInterest
2018-02-20 18:34:25,451 [root] DEBUG: |-- ProcessNeeded
2018-02-20 18:34:25,451 [root] DEBUG: |-- Procmem_Yara
2018-02-20 18:34:25,451 [root] DEBUG: |-- RansomwareExtensions
2018-02-20 18:34:25,452 [root] DEBUG: |-- RansomwareFiles
2018-02-20 18:34:25,452 [root] DEBUG: |-- RansomwareRecyclebin
2018-02-20 18:34:25,452 [root] DEBUG: |-- BeebusMutexes
2018-02-20 18:34:25,452 [root] DEBUG: |-- FynloskiMutexes
2018-02-20 18:34:25,452 [root] DEBUG: |-- PcClientMutexes
2018-02-20 18:34:25,452 [root] DEBUG: |-- PlugxMutexes
2018-02-20 18:34:25,452 [root] DEBUG: |-- PoisonIvyMutexes
2018-02-20 18:34:25,452 [root] DEBUG: |-- SpynetRat
2018-02-20 18:34:25,452 [root] DEBUG: |-- XtremeMutexes
2018-02-20 18:34:25,452 [root] DEBUG: |-- ReadsSelf
2018-02-20 18:34:25,453 [root] DEBUG: |-- Recon_Beacon
2018-02-20 18:34:25,453 [root] DEBUG: |-- CheckIP
2018-02-20 18:34:25,453 [root] DEBUG: |-- Fingerprint
2018-02-20 18:34:25,453 [root] DEBUG: |-- InstalledApps
2018-02-20 18:34:25,453 [root] DEBUG: |-- SystemInfo
2018-02-20 18:34:25,453 [root] DEBUG: |-- RemovesZoneIdADS
2018-02-20 18:34:25,453 [root] DEBUG: |-- Secure_Login_Phish
2018-02-20 18:34:25,453 [root] DEBUG: |-- SetsAutoconfigURL
2018-02-20 18:34:25,453 [root] DEBUG: |-- Shifu_APIs
2018-02-20 18:34:25,454 [root] DEBUG: |-- InstallsWinpcap
2018-02-20 18:34:25,454 [root] DEBUG: |-- SpoofsProcname
2018-02-20 18:34:25,454 [root] DEBUG: |-- CreatesAutorunInf
2018-02-20 18:34:25,454 [root] DEBUG: |-- StackPivot
2018-02-20 18:34:25,454 [root] DEBUG: |-- Authenticode
2018-02-20 18:34:25,454 [root] DEBUG: |-- Static_Java
2018-02-20 18:34:25,455 [root] DEBUG: |-- PEAnomaly
2018-02-20 18:34:25,455 [root] DEBUG: |-- RATConfig
2018-02-20 18:34:25,455 [root] DEBUG: |-- VersionInfoAnomaly
2018-02-20 18:34:25,455 [root] DEBUG: |-- StealthChildProc
2018-02-20 18:34:25,455 [root] DEBUG: |-- StealthFile
2018-02-20 18:34:25,455 [root] DEBUG: |-- StealthHiddenReg
2018-02-20 18:34:25,455 [root] DEBUG: |-- StealthHideNotifications
2018-02-20 18:34:25,456 [root] DEBUG: |-- StealthNetwork
2018-02-20 18:34:25,456 [root] DEBUG: |-- StealthTimeout
2018-02-20 18:34:25,456 [root] DEBUG: |-- StealthWebHistory
2018-02-20 18:34:25,456 [root] DEBUG: |-- Hidden_Window
2018-02-20 18:34:25,456 [root] DEBUG: |-- SuricataAlert
2018-02-20 18:34:25,456 [root] DEBUG: |-- Flame
2018-02-20 18:34:25,456 [root] DEBUG: |-- Tinba_APIs
2018-02-20 18:34:25,456 [root] DEBUG: |-- FleerCivetMutexes
2018-02-20 18:34:25,457 [root] DEBUG: |-- Upatre_APIs
2018-02-20 18:34:25,457 [root] DEBUG: |-- Vawtrak_APIs
2018-02-20 18:34:25,457 [root] DEBUG: |-- Vawtrak_APIs
2018-02-20 18:34:25,457 [root] DEBUG: |-- Virus
2018-02-20 18:34:25,457 [root] DEBUG: |-- VolDevicetree1
2018-02-20 18:34:25,457 [root] DEBUG: |-- VolHandles1
2018-02-20 18:34:25,457 [root] DEBUG: |-- VolLdrModules1
2018-02-20 18:34:25,457 [root] DEBUG: |-- VolLdrModules2
2018-02-20 18:34:25,458 [root] DEBUG: |-- VolMalfind1
2018-02-20 18:34:25,458 [root] DEBUG: |-- VolMalfind2
2018-02-20 18:34:25,458 [root] DEBUG: |-- VolModscan1
2018-02-20 18:34:25,458 [root] DEBUG: |-- VolSvcscan1
2018-02-20 18:34:25,458 [root] DEBUG: |-- VolSvcscan2
2018-02-20 18:34:25,458 [root] DEBUG: |-- VolSvcscan3
2018-02-20 18:34:25,458 [root] DEBUG: |-- Webmail_Phish
2018-02-20 18:34:25,458 [root] DEBUG: -- WHOIS_Create 2018-02-20 18:34:25,459 [root] DEBUG: Imported "auxiliary" modules: 2018-02-20 18:34:25,459 [root] DEBUG: |-- Sniffer 2018-02-20 18:34:25,459 [root] DEBUG: -- Tor
2018-02-20 18:34:25,459 [root] DEBUG: Imported "processing" modules:
2018-02-20 18:34:25,459 [root] DEBUG: |-- AnalysisInfo
2018-02-20 18:34:25,459 [root] DEBUG: |-- BehaviorAnalysis
2018-02-20 18:34:25,459 [root] DEBUG: |-- CIF
2018-02-20 18:34:25,459 [root] DEBUG: |-- Debug
2018-02-20 18:34:25,460 [root] DEBUG: |-- Dropped
2018-02-20 18:34:25,460 [root] DEBUG: |-- Memory
2018-02-20 18:34:25,460 [root] DEBUG: |-- NetworkAnalysis
2018-02-20 18:34:25,460 [root] DEBUG: |-- ProcessMemory
2018-02-20 18:34:25,460 [root] DEBUG: |-- Static
2018-02-20 18:34:25,460 [root] DEBUG: |-- Strings
2018-02-20 18:34:25,460 [root] DEBUG: |-- Suricata
2018-02-20 18:34:25,460 [root] DEBUG: |-- TargetInfo
2018-02-20 18:34:25,461 [root] DEBUG: -- VirusTotal 2018-02-20 18:34:25,461 [root] DEBUG: Imported "machinery" modules: 2018-02-20 18:34:25,461 [root] DEBUG: -- VirtualBox
2018-02-20 18:34:25,461 [root] DEBUG: Imported "feeds" modules:
2018-02-20 18:34:25,461 [root] DEBUG: -- AbuseCH_SSL 2018-02-20 18:34:25,461 [root] DEBUG: Imported "reporting" modules: 2018-02-20 18:34:25,461 [root] DEBUG: |-- ElasticsearchDB 2018-02-20 18:34:25,461 [root] DEBUG: |-- IOCAware_STIX 2018-02-20 18:34:25,462 [root] DEBUG: |-- JsonDump 2018-02-20 18:34:25,462 [root] DEBUG: |-- MAEC41Report 2018-02-20 18:34:25,462 [root] DEBUG: |-- Malheur 2018-02-20 18:34:25,462 [root] DEBUG: |-- MMDef 2018-02-20 18:34:25,462 [root] DEBUG: |-- Moloch 2018-02-20 18:34:25,462 [root] DEBUG: |-- MongoDB 2018-02-20 18:34:25,462 [root] DEBUG: |-- ReportHTML 2018-02-20 18:34:25,462 [root] DEBUG: |-- ReportHTMLSummary 2018-02-20 18:34:25,463 [root] DEBUG: |-- ReportPDF 2018-02-20 18:34:25,463 [root] DEBUG: |-- ReSubmitExtractedEXE 2018-02-20 18:34:25,463 [root] DEBUG: -- Syslog
2018-02-20 18:34:25,856 [root] DEBUG: Checking for locked tasks...
