[Buster_BSA]

Released Buster Sandbox Analyzer 1.70.

Changes:

+ Added new malware behaviours
+ Improved “Additional Information” feature
+ Included new malware behaviours at “Risk Evaluation Ratings”
+ Added deutsch language translation (thanks to AV-Comparatives)
+ Updated BSA.DAT
+ Updated LOG_API
+ Updated HexDive
+ Updated SIGNSRCH.SIG

[Buster_BSA]

BSA 1.70 package has been re-released to fix a bug.

[Buster_BSA]

Released Buster Sandbox Analyzer 1.71.

Changes:

+ Added new malware behaviours
+ Added BSA_USER.DAT feature
+ Improved “Dump Executable Processes” feature
+ Included new malware behaviours at “Risk Evaluation Ratings”
+ Updated BSA.DAT
+ Updated LOG_API
+ Updated Exeinfo
+ Fixed several bugs

[Buster_BSA]

Released Buster Sandbox Analyzer 1.72.

Changes:

+ Added wildcard support for FileExclude.TXT and APIExclude.TXT
+ Updated Exeinfo
+ Fixed several bugs

[Buster_BSA]

Released Buster Sandbox Analyzer 1.73.

Changes:

+ Added “Launch Internet Explorer” feature
+ Added new malware behaviours
+ Improved “Report Manager” feature
+ Updated BSA.DAT
+ Updated LOG_API
+ Fixed several bugs

[garack]

What a great Tool, but it does nothing for me:

i configured sandboxie like this:

Code: Select all

[Bsa]

ConfigLevel=7
Template=AutoRecoverIgnore
Template=Firefox_Phishing_DirectAccess
Template=LingerPrograms
Template=BlockPorts
BorderColor=#00FFFF,off
Enabled=y
InjectDll64=C:\BSA\LOG_API64.DLL
OpenWinClass=TFormBSA
NotifyDirectDiskAccess=y
ProcessLimit1=20
ProcessLimit2=30
BoxNameTitle=n
CopyLimitKb=102400
CopyLimitSilent=y

Plus SbieCtrl_HideMessage=* in the users config.

i put the LOG_API64.DLL (cause i am on a Win764Sp1) in the C:\bsa Folder , where bsa is working from.

i tweaked sandboxie like in this:

http://www.youtube.com/watch?v=wXFpo78712M


ans this:

http://www.youtube.com/watch?v=MXASXoq5akc

Video, but not the hide driver part, as i understand i dont have to.

now i run BSA as Admin (cause i am not) withh Admin Passwort. it comes up without an error, then i pointed it to my sandbox folder: C:\Sandbox\Surfer\Bsa

click start analysis, then load notepad, vlcplayer or other tuff in my sandbox..and nothing happes..what i am doing wrong?


ah it does some stuff now, with vcl player nothing, with a photo more, and starting gimp very much..

[Buster_BSA]

You should inject both 32 and 64 bit LOG_API versions, like this:

InjectDll=C:\BSA\LOG_API32.DLL
InjectDll64=C:\BSA\LOG_API64.DLL

[garack]

ok both from the 64 Folder ?

Cause theres one in the 32 Folder?

Do i use the single one in the 32 folder onl on 32 bit machine. and the 64 and 32 from 64 folder at 64 bit machine?

[Buster_BSA]

ok both from the 64 Folder ?

Yes, both from 64 folder.

Do i use the single one in the 32 folder onl on 32 bit machine. and the 64 and 32 from 64 folder at 64 bit machine?

That´s right.

In "LOG_API" folder there is a "README.TXT" which says:

"32" folder contains LOG_API DLLs for 32-bit OSs.
"64" folder contains LOG_API DLLs for 64-bit OSs.

[garack]

thanks for your help;