[Buster_BSA]

On Windows XP I have never seen something like that when using BSA+Exeinfo together.

[Buster_BSA]

I just created a new section in BSA´s web site (http://bsa.isoftware.nl) named "Video Tutorials".

I have added a video tutorial about the installation and configuration of Sandboxie, WinPCap and Buster Sandbox Analyzer.

Comments will be welcome as usual.

[Buster_BSA]

Released Buster Sandbox Analyzer 1.49.

Changes:

+ Added support for XML reports
+ Added support for TLS hooks detection
+ Improved PDF Statistics
+ Updated LOG_API verbose versions to include FindFirst/NextFile support
+ Updated support for new VirusTotal web service
+ Fixed several bugs

[Mr.Bojangles]

Code: Select all

--regdiff
user\current_classes\*\shell\sandbox = deleted registry key
OpenProcess(c:\users\user\desktop\sandboxie 4.62+bsa 1.49\bsa\bsa.exe) [c:\windows\syswow64\rundll32.exe]
OpenProcess(c:\program files\sandboxie\sbiectrl.exe) [c:\windows\syswow64\rundll32.exe]

maybe omit that and other engine notices? so it doesn't look like antis?

EDIT: The second two might actually be antis..

[Buster_BSA]

Code: Select all

--regdiff
user\current_classes\*\shell\sandbox = deleted registry key
OpenProcess(c:\users\user\desktop\sandboxie 4.62+bsa 1.49\bsa\bsa.exe) [c:\windows\syswow64\rundll32.exe]
OpenProcess(c:\program files\sandboxie\sbiectrl.exe) [c:\windows\syswow64\rundll32.exe]

maybe omit that and other engine notices? so it doesn't look like antis?

EDIT: The second two might actually be antis..

You have the exclusion lists to avoid showing that kind of stuff.

[Buster_BSA]

Released Buster Sandbox Analyzer 1.50.

Changes:

+ Added multi-language support
+ Updated LOG_API
+ Fixed several bugs

[Buster_BSA]

Released Buster Sandbox Analyzer 1.51.

Changes:

+ Added a custom driver to hide Sandboxie´s processes
+ Removed Hide Driver from package
+ Included new malware behaviour
+ Added File Renamer feature to utilities section
+ Updated LOG_API

[Mr.Bojangles]

When I finish my current contract I'll make another tool that checks for existence. I haven't looked at anything yet though. I also only use 64bit windows. The additions are nice.

[Buster_BSA]

When I finish my current contract I'll make another tool that checks for existence. I haven't looked at anything yet though. I also only use 64bit windows. The additions are nice.

I would say I fixed Ldr->HashLinks detection some time ago. It will be nice if you can check if it´s really fixed.

Thanks!

[Buster_BSA]

Released Buster Sandbox Analyzer 1.52.

Changes:

+ Added support for HTML reports
+ Added a feature to remove sandbox folder contents automatically in manual mode
+ Included new malware behaviour
+ Updated LOG_API
+ Fixed several bugs