2018-02-20 18:34:25,945 [root] DEBUG: Initializing Yara...
2018-02-20 18:34:25,982 [root] DEBUG: |-- index_binaries.yar
2018-02-20 18:34:25,982 [root] DEBUG: |-- index_memory.yar
2018-02-20 18:34:25,982 [root] DEBUG: |-- index_malware.yar
2018-02-20 18:34:25,983 [root] DEBUG: |-- index_Malicious_Documents.yar
2018-02-20 18:34:25,983 [root] DEBUG: |-- index_Exploit-Kits.yar
2018-02-20 18:34:25,983 [root] DEBUG: |-- index_Mobile_Malware.yar
2018-02-20 18:34:25,984 [root] DEBUG: |-- index_Webshells.yar
2018-02-20 18:34:25,984 [root] DEBUG: |-- index_Antidebug_AntiVM.yar
2018-02-20 18:34:25,984 [root] DEBUG: |-- index_Crypto.yar
2018-02-20 18:34:25,985 [root] DEBUG: |-- index_CVE_Rules.yar
2018-02-20 18:34:25,985 [root] DEBUG: |-- index_email.yar
2018-02-20 18:34:25,985 [root] DEBUG: `-- index_Packers.yar
2018-02-20 18:34:25,988 [lib.cuckoo.core.resultserver] DEBUG: ResultServer running on 192.168.56.1:2042.
2018-02-20 18:34:25,990 [lib.cuckoo.core.scheduler] INFO: Using "virtualbox" machine manager with max_analysis_count=0, max_machines_count=0, and max_vmstartup_count=10
2018-02-20 18:34:26,462 [modules.machinery.virtualbox] DEBUG: Getting status for win7
2018-02-20 18:34:26,548 [modules.machinery.virtualbox] DEBUG: Machine win7 status saved
2018-02-20 18:34:26,619 [modules.machinery.virtualbox] DEBUG: Stopping vm win7
2018-02-20 18:34:26,620 [modules.machinery.virtualbox] DEBUG: Getting status for win7
2018-02-20 18:34:26,701 [modules.machinery.virtualbox] DEBUG: Machine win7 status saved
2018-02-20 18:34:27,768 [modules.machinery.virtualbox] DEBUG: VBoxManage exited with error powering off the machine
2018-02-20 18:34:27,769 [modules.machinery.virtualbox] DEBUG: Getting status for win7
2018-02-20 18:34:27,857 [modules.machinery.virtualbox] DEBUG: Machine win7 status saved
2018-02-20 18:34:27,949 [lib.cuckoo.core.scheduler] INFO: Loaded 1 machine/s
2018-02-20 18:34:27,959 [lib.cuckoo.core.scheduler] INFO: Waiting for analysis tasks.

2018-02-20 18:35:44,697 [lib.cuckoo.core.scheduler] DEBUG: Processing task #4
2018-02-20 18:35:44,700 [lib.cuckoo.core.scheduler] INFO: Starting analysis of FILE "/opt/cuckoo-tmp/upload_TVHMQD/09a18cd7e004ce10b0a6b11f11f3333a.exe" (task=4)
2018-02-20 18:35:44,729 [lib.cuckoo.core.scheduler] INFO: File already exists at "/opt/cuckoo/storage/binaries/77da6a1941ac1971785cc85657bb2301eaa3ca8969ec9dc8c9739e9d9fcb4903"
2018-02-20 18:35:44,800 [lib.cuckoo.core.scheduler] INFO: Task #4: acquired machine win7 (label=win7)
2018-02-20 18:35:44,864 [modules.machinery.virtualbox] DEBUG: Starting vm win7
2018-02-20 18:35:44,865 [modules.machinery.virtualbox] DEBUG: Getting status for win7
2018-02-20 18:35:44,948 [modules.machinery.virtualbox] DEBUG: Machine win7 status saved
2018-02-20 18:35:45,009 [modules.machinery.virtualbox] DEBUG: Using current snapshot for virtual machine win7
2018-02-20 18:35:45,413 [modules.machinery.virtualbox] DEBUG: Getting status for win7
2018-02-20 18:35:45,486 [modules.machinery.virtualbox] DEBUG: Machine win7 status saved
2018-02-20 18:35:49,632 [modules.machinery.virtualbox] DEBUG: Getting status for win7
2018-02-20 18:35:49,743 [modules.machinery.virtualbox] DEBUG: Machine win7 status running
2018-02-20 18:35:49,966 [modules.auxiliary.sniffer] INFO: Started sniffer with PID 3180 (interface=vboxnet0, host=192.168.56.101, dump path=/opt/cuckoo/storage/analyses/4/dump.pcap)
2018-02-20 18:35:49,967 [lib.cuckoo.core.plugins] DEBUG: Started auxiliary module: Sniffer
2018-02-20 18:35:49,967 [lib.cuckoo.core.plugins] DEBUG: Started auxiliary module: Tor
2018-02-20 18:35:49,970 [lib.cuckoo.core.guest] INFO: Starting analysis on guest (id=win7, ip=192.168.56.101)
2018-02-20 18:35:49,970 [lib.cuckoo.core.guest] DEBUG: Automatically increased critical timeout to 60
2018-02-20 18:35:49,970 [lib.cuckoo.core.guest] DEBUG: win7: waiting for status 0x0001
2018-02-20 18:35:57,178 [lib.cuckoo.core.guest] DEBUG: win7: status ready
2018-02-20 18:35:57,347 [lib.cuckoo.core.guest] DEBUG: Uploading analyzer to guest (id=win7, ip=192.168.56.101)
2018-02-20 18:35:57,723 [lib.cuckoo.core.guest] DEBUG: win7: analyzer started with PID 2096
2018-02-20 18:35:57,723 [lib.cuckoo.core.guest] DEBUG: win7: waiting for completion
2018-02-20 18:35:58,730 [lib.cuckoo.core.guest] DEBUG: win7: analysis not completed yet (status=2)
2018-02-20 18:35:58,944 [lib.cuckoo.core.resultserver] DEBUG: New connection from: 192.168.56.101:49159
2018-02-20 18:35:58,945 [lib.cuckoo.core.resultserver] DEBUG: LogHandler for live analysis.log initialized.
2018-02-20 18:35:59,437 [lib.cuckoo.core.resultserver] DEBUG: Connection closed: 192.168.56.101:49159
2018-02-20 18:35:59,738 [lib.cuckoo.core.scheduler] ERROR: Analysis failed: invalid string pointer 0x03AF1C8000000000
2018-02-20 18:36:00,086 [lib.cuckoo.core.plugins] DEBUG: Stopped auxiliary module: Sniffer
2018-02-20 18:36:00,086 [lib.cuckoo.core.plugins] DEBUG: Stopped auxiliary module: Tor
2018-02-20 18:36:00,086 [modules.machinery.virtualbox] DEBUG: Stopping vm win7
2018-02-20 18:36:00,086 [modules.machinery.virtualbox] DEBUG: Getting status for win7
2018-02-20 18:36:00,167 [modules.machinery.virtualbox] DEBUG: Machine win7 status running
2018-02-20 18:36:01,221 [modules.machinery.virtualbox] DEBUG: Getting status for win7
2018-02-20 18:36:01,305 [modules.machinery.virtualbox] DEBUG: Machine win7 status poweroff
2018-02-20 18:36:01,538 [lib.cuckoo.core.scheduler] DEBUG: Released database task #4 with status False
2018-02-20 18:36:01,540 [lib.cuckoo.core.plugins] DEBUG: Executing processing module "AnalysisInfo" on analysis at "/opt/cuckoo/storage/analyses/4"
2018-02-20 18:36:01,598 [lib.cuckoo.core.plugins] DEBUG: Executing processing module "BehaviorAnalysis" on analysis at "/opt/cuckoo/storage/analyses/4"
2018-02-20 18:36:01,599 [modules.processing.behavior] INFO: Analysis results folder does not contain any file or injection was disabled.
