All pastes #2099607 Raw Edit

cuckoo

public text v1 · immutable
#2099607 ·published 2012-01-05 16:51 UTC
rendered paste body
# Cuckoo Sandbox - Automated Malware Analysis
# Copyright (C) 2010-2011  Claudio "nex" Guarnieri (nex@cuckoobox.org)
# http://www.cuckoobox.org
#
# This file is part of Cuckoo.
#
# Cuckoo is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# Cuckoo is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program.  If not, see http://www.gnu.org/licenses/.

[Logging]
# Enable/Disable additional debugging messages. This messages won't wrote to
# log file but just printed on screen. [on/off]
debug = off

[Analysis]
# This is the actual analysis timeout (expressed in seconds). This represents
# the default timeout performed by analysis core if none is specified.
analysis_timeout = 150
# Watchdog timeout (expressed in seconds) for analysis execution to complete, 
# when this timeout gets hit, current execution is aborted and virtual machine 
# is restored and freed.
watchdog_timeout = 600
# Specify here the path where analysis results shall be stored.
results_path = analysis/

[Processing]
# Specify here the interpreter path to be used to launch the script.
interpreter = /usr/bin/python
# Specify here the path to the analysis results processing script.
processor = processor.py

[Sniffer]
# Enable or disable the following option by assigning a True or False value.
# In case you decide to disable it, you're supposed to either not have any
# network dump or to used VirtualBox's (or any other virtualization engine
# you are using) to handle the network monitoring instead of using an external
# sniffer such as tcpdump. [on/off]
sniffer = off
# Path to the sniffer (tcpdump) binary.
path = /usr/sbin/tcpdump
# This specifies the network interface where the sniffer will bind to in order
# to monitor virtual machines' generated traffic.
interface = eth0

[VirtualMachines]
# Virtualization product.
engine = VirtualBox
# List virtual machines IDs separated by commas.
enabled = sandbox_1
# Set to "gui" if you want Cuckoo to spawn virtual machines' GUIs or set to
# "headless" if you don't.
mode = gui
# Path to local Python installation on guest machines. Please be sure to have
# correctly set this value as it's critical to Cuckoo's proper execution.
python = C:\Python27\python.exe

[sandbox_1]
name = sandbox_1
username = 
password = 
# Please notice that the shared folder name must coincide with the current
# virtual machine id, which is the name you assigned between the square
# brackets (e.g. [cuckoo1]).
share = shares/cuckoo1