Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • #43101
    bkaspero
    Participant

    In using the analyzer Hybrid-Analysis, this assumed that we have already downloaded the attachment from the suspected email. Is it still save at that point to download the file/attachment and then drop it into the sandbox? Or should the entire process be done in a virtual machine where the suspicious file is downloaded (but not executed yet) and then analyzed?

    Sorry if this was asked already but I couldn’t find it on the forum.

    #43120
    Diego PérezDiego Pérez
    Participant

    Hi!
    Yeah, it will be safest to download it in a virtual machine and then upload it to a service to run any test.

    Greetings!
    Diego

Viewing 2 posts - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.
Privacy Overview
ZSecurity logo featuring a stylized red letter Z

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.

Strictly Necessary Cookies

Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.

3rd Party Cookies

This website uses Google Analytics and Linkedin to collect anonymous information such as the number of visitors to the site, and the most popular pages.

Keeping these cookies enabled helps us to improve our website.