2018-02-20 18:36:01,599 [lib.cuckoo.core.plugins] DEBUG: Executing processing module "Debug" on analysis at "/opt/cuckoo/storage/analyses/4"
2018-02-20 18:36:01,602 [lib.cuckoo.core.plugins] DEBUG: Executing processing module "Dropped" on analysis at "/opt/cuckoo/storage/analyses/4"
2018-02-20 18:36:01,603 [lib.cuckoo.core.plugins] DEBUG: Executing processing module "NetworkAnalysis" on analysis at "/opt/cuckoo/storage/analyses/4"
2018-02-20 18:36:02,615 [lib.cuckoo.core.plugins] DEBUG: Executing processing module "Static" on analysis at "/opt/cuckoo/storage/analyses/4"
2018-02-20 18:36:02,642 [lib.cuckoo.core.plugins] DEBUG: Executing processing module "Strings" on analysis at "/opt/cuckoo/storage/analyses/4"
2018-02-20 18:36:02,642 [lib.cuckoo.core.plugins] DEBUG: Executing processing module "TargetInfo" on analysis at "/opt/cuckoo/storage/analyses/4"
2018-02-20 18:36:02,670 [lib.cuckoo.core.plugins] DEBUG: Executing processing module "VirusTotal" on analysis at "/opt/cuckoo/storage/analyses/4"
2018-02-20 18:36:04,995 [lib.cuckoo.core.plugins] DEBUG: Executing processing module "ProcessMemory" on analysis at "/opt/cuckoo/storage/analyses/4"
2018-02-20 18:36:05,043 [lib.cuckoo.core.plugins] DEBUG: Applying signature overlays for signatures: creates_exe
2018-02-20 18:36:05,043 [lib.cuckoo.core.plugins] DEBUG: Running 104 evented signatures
2018-02-20 18:36:05,043 [lib.cuckoo.core.plugins] DEBUG: |-- andromeda_behavior
2018-02-20 18:36:05,044 [lib.cuckoo.core.plugins] DEBUG: |-- antiav_avast_libs
2018-02-20 18:36:05,044 [lib.cuckoo.core.plugins] DEBUG: |-- antiav_bitdefender_libs
2018-02-20 18:36:05,044 [lib.cuckoo.core.plugins] DEBUG: |-- antiav_servicestop
2018-02-20 18:36:05,044 [lib.cuckoo.core.plugins] DEBUG: |-- antidbg_windows
2018-02-20 18:36:05,044 [lib.cuckoo.core.plugins] DEBUG: |-- antiemu_wine_func
2018-02-20 18:36:05,044 [lib.cuckoo.core.plugins] DEBUG: |-- antisandbox_cuckoo
2018-02-20 18:36:05,044 [lib.cuckoo.core.plugins] DEBUG: |-- antisandbox_mouse_hook
2018-02-20 18:36:05,044 [lib.cuckoo.core.plugins] DEBUG: |-- antisandbox_sboxie_libs
2018-02-20 18:36:05,044 [lib.cuckoo.core.plugins] DEBUG: |-- antisandbox_sboxie_objects
2018-02-20 18:36:05,045 [lib.cuckoo.core.plugins] DEBUG: |-- antisandbox_sleep
2018-02-20 18:36:05,045 [lib.cuckoo.core.plugins] DEBUG: |-- antisandbox_sunbelt_libs
2018-02-20 18:36:05,045 [lib.cuckoo.core.plugins] DEBUG: |-- antisandbox_suspend
2018-02-20 18:36:05,045 [lib.cuckoo.core.plugins] DEBUG: |-- antisandbox_unhook
2018-02-20 18:36:05,045 [lib.cuckoo.core.plugins] DEBUG: |-- antivm_directory_objects
2018-02-20 18:36:05,045 [lib.cuckoo.core.plugins] DEBUG: |-- antivm_generic_disk
2018-02-20 18:36:05,045 [lib.cuckoo.core.plugins] DEBUG: |-- antivm_generic_disk_setupapi
2018-02-20 18:36:05,045 [lib.cuckoo.core.plugins] DEBUG: |-- antivm_generic_scsi
2018-02-20 18:36:05,045 [lib.cuckoo.core.plugins] DEBUG: |-- antivm_generic_services
2018-02-20 18:36:05,046 [lib.cuckoo.core.plugins] DEBUG: |-- antivm_vbox_libs
2018-02-20 18:36:05,046 [lib.cuckoo.core.plugins] DEBUG: |-- antivm_vbox_provname
2018-02-20 18:36:05,046 [lib.cuckoo.core.plugins] DEBUG: |-- antivm_vbox_window
2018-02-20 18:36:05,046 [lib.cuckoo.core.plugins] DEBUG: |-- antivm_vmware_events
2018-02-20 18:36:05,046 [lib.cuckoo.core.plugins] DEBUG: |-- antivm_vmware_libs
2018-02-20 18:36:05,046 [lib.cuckoo.core.plugins] DEBUG: |-- geodo_banking_trojan
2018-02-20 18:36:05,046 [lib.cuckoo.core.plugins] DEBUG: |-- banker_prinimalka
2018-02-20 18:36:05,046 [lib.cuckoo.core.plugins] DEBUG: |-- betabot_behavior
2018-02-20 18:36:05,046 [lib.cuckoo.core.plugins] DEBUG: |-- bootkit
2018-02-20 18:36:05,046 [lib.cuckoo.core.plugins] DEBUG: |-- browser_scanbox
2018-02-20 18:36:05,047 [lib.cuckoo.core.plugins] DEBUG: |-- chimera_behavior
2018-02-20 18:36:05,047 [lib.cuckoo.core.plugins] DEBUG: |-- clickfraud_cookies
2018-02-20 18:36:05,047 [lib.cuckoo.core.plugins] DEBUG: |-- clickfraud_volume
2018-02-20 18:36:05,047 [lib.cuckoo.core.plugins] DEBUG: |-- creates_largekey
2018-02-20 18:36:05,047 [lib.cuckoo.core.plugins] DEBUG: |-- creates_nullvalue
2018-02-20 18:36:05,047 [lib.cuckoo.core.plugins] DEBUG: |-- critical_process
2018-02-20 18:36:05,047 [lib.cuckoo.core.plugins] DEBUG: |-- cryptowall_behavior
2018-02-20 18:36:05,047 [lib.cuckoo.core.plugins] DEBUG: |-- dead_link
2018-02-20 18:36:05,047 [lib.cuckoo.core.plugins] DEBUG: |-- debugs_self
2018-02-20 18:36:05,047 [lib.cuckoo.core.plugins] DEBUG: |-- deletes_self
2018-02-20 18:36:05,048 [lib.cuckoo.core.plugins] DEBUG: |-- deletes_shadow_copies
2018-02-20 18:36:05,048 [lib.cuckoo.core.plugins] DEBUG: |-- dep_bypass
2018-02-20 18:36:05,048 [lib.cuckoo.core.plugins] DEBUG: |-- dep_disable
2018-02-20 18:36:05,048 [lib.cuckoo.core.plugins] DEBUG: |-- disables_spdy
2018-02-20 18:36:05,048 [lib.cuckoo.core.plugins] DEBUG: |-- disables_wfp
2018-02-20 18:36:05,048 [lib.cuckoo.core.plugins] DEBUG: |-- dridex_behavior
2018-02-20 18:36:05,048 [lib.cuckoo.core.plugins] DEBUG: |-- driver_load
2018-02-20 18:36:05,048 [lib.cuckoo.core.plugins] DEBUG: |-- dyre_behavior
2018-02-20 18:36:05,048 [lib.cuckoo.core.plugins] DEBUG: |-- angler_js
2018-02-20 18:36:05,049 [lib.cuckoo.core.plugins] DEBUG: |-- gondad_js
2018-02-20 18:36:05,049 [lib.cuckoo.core.plugins] DEBUG: |-- heapspray_js
2018-02-20 18:36:05,049 [lib.cuckoo.core.plugins] DEBUG: |-- java_js
2018-02-20 18:36:05,049 [lib.cuckoo.core.plugins] DEBUG: |-- Neutrino_js
