PyBox 1.0 --------- PyBox is short for Python Sandbox. It is developed for the operating system Microsoft Windows XP. The Python-based application provides the functionality to run a malware process and monitor its behavior by controlling its usage of Application Programming Interfaces (API). PyBox Copyright (C) 2010 Christian Schönbein. The main features of PyBox: - Analyses of malware samples or other executables - Revelation of the used Windows API and native API functions - Creation of XML reports displaying the executable's behavior This distribution contains the following files: PyBox.py - The PyBox analysis tool pbMonitor.dll - Hook library that is injected into the analysis target's process hooks.cfg - Configuration file that determines which API functions are observed pybox.cfg - Configuration file that keeps general information for the analysis process injection/* - Python modules used to inject the hook library into the analysis target's process ipc/* - Python modules used for the communication between analysis tool and target process process/* - Python modules used for starting and stopping processes report/* - Python modules used for the creation of the XML report setup/* - Python modules used to read all settings from the configuration files unins000.exe - Uninstaller For information on the installation of PyBox please see the file "Installation.txt". --- End of document