We'd love to hear about it! Click here to go to the product suggestion community
1 week ago while browsing the web I ended up finding this wonderful software called "Sandboxie".I installed it on my computer and started testing with different viruses. It simply magnifies the way you can control programs executed within the sandbox. Yesterday I was testing a virus called "000.exe" inside a sandbox, sandboxie does an excellent job containing 000.exe and does not cause problems on my real pc, but my screen looks like this:
Sandboxie was not created for testing malware.
Sandboxie was not designed for testing malware.
https://www.wilderssecurity.com/threads/sandboxie-vs-virtualbox.365209/page-2#post-2394306
https://www.wilderssecurity.com/threads/sandboxie-vs-virtualbox.365209/#post-2384795
https://www.youtube.com/watch?v=9ZF9c03PN8I&feature=youtu.be
In reply to bj m:
tzuk introduced changes and features so it could be used to test malware, like ProcessLimit or NotifyDirectDiskAccess, while BSA was being developed.
In reply to Pedro López:
Sandboxie was not designed to be used as an analyzer of behavior. Since Sandboxie is an application sandbox (and Not an analyzer), the behavior we see in programs when they run in the sandbox should not be used as a guide for telling whether programs are good or bad/malicious. We should not install programs outside the sandbox based on their behaviour in the sandbox. Doing so is wrong and can hurt you when a malicious program fools you into thinking that it is clean and you install it outside the sandbox and become infected.
https://win10.guru/toolkit-item-sandboxie-by-guest-author-bo-elam/
BSA is the uncontestable proof that Sandboxie can be used to test malware.
Even more... Invincea had its own product (FreeSpace) similar to BSA, so you can say whatever you want that reality is there.
Pedro López BSA is the uncontestable proof that Sandboxie can be used to test malware. Even more... Invincea had its own product similar to BSA, so you can say whatever you want that reality is there.
Even more... Invincea had its own product similar to BSA, so you can say whatever you want that reality is there.
What's BSA?
So, is there any way to fix this?
We'll see what Sophos says.
facepalm.gif
If you googled to get this:
https://www.wilderssecurity.com/threads/installing-a-game-within-a-sandbox.419656/#post-2846881
you can google BSA too, can't you?
Oh, that Analyzer thingy that was not from Sandboxie.
So Sandboxie can be used to test malware and BSA and FreeSpace are the proof. Period.
Okay....test all the malware you want. Does MalwareTips MalwareHub employ Sandboxie?
Regards w Respect
https://www.raymond.cc/blog/how-to-investigate-suspicious-file-using-sandboxie/
Armando CelayaSo, is there any way to fix this? Because I think it is something very important, since certain malware like ransomware do something similar.
If you want to test malware you should use a tool like BSA. In that tool you can define the maximum time sandboxed programs can run. So if a malware blocks keyboard and mouse you just must wait until time expires and the tool automatically finishes all sandboxed processes.
Pedro López If you googled to get this: https://www.wilderssecurity.com/threads/installing-a-game-within-a-sandbox.419656/#post-2846881 https://win10.guru/toolkit-item-sandboxie-by-guest-author-bo-elam/ you can google BSA too, can't you?
I had links bookmarked.
Why r u defensive?
You might like to check this audio from 2008, is an interview of Sandboxies original developer (Ronen Tzur aka tzuk), in the interview he and Leo from grc talk about the Hypervisor, VMs and Sandboxie. The interview starts at minute 33:55 http://twit.cachefly.net/audio/sn/sn0172/sn0172.mp3 Or get it here, Episode #172 GRC | Security Now! Episode Archive