2018-02-20 18:36:05,049 [lib.cuckoo.core.plugins] DEBUG: |-- nuclear_js
2018-02-20 18:36:05,049 [lib.cuckoo.core.plugins] DEBUG: |-- rig_js
2018-02-20 18:36:05,049 [lib.cuckoo.core.plugins] DEBUG: |-- silverlight_js
2018-02-20 18:36:05,049 [lib.cuckoo.core.plugins] DEBUG: |-- virtualcheck_js
2018-02-20 18:36:05,049 [lib.cuckoo.core.plugins] DEBUG: |-- encrypted_ioc
2018-02-20 18:36:05,049 [lib.cuckoo.core.plugins] DEBUG: |-- exec_crash
2018-02-20 18:36:05,050 [lib.cuckoo.core.plugins] DEBUG: |-- generic_phish
2018-02-20 18:36:05,050 [lib.cuckoo.core.plugins] DEBUG: |-- hawkeye_behavior
2018-02-20 18:36:05,050 [lib.cuckoo.core.plugins] DEBUG: |-- infostealer_browser
2018-02-20 18:36:05,050 [lib.cuckoo.core.plugins] DEBUG: |-- infostealer_keylog
2018-02-20 18:36:05,050 [lib.cuckoo.core.plugins] DEBUG: |-- injection_createremotethread
2018-02-20 18:36:05,050 [lib.cuckoo.core.plugins] DEBUG: |-- injection_explorer
2018-02-20 18:36:05,050 [lib.cuckoo.core.plugins] DEBUG: |-- injection_needextension
2018-02-20 18:36:05,050 [lib.cuckoo.core.plugins] DEBUG: |-- injection_runpe
2018-02-20 18:36:05,050 [lib.cuckoo.core.plugins] DEBUG: |-- injection_rwx
2018-02-20 18:36:05,050 [lib.cuckoo.core.plugins] DEBUG: |-- internet_dropper
2018-02-20 18:36:05,051 [lib.cuckoo.core.plugins] DEBUG: |-- js_phish
2018-02-20 18:36:05,051 [lib.cuckoo.core.plugins] DEBUG: |-- kazybot_behavior
2018-02-20 18:36:05,051 [lib.cuckoo.core.plugins] DEBUG: |-- kibex_behavior
2018-02-20 18:36:05,051 [lib.cuckoo.core.plugins] DEBUG: |-- mimics_agent
2018-02-20 18:36:05,051 [lib.cuckoo.core.plugins] DEBUG: |-- mimics_filetime
2018-02-20 18:36:05,051 [lib.cuckoo.core.plugins] DEBUG: |-- multiple_useragents
2018-02-20 18:36:05,051 [lib.cuckoo.core.plugins] DEBUG: |-- network_anomaly
2018-02-20 18:36:05,051 [lib.cuckoo.core.plugins] DEBUG: |-- network_bind
2018-02-20 18:36:05,051 [lib.cuckoo.core.plugins] DEBUG: |-- network_tor
2018-02-20 18:36:05,052 [lib.cuckoo.core.plugins] DEBUG: |-- office_dl_write_exe
2018-02-20 18:36:05,052 [lib.cuckoo.core.plugins] DEBUG: |-- packer_themida
2018-02-20 18:36:05,052 [lib.cuckoo.core.plugins] DEBUG: |-- persistence_autorun
2018-02-20 18:36:05,052 [lib.cuckoo.core.plugins] DEBUG: |-- pony_behavior
2018-02-20 18:36:05,052 [lib.cuckoo.core.plugins] DEBUG: |-- powershell_command
2018-02-20 18:36:05,052 [lib.cuckoo.core.plugins] DEBUG: |-- process_interest
2018-02-20 18:36:05,052 [lib.cuckoo.core.plugins] DEBUG: |-- process_needed
2018-02-20 18:36:05,052 [lib.cuckoo.core.plugins] DEBUG: |-- reads_self
2018-02-20 18:36:05,052 [lib.cuckoo.core.plugins] DEBUG: |-- recon_beacon
2018-02-20 18:36:05,052 [lib.cuckoo.core.plugins] DEBUG: |-- recon_systeminfo
2018-02-20 18:36:05,053 [lib.cuckoo.core.plugins] DEBUG: |-- removes_zoneid_ads
2018-02-20 18:36:05,053 [lib.cuckoo.core.plugins] DEBUG: |-- secure_login_phish
2018-02-20 18:36:05,053 [lib.cuckoo.core.plugins] DEBUG: |-- sets_autoconfig_url
2018-02-20 18:36:05,053 [lib.cuckoo.core.plugins] DEBUG: |-- shifu_behavior
2018-02-20 18:36:05,053 [lib.cuckoo.core.plugins] DEBUG: |-- spoofs_procname
2018-02-20 18:36:05,053 [lib.cuckoo.core.plugins] DEBUG: |-- stack_pivot
2018-02-20 18:36:05,053 [lib.cuckoo.core.plugins] DEBUG: |-- stealth_childproc
2018-02-20 18:36:05,053 [lib.cuckoo.core.plugins] DEBUG: |-- stealth_file
2018-02-20 18:36:05,053 [lib.cuckoo.core.plugins] DEBUG: |-- stealth_network
2018-02-20 18:36:05,053 [lib.cuckoo.core.plugins] DEBUG: |-- stealth_timeout
2018-02-20 18:36:05,054 [lib.cuckoo.core.plugins] DEBUG: |-- stealth_window
2018-02-20 18:36:05,054 [lib.cuckoo.core.plugins] DEBUG: |-- tinba_behavior
2018-02-20 18:36:05,054 [lib.cuckoo.core.plugins] DEBUG: |-- upatre_behavior
2018-02-20 18:36:05,054 [lib.cuckoo.core.plugins] DEBUG: |-- vawtrak_behavior
2018-02-20 18:36:05,054 [lib.cuckoo.core.plugins] DEBUG: |-- vawtrak_behavior
2018-02-20 18:36:05,054 [lib.cuckoo.core.plugins] DEBUG: |-- virus
2018-02-20 18:36:05,054 [lib.cuckoo.core.plugins] DEBUG: `-- webmail_phish
2018-02-20 18:36:05,066 [lib.cuckoo.core.plugins] DEBUG: Running non-evented signatures
2018-02-20 18:36:05,067 [lib.cuckoo.core.plugins] DEBUG: Running signature "andromeda_behavior"
2018-02-20 18:36:05,067 [lib.cuckoo.core.plugins] DEBUG: Running signature "antianalysis_detectfile"
2018-02-20 18:36:05,068 [lib.cuckoo.core.plugins] DEBUG: Running signature "antianalysis_detectreg"
2018-02-20 18:36:05,070 [lib.cuckoo.core.plugins] DEBUG: Running signature "antiav_avast_libs"
2018-02-20 18:36:05,070 [lib.cuckoo.core.plugins] DEBUG: Running signature "antiav_bitdefender_libs"
2018-02-20 18:36:05,071 [lib.cuckoo.core.plugins] DEBUG: Running signature "antiav_detectfile"
2018-02-20 18:36:05,075 [lib.cuckoo.core.plugins] DEBUG: Running signature "antiav_detectreg"
2018-02-20 18:36:05,085 [lib.cuckoo.core.plugins] DEBUG: Running signature "antiav_servicestop"
2018-02-20 18:36:05,086 [lib.cuckoo.core.plugins] DEBUG: Running signature "antiav_srp"
2018-02-20 18:36:05,086 [lib.cuckoo.core.plugins] DEBUG: Running signature "antidbg_devices"
2018-02-20 18:36:05,087 [lib.cuckoo.core.plugins] DEBUG: Running signature "antidbg_windows"
2018-02-20 18:36:05,087 [lib.cuckoo.core.plugins] DEBUG: Running signature "antiemu_wine_reg"
2018-02-20 18:36:05,087 [lib.cuckoo.core.plugins] DEBUG: Running signature "antiemu_wine_func"
2018-02-20 18:36:05,087 [lib.cuckoo.core.plugins] DEBUG: Running signature "antisandbox_cuckoo"
