Version 1.20 fixes several bugs:

DNS Queries not logged when the network is configured in DHCP, duplicated entries in the API logger window, one malicious behaviour missed, SetValueKey and DeleteValueKey were being missed from API call log, ...


New version also introduces new features:

Capture-BAT Log Analyzer.

LOG_API library will show the name of the application that made the API call.

Local network traffic can be configured to be sniffed or not.

Released Buster Sandbox Analyzer 1.21.

Change list:

Changes in BSA.DAT:
Added [Custom_Folder_Entries] section.
Upated [File_Types_Modified] section to [File_Types_Created_Modified].
Updated Capture-BAT Log Analyzer feature.
Updated malware analysis in Buster Sandbox Analyzer.

I forgot to mention in the manual that version 1.21 allows the user to set a time limit for the analysis.

With this feature we can configure how many minutes we want to let the sandboxed applications to run. When the time limit expires Sandboxie will terminate processes automatically.

Due popular demand I decided to include the automatic analysis on next release.

Each sample contained in a specified folder will run for a user specified time and during that time malware processes can run alone, without user interaction until time experires, or user can interact with the sample.

When the time experies Sandboxie´s processes will be terminated and the reports will be generated.

I have nice plans for this feature. I pretend the feature can be configured so it becomes more flexible and powerful.

News about the automatic analysis mode:

It will process any kind of file type: EXE, PDF, XLS, ...

If the file type is associated to a program, then the program will be launched. e.g.: .PDF files associated to Adobe Acrobat Reader. Depends of the program if the processed file is opened automatically or not.

If the file type is not associated to any program then we receive the message telling Windows can not open that file.

It´s up to the users make the appropiate associations.

Automatic analysis feature will save network traffic (when BSA is properly configured for that) .pcap file in report folder.

Additionally the user can configure BSA to save a copy of sandbox folder contents. That way we can easily get a copy of dropped components.

Actual host is going down soon. Thanks to Ruhe for hosting the tool all this time!

The new host is: http://bsa.netai.net

Released Buster Sandbox Analyzer 1.22.

Change list:

Added automatic malware analysis mode
Added digital signature verification
Removed "Check Ports"
Updated Buster Sandbox Analyzer GUI
Updated LOG_API library

Someone reported you to delay your release? or they really going thru every owners files?

I opened the account just a few hours ago so I guess it´s a normal procedure.

I have noticed that downloads from netai.net are not reliable. The download may be interrupted before the file has been completely downloaded.

In case of troubles with the download here you have additional download links:

http://rapidshare.com/files/393478240/Buster.Sandbox.Analyzer.1.22.rar

http://www.megaupload.com/?d=TOTVC9ZH

http://hotfile.com/dl/45674283/98e6168/Buster.Sandbox.Analyzer.1.22.rar.html

I'll guess you're right, but this link: http://bsa.netai.net/

drops me to this place: http://www.000webhost.com/admin-review

Checked about 1 min ago, but I need some coffee now so I test it again later on.

oh, just saw your link to rapidshare, thanks.

No, you´re right. In the computer where I´m logged as site admin I can see contents but from other computer where I´m not logged I also get the same message.

We will have to wait until the admin has reviewed the site but meanwhile it´s available through alternative download links.

Thanks!

Did you have any problems to configure it?

Is easy to use with the provided instructions (PDF)?

What do you like more and what less?

Sorry Buster, but someone who signs their posts with a link to "make money fast" is just asking for the posts to be deleted.

Have no mercy with that kind of posts!