Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • #43101
    Avatarbkaspero
    Participant

    In using the analyzer Hybrid-Analysis, this assumed that we have already downloaded the attachment from the suspected email. Is it still save at that point to download the file/attachment and then drop it into the sandbox? Or should the entire process be done in a virtual machine where the suspicious file is downloaded (but not executed yet) and then analyzed?

    Sorry if this was asked already but I couldn’t find it on the forum.

    #43120
    diegodiego
    Moderator

    Hi!
    Yeah, it will be safest to download it in a virtual machine and then upload it to a service to run any test.

    Greetings!
    Diego

Viewing 2 posts - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.