2018-02-20 18:36:05,087 [lib.cuckoo.core.plugins] DEBUG: Running signature "antisandbox_joe_anubis_files"
2018-02-20 18:36:05,088 [lib.cuckoo.core.plugins] DEBUG: Running signature "antisandbox_mouse_hook"
2018-02-20 18:36:05,088 [lib.cuckoo.core.plugins] DEBUG: Running signature "antisandbox_productid"
2018-02-20 18:36:05,088 [lib.cuckoo.core.plugins] DEBUG: Running signature "antisandbox_sboxie_libs"
2018-02-20 18:36:05,088 [lib.cuckoo.core.plugins] DEBUG: Running signature "antisandbox_sboxie_mutex"
2018-02-20 18:36:05,089 [lib.cuckoo.core.plugins] DEBUG: Running signature "antisandbox_sboxie_objects"
2018-02-20 18:36:05,089 [lib.cuckoo.core.plugins] DEBUG: Running signature "antisandbox_sleep"
2018-02-20 18:36:05,089 [lib.cuckoo.core.plugins] DEBUG: Running signature "antisandbox_sunbelt_files"
2018-02-20 18:36:05,089 [lib.cuckoo.core.plugins] DEBUG: Running signature "antisandbox_sunbelt_libs"
2018-02-20 18:36:05,090 [lib.cuckoo.core.plugins] DEBUG: Running signature "antisandbox_suspend"
2018-02-20 18:36:05,090 [lib.cuckoo.core.plugins] DEBUG: Running signature "antisandbox_unhook"
2018-02-20 18:36:05,090 [lib.cuckoo.core.plugins] DEBUG: Running signature "antivirus_virustotal"
2018-02-20 18:36:05,090 [lib.cuckoo.core.plugins] DEBUG: Running signature "antivm_directory_objects"
2018-02-20 18:36:05,090 [lib.cuckoo.core.plugins] DEBUG: Running signature "antivm_generic_bios"
2018-02-20 18:36:05,091 [lib.cuckoo.core.plugins] DEBUG: Running signature "antivm_generic_cpu"
2018-02-20 18:36:05,091 [lib.cuckoo.core.plugins] DEBUG: Running signature "antivm_generic_disk"
2018-02-20 18:36:05,091 [lib.cuckoo.core.plugins] DEBUG: Running signature "antivm_generic_disk_setupapi"
2018-02-20 18:36:05,091 [lib.cuckoo.core.plugins] DEBUG: Running signature "antivm_generic_diskreg"
2018-02-20 18:36:05,092 [lib.cuckoo.core.plugins] DEBUG: Running signature "antivm_generic_scsi"
2018-02-20 18:36:05,092 [lib.cuckoo.core.plugins] DEBUG: Running signature "antivm_generic_services"
2018-02-20 18:36:05,092 [lib.cuckoo.core.plugins] DEBUG: Running signature "antivm_generic_system"
2018-02-20 18:36:05,093 [lib.cuckoo.core.plugins] DEBUG: Running signature "antivm_vbox_acpi"
2018-02-20 18:36:05,093 [lib.cuckoo.core.plugins] DEBUG: Running signature "antivm_vbox_devices"
2018-02-20 18:36:05,093 [lib.cuckoo.core.plugins] DEBUG: Running signature "antivm_vbox_files"
2018-02-20 18:36:05,095 [lib.cuckoo.core.plugins] DEBUG: Running signature "antivm_vbox_keys"
2018-02-20 18:36:05,096 [lib.cuckoo.core.plugins] DEBUG: Running signature "antivm_vbox_libs"
2018-02-20 18:36:05,096 [lib.cuckoo.core.plugins] DEBUG: Running signature "antivm_vbox_provname"
2018-02-20 18:36:05,096 [lib.cuckoo.core.plugins] DEBUG: Running signature "antivm_vbox_window"
2018-02-20 18:36:05,096 [lib.cuckoo.core.plugins] DEBUG: Running signature "antivm_vmware_devices"
2018-02-20 18:36:05,096 [lib.cuckoo.core.plugins] DEBUG: Running signature "antivm_vmware_events"
2018-02-20 18:36:05,097 [lib.cuckoo.core.plugins] DEBUG: Running signature "antivm_vmware_files"
2018-02-20 18:36:05,097 [lib.cuckoo.core.plugins] DEBUG: Running signature "antivm_vmware_keys"
2018-02-20 18:36:05,098 [lib.cuckoo.core.plugins] DEBUG: Running signature "antivm_vmware_libs"
2018-02-20 18:36:05,098 [lib.cuckoo.core.plugins] DEBUG: Running signature "antivm_vmware_mutexes"
2018-02-20 18:36:05,098 [lib.cuckoo.core.plugins] DEBUG: Running signature "antivm_vpc_files"
2018-02-20 18:36:05,099 [lib.cuckoo.core.plugins] DEBUG: Running signature "antivm_vpc_keys"
2018-02-20 18:36:05,099 [lib.cuckoo.core.plugins] DEBUG: Running signature "antivm_vpc_mutex"
2018-02-20 18:36:05,099 [lib.cuckoo.core.plugins] DEBUG: Running signature "bad_certs"
2018-02-20 18:36:05,099 [lib.cuckoo.core.plugins] DEBUG: Running signature "bad_ssl_certs"
2018-02-20 18:36:05,100 [lib.cuckoo.core.plugins] DEBUG: Running signature "banker_cridex"
2018-02-20 18:36:05,100 [lib.cuckoo.core.plugins] DEBUG: Running signature "geodo_banking_trojan"
2018-02-20 18:36:05,102 [lib.cuckoo.core.plugins] DEBUG: Running signature "banker_prinimalka"
2018-02-20 18:36:05,102 [lib.cuckoo.core.plugins] DEBUG: Running signature "banker_spyeye_mutexes"
2018-02-20 18:36:05,103 [lib.cuckoo.core.plugins] DEBUG: Running signature "banker_zeus_mutex"
2018-02-20 18:36:05,104 [lib.cuckoo.core.plugins] DEBUG: Running signature "banker_zeus_p2p"
2018-02-20 18:36:05,104 [lib.cuckoo.core.plugins] DEBUG: Running signature "banker_zeus_url"
2018-02-20 18:36:05,104 [lib.cuckoo.core.plugins] DEBUG: Running signature "betabot_behavior"
2018-02-20 18:36:05,105 [lib.cuckoo.core.plugins] DEBUG: Running signature "bitcoin_opencl"
2018-02-20 18:36:05,105 [lib.cuckoo.core.plugins] DEBUG: Running signature "bootkit"
2018-02-20 18:36:05,105 [lib.cuckoo.core.plugins] DEBUG: Running signature "bot_athenahttp"
2018-02-20 18:36:05,106 [lib.cuckoo.core.plugins] DEBUG: Running signature "bot_dirtjumper"
2018-02-20 18:36:05,106 [lib.cuckoo.core.plugins] DEBUG: Running signature "bot_drive"
2018-02-20 18:36:05,107 [lib.cuckoo.core.plugins] DEBUG: Running signature "bot_drive2"
2018-02-20 18:36:05,108 [lib.cuckoo.core.plugins] DEBUG: Running signature "bot_madness"
2018-02-20 18:36:05,109 [lib.cuckoo.core.plugins] DEBUG: Running signature "bot_russkill"
2018-02-20 18:36:05,109 [lib.cuckoo.core.plugins] DEBUG: Running signature "browser_addon"
2018-02-20 18:36:05,110 [lib.cuckoo.core.plugins] DEBUG: Running signature "browser_helper_object"
