 |
 |  |
|
Buster
|
|
Released Buster Sandbox Analyzer 1.44.
Changes: + Changed the feature to do not show UDP packets. Now the feature will ignore UDP packets from PCAP captures and reports + Added a feature to minimize BSA when the feature to do video capture is enabled + Added a feature to compress to ZIP sandbox folder contents when Keep Sandbox Files is enabled + Added information related to date of submission in VirusTotal reports + Added several improvements + Updated LOG_API |
|||||||||||
|
|||||||||||||
 |
| |
|
nemo700
|
|
There seems to be a bug in BSA 1.44; after I've installed it, I can no longer run Windows Explorer within Sandboxie - if I go Sandbox > DefaultBox > Run Sandboxed > Run Windows Explorer, it immediately crashes with "Windows Explorer has encountered an error and needs to close..." (faulting module ntdll.dll). If I remove BSA's config lines from Sandboxie.ini everything works OK again.
No problems using an older version of BSA, either (1.38 ). I didn't manage to catch any of the versions that came out in between 1.38 and 1.44 to test them... All this is happening with Sandboxie 3.60 on 2 separate Windows XP SP3 machines. Sorry if this isn't the right place to report this, but I couldn't see anywhere on the BSA site to do so... |
|||||||||||
|
|||||||||||||
|
| |
|
Buster
|
|
I can reproduce the problem. Thanks for the bug report!
As soon as I have news, I will post them here. |
|||||||||||
|
|||||||||||||
|
| |
|
Buster
|
|
There was a bug in LOG_API (all versions). One more time tzuk saved my ass and helped me to fix the bug. I uploaded again BSA 1.44 package including the fix. Try it and let me know if everything works fine, please. |
|||||||||||||
|
|||||||||||||||
|
| |
|
nemo700
|
|
Seems to be working fine now. Fantastic! Thanks for fixing it, and for writing such a useful little program in the first place  |
|||||||||||||
|
|||||||||||||||
|
| |
|
Buster
|
|
Thanks for the bugfix confirmation and the kind words! |
|||||||||||||
|
|||||||||||||||
|
| |
|
Buster
|
|
Released Buster Sandbox Analyzer 1.45.
Changes: + Added a feature to produce reports in PDF format + Added support for new malware behaviours: get volume information, alternate data stream creation + Updated LOG_API |
|||||||||||
|
|||||||||||||
|
| |
|
Buster
|
|
Released Buster Sandbox Analyzer 1.46.
Changes: + Added a feature to include information from reports into a SQL database + Added a custom manager for BSAīs SQL Database + Added a feature to load and save settings from file on demand + Added a feature to set a number of retries if connection to VirusTotal fails + Added a feature to launch automatically Explorer.exe in automatic mode + Added a feature to skip already processed files in automatic mode + Fixed several bugs |
|||||||||||
|
|||||||||||||
|
| |
|
Buster
|
|
There are a lot of things to comment about version 1.46.
Added a feature to include information from reports into a SQL database With this feature itīs possible to store in a SQL (sqlite 3) database the information from report files and optionally, from analysis reports. All the information from reports (REPORT.TXT) and optionally from analysis (ANALYSIS.TXT) will be added to database. Itīs mandatory to enable the reporting of SHA256 in order to get this feature working. Added a custom manager for BSAīs SQL Database I included a feature to manage the created database in an easy but powerful way. It has a SQL expression generator with the tables in database, the fields in each table, and five options. (is, is not, is null, is not null and contains) For people that know SQL, I also included a custom SQL command feature. With this feature you can use your sentences in SQL. I added a feature to remove entries from database, a predefined query to database and a function to update a record from a report file. Right-clicking in the table you will get some additional features. Added a feature to load and save settings from file on demand With this feature itīs possible to have several different BSA configurations stored in disk and easily switch between them. Added a feature to set a number of retries if connection to VirusTotal fails You can configure to donīt make retries if VirusTotal does not respond or choose from 1 to 5 retries. Added a feature to launch automatically Explorer.exe in automatic mode Recently I processed a malware that didnīt show the behaviour I expected. First I thought it was due a bug in Sandboxie. The bug existed and tzuk fixed it, but at the end it was not related with the issue. Ronen analyzed the piece of malware and discovered that the malware was injecting code to explorer.exe. Due the process was not being sandboxed, the malware could not inject the code. When explorer.exe is sandboxed, the malware will behave as it should. As some trojans may inject code in explorer.exe I decided to include this feature. When enabled BSA will sandbox explorer.exe before the analysis begins. Added a feature to skip already processed files in automatic mode When enabled, BSA will check at SQL database if the file was analyzed previously. Fixed several bugs As usual, several bugs fixed and other new introduced.  |
|||||||||||
|
|||||||||||||
|
| |
|
Buster
|
|
Imagine you made a report and VirusTotal was down. Now you have inside the SQL database an entry with missing information. No problem...
Utilities > SQL Database Manager Tools > Update Database from Report The entry will be removed from database and it will be replaced with the information from the report you provide. |
|||||||||||
|
|||||||||||||
|
| |
|
Buster
|
|
Released Buster Sandbox Analyzer 1.47.
Changes: + Added a feature to run BSA in automatic mode monitorizing a folder for new files to analyze. + Added a feature to avoid processing files from a whitelist. + Improved analysis cancel event. + Fixed several bugs |
|||||||||||
|
|||||||||||||
|
| |
|
Buster
|
|
Released Buster Sandbox Analyzer 1.48.
Changes: + Added PDF statistics feature + Added support for a new malware behaviour: get computer name + Updated LOG_API + Fixed several bugs |
|||||||||||
|
|||||||||||||
|
| |
|
JoeCool
Guest
|
|
Please see a bug report about files with missing access permissions in the Recycle Bin here: http://www.sandboxie.com/phpbb/viewtopic.php?p=75812
Please tell me if there are questions and which thread you would like to continue discussion about this. Also great work on BSA, I love it. What method to clear the Sandbox does BSA use? |
|||||||||||
|
|||||||||||||
|
| |
|
Buster
|
|
We can discuss about the issue here in this thread.
I mainly use DeleteFile API. I can try replacing the functions I use now to delete Sandbox folder contents with the command used by default by Sandboxie. Do you think that will be fine? |
|||||||||||||||
|
|||||||||||||||||
|
| |
|
JoeCool
Guest
|
|
I think that would be a good solution. I have never had problems when Sandboxie deletes the Sanbox.
Thank you for the quick reply. Did you encounter similar problems or is there something special about my setup. I thought it was kind of strange that all access security entries where just missing. |
|||||||||||
|
|||||||||||||
|
 | Buster Sandbox Analyzer | |
|
||
Use the RSS feed to watch this topic for replies |
|
|