- Machine Learning for Cybersecurity Cookbook
- Emmanuel Tsukerman
- 124字
- 2021-06-24 12:29:05
How to do it...
Once your Cuckoo Sandbox is set up, and has a web interface running, follow these steps to gather runtime information about a sample:
- Open up your web interface (the default location is 127.0.0.1:8000), click SUBMIT A FILE FOR ANALYSIS, and select the sample you wish to analyze:
- The following screen will appear automatically. In it, select the type of analysis you wish to perform on your sample:
- Click Analyze to analyze the sample in your sandbox. The result should look as follows:
- Next, open up the report for the sample you have analyzed:
- Select the Behavioral Analysis tab:
The displayed sequence of API calls, registry key changes, and other events can all be used as input to a classifier.