2018-02-20 18:36:05,110 [lib.cuckoo.core.plugins] DEBUG: Running signature "modify_proxy"
2018-02-20 18:36:05,112 [lib.cuckoo.core.plugins] DEBUG: Running signature "browser_scanbox"
2018-02-20 18:36:05,112 [lib.cuckoo.core.plugins] DEBUG: Running signature "browser_security"
2018-02-20 18:36:05,115 [lib.cuckoo.core.plugins] DEBUG: Running signature "browser_startpage"
2018-02-20 18:36:05,116 [lib.cuckoo.core.plugins] DEBUG: Running signature "bypass_firewall"
2018-02-20 18:36:05,116 [lib.cuckoo.core.plugins] DEBUG: Running signature "carberp_mutex"
2018-02-20 18:36:05,117 [lib.cuckoo.core.plugins] DEBUG: Running signature "chimera_behavior"
2018-02-20 18:36:05,117 [lib.cuckoo.core.plugins] DEBUG: Running signature "clickfraud_cookies"
2018-02-20 18:36:05,117 [lib.cuckoo.core.plugins] DEBUG: Running signature "clickfraud_volume"
2018-02-20 18:36:05,117 [lib.cuckoo.core.plugins] DEBUG: Running signature "copies_self"
2018-02-20 18:36:05,117 [lib.cuckoo.core.plugins] DEBUG: Running signature "creates_largekey"
2018-02-20 18:36:05,117 [lib.cuckoo.core.plugins] DEBUG: Running signature "creates_nullvalue"
2018-02-20 18:36:05,117 [lib.cuckoo.core.plugins] DEBUG: Running signature "critical_process"
2018-02-20 18:36:05,118 [lib.cuckoo.core.plugins] DEBUG: Running signature "cryptowall_behavior"
2018-02-20 18:36:05,118 [lib.cuckoo.core.plugins] DEBUG: Running signature "darkcomet_regkeys"
2018-02-20 18:36:05,118 [lib.cuckoo.core.plugins] DEBUG: Running signature "dead_link"
2018-02-20 18:36:05,118 [lib.cuckoo.core.plugins] DEBUG: Running signature "debugs_self"
2018-02-20 18:36:05,119 [lib.cuckoo.core.plugins] DEBUG: Running signature "deepfreeze_mutex"
2018-02-20 18:36:05,119 [lib.cuckoo.core.plugins] DEBUG: Running signature "deletes_self"
2018-02-20 18:36:05,119 [lib.cuckoo.core.plugins] DEBUG: Running signature "deletes_shadow_copies"
2018-02-20 18:36:05,119 [lib.cuckoo.core.plugins] DEBUG: Running signature "dep_bypass"
2018-02-20 18:36:05,119 [lib.cuckoo.core.plugins] DEBUG: Running signature "dep_disable"
2018-02-20 18:36:05,119 [lib.cuckoo.core.plugins] DEBUG: Running signature "disables_browser_warn"
2018-02-20 18:36:05,122 [lib.cuckoo.core.plugins] DEBUG: Running signature "disables_spdy"
2018-02-20 18:36:05,122 [lib.cuckoo.core.plugins] DEBUG: Running signature "disables_system_restore"
2018-02-20 18:36:05,123 [lib.cuckoo.core.plugins] DEBUG: Running signature "disables_uac"
2018-02-20 18:36:05,123 [lib.cuckoo.core.plugins] DEBUG: Running signature "disables_wer"
2018-02-20 18:36:05,124 [lib.cuckoo.core.plugins] DEBUG: Running signature "disables_wfp"
2018-02-20 18:36:05,124 [lib.cuckoo.core.plugins] DEBUG: Running signature "disables_windowsupdate"
2018-02-20 18:36:05,125 [lib.cuckoo.core.plugins] DEBUG: Running signature "downloader_cabby"
2018-02-20 18:36:05,125 [lib.cuckoo.core.plugins] DEBUG: Running signature "dridex_behavior"
2018-02-20 18:36:05,125 [lib.cuckoo.core.plugins] DEBUG: Running signature "driver_load"
2018-02-20 18:36:05,125 [lib.cuckoo.core.plugins] DEBUG: Running signature "dropper"
2018-02-20 18:36:05,125 [lib.cuckoo.core.plugins] DEBUG: Running signature "dyre_behavior"
2018-02-20 18:36:05,125 [lib.cuckoo.core.plugins] DEBUG: Running signature "angler_js"
2018-02-20 18:36:05,126 [lib.cuckoo.core.plugins] DEBUG: Running signature "gondad_js"
2018-02-20 18:36:05,126 [lib.cuckoo.core.plugins] DEBUG: Running signature "heapspray_js"
2018-02-20 18:36:05,126 [lib.cuckoo.core.plugins] DEBUG: Running signature "java_js"
2018-02-20 18:36:05,126 [lib.cuckoo.core.plugins] DEBUG: Running signature "Neutrino_js"
2018-02-20 18:36:05,126 [lib.cuckoo.core.plugins] DEBUG: Running signature "nuclear_js"
2018-02-20 18:36:05,126 [lib.cuckoo.core.plugins] DEBUG: Running signature "rig_js"
2018-02-20 18:36:05,126 [lib.cuckoo.core.plugins] DEBUG: Running signature "silverlight_js"
2018-02-20 18:36:05,127 [lib.cuckoo.core.plugins] DEBUG: Running signature "virtualcheck_js"
2018-02-20 18:36:05,127 [lib.cuckoo.core.plugins] DEBUG: Running signature "encrypted_ioc"
2018-02-20 18:36:05,127 [lib.cuckoo.core.plugins] DEBUG: Running signature "exec_crash"
2018-02-20 18:36:05,127 [lib.cuckoo.core.plugins] DEBUG: Running signature "generic_phish"
2018-02-20 18:36:05,128 [lib.cuckoo.core.plugins] DEBUG: Running signature "hawkeye_behavior"
2018-02-20 18:36:05,128 [lib.cuckoo.core.plugins] DEBUG: Running signature "infostealer_bitcoin"
2018-02-20 18:36:05,131 [lib.cuckoo.core.plugins] DEBUG: Running signature "infostealer_browser"
2018-02-20 18:36:05,131 [lib.cuckoo.core.plugins] DEBUG: Running signature "infostealer_ftp"
2018-02-20 18:36:05,136 [lib.cuckoo.core.plugins] DEBUG: Running signature "infostealer_im"
2018-02-20 18:36:05,139 [lib.cuckoo.core.plugins] DEBUG: Running signature "infostealer_keylog"
2018-02-20 18:36:05,139 [lib.cuckoo.core.plugins] DEBUG: Running signature "infostealer_mail"
2018-02-20 18:36:05,142 [lib.cuckoo.core.plugins] DEBUG: Running signature "injection_createremotethread"
2018-02-20 18:36:05,142 [lib.cuckoo.core.plugins] DEBUG: Running signature "injection_explorer"
2018-02-20 18:36:05,142 [lib.cuckoo.core.plugins] DEBUG: Running signature "injection_needextension"
2018-02-20 18:36:05,143 [lib.cuckoo.core.plugins] DEBUG: Running signature "injection_runpe"
2018-02-20 18:36:05,143 [lib.cuckoo.core.plugins] DEBUG: Running signature "injection_rwx"
2018-02-20 18:36:05,143 [lib.cuckoo.core.plugins] DEBUG: Running signature "internet_dropper"
