cHook – The new CuckooBox Hooking Engine

By

Irene Poetranto

Published: August 10, 2011Tags: Malware

Source: HoneyNet

Cuckoo Sandbox is a malware analysis system capable to outline the behavior of a malware during its execution. In order to generate such results, Cuckoo performs hooking of a number of selected Windows functions, intercept their calls and after storing the relevant informations and eventually performing additional actions, returns the exection to the original code.

Leave a Reply

Infowar Monitor

The Information Warfare Monitor is an independent research activity tracking the emergence of cyberspace as a strategic domain. Our mission is to build and broaden the evidence base available to scholars, policy makers, and others.
Search