|
<pre>2016-05-25 21:22:32,893 [lib.cuckoo.core.scheduler] INFO: Starting analysis of FILE "test.bin" (task #1, options "") 2016-05-25 21:22:32,985 [lib.cuckoo.core.scheduler] INFO: Task #1: acquired machine cuckoo1 (label=WinXP) 2016-05-25 21:22:32,996 [modules.auxiliary.sniffer] INFO: Started sniffer with PID 28834 (interface=vboxnet0, host=192.168.56.101, pcap=/path/to/cuckoo/storage/analyses/1/dump.pcap) tcpdump: vboxnet0: You don't have permission to capture on that device ((no devices found) /dev/bpf0: Permission denied) 2016-05-25 21:23:49,855 [lib.cuckoo.core.scheduler] ERROR: Timeout hit while for machine WinXP to change status 2016-05-25 21:23:49,868 [lib.cuckoo.core.scheduler] CRITICAL: A critical error has occurred trying to use the machine with name cuckoo1 during an analysis due to which it is no longer in a working state, please report this issue and all of the related environment details to the developers so we can improve this situation. (Note that before we would simply remove this VM from doing any more analyses, but as all the VMs will eventually be depleted that way, hopefully we'll find a better solution now). 2016-05-25 21:23:50,332 [lib.cuckoo.core.scheduler] WARNING: Unable to stop machine WinXP: Trying to stop an already stopped vm WinXP 2016-05-25 21:23:50,444 [modules.processing.behavior] WARNING: Analysis results folder does not exist at path '/path/to/cuckoo/storage/analyses/1/logs'. 2016-05-25 21:23:52,327 [lib.cuckoo.common.objects] WARNING: Unable to import yara (please compile from sources) 2016-05-25 21:23:52,362 [modules.processing.network] WARNING: The PCAP file does not exist at path "/path/to/cuckoo/storage/analyses/1/dump.pcap". 2016-05-25 21:23:54,218 [lib.cuckoo.core.scheduler] INFO: Task #1: reports generation completed (path=/path/to/cuckoo/storage/analyses/1) 2016-05-25 21:23:54,235 [lib.cuckoo.core.scheduler] INFO: Task #1: analysis procedure completed |
|
<pre>2016-05-26 19:48:46,707 [lib.cuckoo.core.scheduler] INFO: Starting analysis of FILE "test.exe" (task #12, options "") 2016-05-26 19:48:46,769 [lib.cuckoo.core.scheduler] INFO: File already exists at "/path/to/cuckoo/storage/binaries/e37e5e39cc971ca0c196605371d0699b6c1f135378da9d454227e02977571e0f" 2016-05-26 19:48:46,799 [lib.cuckoo.core.scheduler] INFO: Task #12: acquired machine cuckoo1 (label=WinXP) 2016-05-26 19:48:46,806 [modules.auxiliary.sniffer] INFO: Started sniffer with PID 12759 (interface=vboxnet0, host=192.168.56.101, pcap=/path/to/cuckoo/storage/analyses/12/dump.pcap) tcpdump: listening on vboxnet0, link-type EN10MB (Ethernet), capture size 262144 bytes 2016-05-26 19:48:50,893 [lib.cuckoo.core.guest] INFO: Starting analysis on guest (id=cuckoo1, ip=192.168.56.101) 2016-05-26 19:49:33,692 [lib.cuckoo.core.scheduler] ERROR: Analysis failed: The package "modules.packages.exe" start function encountered an unhandled exception: Error returned by is32bit: Command '['bin\\is32bit.exe', '-f', u'C:\\DOCUME~1\\sent\\LOCALS~1\\Temp\\test.exe']' returned non-zero exit status 1 236 packets captured 8521 packets received by filter 0 packets dropped by kernel 2016-05-26 19:49:39,519 [lib.cuckoo.core.scheduler] INFO: Task #12: reports generation completed (path=/path/to/cuckoo/storage/analyses/12) 2016-05-26 19:49:39,532 [lib.cuckoo.core.scheduler] INFO: Task #12: analysis procedure completed |
![[Home]](./images/amatubu.png)