2018-02-20 18:36:05,143 [lib.cuckoo.core.plugins] DEBUG: Running signature "js_phish"
2018-02-20 18:36:05,143 [lib.cuckoo.core.plugins] DEBUG: Running signature "kazybot_behavior"
2018-02-20 18:36:05,143 [lib.cuckoo.core.plugins] DEBUG: Running signature "kibex_behavior"
2018-02-20 18:36:05,143 [lib.cuckoo.core.plugins] DEBUG: Running signature "bot_kraken_mutexes"
2018-02-20 18:36:05,144 [lib.cuckoo.core.plugins] DEBUG: Running signature "locker_regedit"
2018-02-20 18:36:05,144 [lib.cuckoo.core.plugins] DEBUG: Running signature "locker_taskmgr"
2018-02-20 18:36:05,145 [lib.cuckoo.core.plugins] DEBUG: Running signature "ie_martian_children"
2018-02-20 18:36:05,145 [lib.cuckoo.core.plugins] DEBUG: Running signature "mimics_agent"
2018-02-20 18:36:05,145 [lib.cuckoo.core.plugins] DEBUG: Running signature "mimics_extension"
2018-02-20 18:36:05,145 [lib.cuckoo.core.plugins] DEBUG: Running signature "mimics_filetime"
2018-02-20 18:36:05,146 [lib.cuckoo.core.plugins] DEBUG: Running signature "mimics_icon"
2018-02-20 18:36:05,146 [lib.cuckoo.core.plugins] DEBUG: Running signature "modifies_certs"
2018-02-20 18:36:05,146 [lib.cuckoo.core.plugins] DEBUG: Running signature "modifies_hostfile"
2018-02-20 18:36:05,146 [lib.cuckoo.core.plugins] DEBUG: Running signature "modify_security_center_warnings"
2018-02-20 18:36:05,147 [lib.cuckoo.core.plugins] DEBUG: Running signature "modify_uac_prompt"
2018-02-20 18:36:05,148 [lib.cuckoo.core.plugins] DEBUG: Running signature "multiple_useragents"
2018-02-20 18:36:05,148 [lib.cuckoo.core.plugins] DEBUG: Running signature "network_anomaly"
2018-02-20 18:36:05,149 [lib.cuckoo.core.plugins] DEBUG: Running signature "network_bind"
2018-02-20 18:36:05,149 [lib.cuckoo.core.plugins] DEBUG: Running signature "network_cnc_http"
2018-02-20 18:36:05,149 [lib.cuckoo.core.plugins] DEBUG: Running signature "network_dga"
2018-02-20 18:36:05,149 [lib.cuckoo.core.plugins] DEBUG: Running signature "network_http"
2018-02-20 18:36:05,149 [lib.cuckoo.core.plugins] DEBUG: Running signature "network_icmp"
2018-02-20 18:36:05,149 [lib.cuckoo.core.plugins] DEBUG: Running signature "network_irc"
2018-02-20 18:36:05,149 [lib.cuckoo.core.plugins] DEBUG: Running signature "network_smtp"
2018-02-20 18:36:05,150 [lib.cuckoo.core.plugins] DEBUG: Running signature "network_tor"
2018-02-20 18:36:05,150 [lib.cuckoo.core.plugins] DEBUG: Running signature "network_tor_service"
2018-02-20 18:36:05,150 [lib.cuckoo.core.plugins] DEBUG: Running signature "network_torgateway"
2018-02-20 18:36:05,153 [lib.cuckoo.core.plugins] DEBUG: Running signature "office_dl_write_exe"
2018-02-20 18:36:05,153 [lib.cuckoo.core.plugins] DEBUG: Running signature "office_macro"
2018-02-20 18:36:05,153 [lib.cuckoo.core.plugins] DEBUG: Running signature "office_security"
2018-02-20 18:36:05,154 [lib.cuckoo.core.plugins] DEBUG: Running signature "office_suspicious"
2018-02-20 18:36:05,154 [lib.cuckoo.core.plugins] DEBUG: Running signature "origin_langid"
2018-02-20 18:36:05,154 [lib.cuckoo.core.plugins] DEBUG: Running signature "origin_resource_langid"
2018-02-20 18:36:05,154 [lib.cuckoo.core.plugins] DEBUG: Running signature "packer_armadillo_mutex"
2018-02-20 18:36:05,154 [lib.cuckoo.core.plugins] DEBUG: Running signature "packer_armadillo_regkey"
2018-02-20 18:36:05,155 [lib.cuckoo.core.plugins] DEBUG: Running signature "packer_entropy"
2018-02-20 18:36:05,155 [lib.cuckoo.core.plugins] DEBUG: Running signature "packer_themida"
2018-02-20 18:36:05,155 [lib.cuckoo.core.plugins] DEBUG: Running signature "packer_upx"
2018-02-20 18:36:05,155 [lib.cuckoo.core.plugins] DEBUG: Running signature "packer_vmprotect"
2018-02-20 18:36:05,155 [lib.cuckoo.core.plugins] DEBUG: Running signature "pdf_annot_urls"
2018-02-20 18:36:05,155 [lib.cuckoo.core.plugins] DEBUG: Running signature "pdf_eof"
2018-02-20 18:36:05,156 [lib.cuckoo.core.plugins] DEBUG: Running signature "pdf_page"
2018-02-20 18:36:05,156 [lib.cuckoo.core.plugins] DEBUG: Running signature "persistence_ads"
2018-02-20 18:36:05,156 [lib.cuckoo.core.plugins] DEBUG: Running signature "persistence_autorun"
2018-02-20 18:36:05,156 [lib.cuckoo.core.plugins] DEBUG: Running signature "persistence_service"
2018-02-20 18:36:05,156 [lib.cuckoo.core.plugins] DEBUG: Running signature "polymorphic"
2018-02-20 18:36:05,156 [lib.cuckoo.core.plugins] DEBUG: Running signature "pony_behavior"
2018-02-20 18:36:05,156 [lib.cuckoo.core.plugins] DEBUG: Running signature "powershell_command"
2018-02-20 18:36:05,157 [lib.cuckoo.core.plugins] DEBUG: Running signature "prevents_safeboot"
2018-02-20 18:36:05,157 [lib.cuckoo.core.plugins] DEBUG: Running signature "process_interest"
2018-02-20 18:36:05,157 [lib.cuckoo.core.plugins] DEBUG: Running signature "process_needed"
2018-02-20 18:36:05,157 [lib.cuckoo.core.plugins] DEBUG: Running signature "procmem_yara"
2018-02-20 18:36:05,157 [lib.cuckoo.core.plugins] DEBUG: Running signature "ransomware_extensions"
2018-02-20 18:36:05,158 [lib.cuckoo.core.plugins] DEBUG: Running signature "ransomware_files"
2018-02-20 18:36:05,160 [lib.cuckoo.core.plugins] DEBUG: Running signature "ransomware_recyclebin"
2018-02-20 18:36:05,160 [lib.cuckoo.core.plugins] DEBUG: Running signature "rat_beebus_mutexes"
2018-02-20 18:36:05,160 [lib.cuckoo.core.plugins] DEBUG: Running signature "rat_fynloski_mutexes"
2018-02-20 18:36:05,161 [lib.cuckoo.core.plugins] DEBUG: Running signature "rat_pcclient"
