Skip navigation.
Home

zero wine tryouts - a fork of zero wine

What is zero wine tryouts?

zero wine tryouts is an open source malware analysis tool.
Just upload your suspicious PE file (Windows executable) through the web interface and let it analyze the behaviour of the process.

zero wine + X = zero wine tryouts

The zero wine tryouts project is a fork of the original zero wine project.
The last modification to the source code of the original project was done back in Jan 2009.

For more information, visit here.

Any questions/suggestions/ideas/complaints/helps/patches/etc are welcome!

What are the differences

What are the differences between last Zero Wine release and yours?

Could you post a list of differences, please?

Differences

Mainly bug fixes for now.

Fixed several webpage timeout problems.
Add more process crash detection.
And so on.

For more information, see changelog.
http://sourceforge.net/apps/mediawiki/zerowine-tryout/index.php?title=Changelog

Great

Hi,

This is a great project!

I will try it in a few hours and I will let you know.

Member of Comodo Malware Research Group

Few hours? Few weeks you

Few hours? Few weeks you meant, didn´t you? :-P

Working

I have tried to get it working. It will not show my a report no matter how hard I try. The browser always time out after 10-15 minutes of waiting.

Member of Comodo Malware Research Group

QEMU without KQEMU, It's too

QEMU without KQEMU, It's too slow.
Use QEMU 0.11.1 + KQEMU 1.4.0pre1.

Prebuilt QEMU 0.11.1 + KQEMU 1.4.0pre1 binaries for Windows: http://qemu-forum.ipi.fi/viewtopic.php?f=5&t=5354

It seems like all of the

It seems like all of the links are down, would you mind to upload the package here? Or if you want to sent it to me: tesk[at]spywarefri.dk

Member of Comodo Malware Research Group

Use Qemu Manager v7.0 (April

Use Qemu Manager v7.0 (April 2010) with Qemu 0.11.1 and KQEMU Support.
http://www.davereyn.co.uk/qemu_manager.html

Same problem

It still timeout before it finish up its analysis.

I cannot boot the image from the QEMU Manager, as it is not an .iso file and MagicIso will not convert the img to iso too.

Member of Comodo Malware Research Group

Yes, I can confirm it. Set

Yes, I can confirm it.

Set timeout less than 150 secs (approx) or use "View" function.

You don't need to convert img file.

Read QEMU Manager 7.0 manual page 7.

I have found out, but now I

I have found out, but now I just need to connect to 127.0.0.1:8000 - but the browser times out.

I have tried to add additional parameters in the manager, but it will not do anything.

Member of Comodo Malware Research Group

You must set port

You must set port redirection.

Check your additional parameters.

Read QEMU Manager 7.0 Manual page 40.

Working example: qemu.exe -kernel-kqemu -L . -m 512 -hda c:\zerowine_vm\zerowine.img -redir tcp:8000::8000 -redir tcp:2022::22 -redir tcp:5900::5900

Did you try Buster Sandbox

Did you try Buster Sandbox Analyzer?