- Apr 20, 2011
- 2,079
Buster Sandbox Analyzer is a tool that has been designed to analyze the behaviour of processes and the changes made to system and then evaluate if they are malware suspicious.
The changes made to system can be of several types: file system changes, registry changes and port changes.
A file system change happens when a file is created, deleted or modified. Depending of what type of file has been created (executable, library, javascript, batch, etc) and where was created (what folder) we will be able to get valuable information.
Registry changes are those changes made to Windows registry. In this case we will be able to get valuable information from the modified value keys and the new created or deleted registry keys.
check it