2018-02-20 18:36:05,161 [lib.cuckoo.core.plugins] DEBUG: Running signature "rat_plugx_mutexes"
2018-02-20 18:36:05,162 [lib.cuckoo.core.plugins] DEBUG: Running signature "rat_poisonivy_mutexes"
2018-02-20 18:36:05,162 [lib.cuckoo.core.plugins] DEBUG: Running signature "rat_spynet"
2018-02-20 18:36:05,162 [lib.cuckoo.core.plugins] DEBUG: Running signature "rat_xtreme_mutexes"
2018-02-20 18:36:05,163 [lib.cuckoo.core.plugins] DEBUG: Running signature "reads_self"
2018-02-20 18:36:05,163 [lib.cuckoo.core.plugins] DEBUG: Running signature "recon_beacon"
2018-02-20 18:36:05,163 [lib.cuckoo.core.plugins] DEBUG: Running signature "recon_checkip"
2018-02-20 18:36:05,163 [lib.cuckoo.core.plugins] DEBUG: Running signature "recon_fingerprint"
2018-02-20 18:36:05,164 [lib.cuckoo.core.plugins] DEBUG: Running signature "recon_programs"
2018-02-20 18:36:05,164 [lib.cuckoo.core.plugins] DEBUG: Running signature "recon_systeminfo"
2018-02-20 18:36:05,165 [lib.cuckoo.core.plugins] DEBUG: Running signature "removes_zoneid_ads"
2018-02-20 18:36:05,165 [lib.cuckoo.core.plugins] DEBUG: Running signature "secure_login_phish"
2018-02-20 18:36:05,165 [lib.cuckoo.core.plugins] DEBUG: Running signature "sets_autoconfig_url"
2018-02-20 18:36:05,165 [lib.cuckoo.core.plugins] DEBUG: Running signature "shifu_behavior"
2018-02-20 18:36:05,165 [lib.cuckoo.core.plugins] DEBUG: Running signature "sniffer_winpcap"
2018-02-20 18:36:05,166 [lib.cuckoo.core.plugins] DEBUG: Running signature "spoofs_procname"
2018-02-20 18:36:05,166 [lib.cuckoo.core.plugins] DEBUG: Running signature "spreading_autoruninf"
2018-02-20 18:36:05,166 [lib.cuckoo.core.plugins] DEBUG: Running signature "stack_pivot"
2018-02-20 18:36:05,166 [lib.cuckoo.core.plugins] DEBUG: Running signature "static_authenticode"
2018-02-20 18:36:05,166 [lib.cuckoo.core.plugins] DEBUG: Running signature "static_java"
2018-02-20 18:36:05,166 [lib.cuckoo.core.plugins] DEBUG: Running signature "static_pe_anomaly"
2018-02-20 18:36:05,167 [lib.cuckoo.core.plugins] DEBUG: Running signature "static_rat_config"
2018-02-20 18:36:05,167 [lib.cuckoo.core.plugins] DEBUG: Running signature "static_versioninfo_anomaly"
2018-02-20 18:36:05,167 [lib.cuckoo.core.plugins] DEBUG: Running signature "stealth_childproc"
2018-02-20 18:36:05,167 [lib.cuckoo.core.plugins] DEBUG: Running signature "stealth_file"
2018-02-20 18:36:05,167 [lib.cuckoo.core.plugins] DEBUG: Running signature "stealth_hiddenreg"
2018-02-20 18:36:05,168 [lib.cuckoo.core.plugins] DEBUG: Running signature "stealth_hide_notifications"
2018-02-20 18:36:05,169 [lib.cuckoo.core.plugins] DEBUG: Running signature "stealth_network"
2018-02-20 18:36:05,169 [lib.cuckoo.core.plugins] DEBUG: Running signature "stealth_timeout"
2018-02-20 18:36:05,169 [lib.cuckoo.core.plugins] DEBUG: Running signature "stealth_webhistory"
2018-02-20 18:36:05,169 [lib.cuckoo.core.plugins] DEBUG: Running signature "stealth_window"
2018-02-20 18:36:05,170 [lib.cuckoo.core.plugins] DEBUG: Running signature "suricata_alert"
2018-02-20 18:36:05,170 [lib.cuckoo.core.plugins] DEBUG: Running signature "targeted_flame"
2018-02-20 18:36:05,170 [lib.cuckoo.core.plugins] DEBUG: Running signature "tinba_behavior"
2018-02-20 18:36:05,170 [lib.cuckoo.core.plugins] DEBUG: Running signature "fleercivet_mutex"
2018-02-20 18:36:05,171 [lib.cuckoo.core.plugins] DEBUG: Running signature "upatre_behavior"
2018-02-20 18:36:05,171 [lib.cuckoo.core.plugins] DEBUG: Running signature "vawtrak_behavior"
2018-02-20 18:36:05,171 [lib.cuckoo.core.plugins] DEBUG: Running signature "vawtrak_behavior"
2018-02-20 18:36:05,171 [lib.cuckoo.core.plugins] DEBUG: Running signature "virus"
2018-02-20 18:36:05,171 [lib.cuckoo.core.plugins] DEBUG: Running signature "volatility_devicetree_1"
2018-02-20 18:36:05,171 [lib.cuckoo.core.plugins] DEBUG: Running signature "volatility_handles_1"
2018-02-20 18:36:05,172 [lib.cuckoo.core.plugins] DEBUG: Running signature "volatility_ldrmodules_1"
2018-02-20 18:36:05,172 [lib.cuckoo.core.plugins] DEBUG: Running signature "volatility_ldrmodules_2"
2018-02-20 18:36:05,172 [lib.cuckoo.core.plugins] DEBUG: Running signature "volatility_malfind_1"
2018-02-20 18:36:05,172 [lib.cuckoo.core.plugins] DEBUG: Running signature "volatility_malfind_2"
2018-02-20 18:36:05,172 [lib.cuckoo.core.plugins] DEBUG: Running signature "volatility_modscan_1"
2018-02-20 18:36:05,172 [lib.cuckoo.core.plugins] DEBUG: Running signature "volatility_svcscan_1"
2018-02-20 18:36:05,172 [lib.cuckoo.core.plugins] DEBUG: Running signature "volatility_svcscan_2"
2018-02-20 18:36:05,173 [lib.cuckoo.core.plugins] DEBUG: Running signature "volatility_svcscan_3"
2018-02-20 18:36:05,173 [lib.cuckoo.core.plugins] DEBUG: Running signature "webmail_phish"
2018-02-20 18:36:05,173 [lib.cuckoo.core.plugins] DEBUG: Running signature "whois_create"
2018-02-20 18:36:05,175 [lib.cuckoo.core.plugins] DEBUG: Reporting module iocaware_stix not found in configuration file
2018-02-20 18:36:05,176 [lib.cuckoo.core.plugins] DEBUG: Executing reporting module "JsonDump"
2018-02-20 18:36:05,188 [lib.cuckoo.core.plugins] DEBUG: Executing reporting module "Malheur"
2018-02-20 18:36:05,414 [lib.cuckoo.core.plugins] DEBUG: Executing reporting module "MongoDB"
2018-02-20 18:36:05,652 [lib.cuckoo.core.scheduler] INFO: Task #4: reports generation completed (path=/opt/cuckoo/storage/analyses/4)
2018-02-20 18:36:05,742 [lib.cuckoo.core.scheduler] INFO: Task #4: analysis procedure completed