[R00tKit]

http://jevereg.amnpardaz.com/

[EP_X0FF]

Added to list

Noticed few sandbox processes in output.

sandBoxLog.exe
Sender.exe

this as well as always "submitted.exe" name for submitted samples makes this sandbox trivial to detect.

[rinn]

Hello.
This sandbox is running on Xeon + VMWare. VM configured poorly and most of malware will detect it easily by VMX backdoor. So I wouldn't recommended to use this online service right now.

Best Regards,
-rin

[EP_X0FF]

In relation to another new sandbox I remembered this. And guess what, 10 month later - nothing changed except new blog with 1 idiotic entry.

We are pleased to announce to the society of computer security the release of the Jevereg (Amnpardaz Sandbox) blog. We want the name “Jevereg” to be synonymous in your mind with quality. We are a leader in the nation for automated malware analysis and our history of innovation and support keeps you ahead of the curve on malware analysis.

So I tried it again. It is still running by unconfigured ("leaders in nation" with "quality in mind" still unable to do this) Vmware hypervisor but they managed to double uselessness of their service by merging report with crash info from... their own Windows Update service totally unrelated to tested file.

[thelastblack]

Hello
Thanks for your post EP_X0FF :D
I can't seem to find the problems you mentioned anymore, but maybe I am wrong.
I ran a sample, and it doesn't show any of problems you mentioned.
Samples run with a random name, no auto update crash or anything else was shown.
Please give me your sample so I can check it out.

And of course, we have a premium service which has more features than this free one. It is also more updated and supported.

Anyway, thanks for your attention!