This section deals with spreadsheet documents that contain malware samples. Please make sure that you have installed the Microsoft Office bundled program in your VM environment. Internet connection in your VM environment is also needed to make sure that the malware analysis can run smoothly in your VM environment.
We will now submit an Excel file as the malware document. Let us see the steps involved:
Open a new Terminal tab (Shift + Ctrl + T) and type in the following command line:
$ python utils/submit.py --platform windows --package xls shares/CVE-2011-0609_XLS-SWF-2011-03-08_crsenvironscan.xls
Please make sure you have a Success message, as shown in the preceding screenshot, with task with ID 13. Windows will open the Excel document.
Then let Cuckoo start the analysis process on the Guest OS:
A warning pop-up window will appear. Again, we assume that the user didn't know what that warning was. So,...