Released Buster Sandbox Analyzer 1.56
Buster Sandbox Analyzer 1.56 has been released and it has been some time since last time I wrote about my tool here, so I decided to write some news about it.
In this time I have added many new features. I would like to remark next ones:
* BSA is able to perform several analyses at the same time.
* It has multi-language support. Right now there are translations to russian and portuguese.
* BSA is able to dump processes automatically.
* BSA can search for defined strings inside the analyzed file and dumped binaries.
* BSA is very customizable. There are many features to allow what information must be included in reports.
* BSA offers the possibility of creating reports in XML, PDF and HTML format.
* BSA can be configured to hide Sandboxie´s processes automatically in 32 bit OSs.
* BSA can produce PDF statistics.
* BSA has an analysis mode where the tool is running continously and monitorizing a folder checking for new samples to analyze.
* BSA can save malware analysis information to a SQL database.
* BSA can be configured to skip previously analyzed files.
* BSA can capture screen on video.
* BSA has a module where you can define the "height" of each malware behaviour and using ratings define what kind of alert must rise an analyzed files.
* BSA can run custom commands after an analysis is finished.
* BSA can run from command-line.
* BSA can include VirusTotal information in reports.
* Many new malware behaviours have been added.
I will be glad to receive your questions, suggestions, etc.
You can find the tool at: http://bsa.isoftware.nl/