Articles, Blog

How to Test DANGEROUS VIRUS Files in Windows 10 Sandbox

December 23, 2019


Windows 10 Sandbox is a great way to
test potentially dangerous applications like malware files.In this video, you
are going to find out how to use Windows 10 sandbox to test potentially malicious
files. We are going to put sandbox to the test. Now to find out how
to enable sandbox in Windows 10, please check the link in the video description
I have a video specifically for that. We are going to test actual malware files
and then you are going to find out how to avoid certain big mistakes. As you
can see here, I have Windows Sandbox opened and I have Firefox installed on
it and I also have two links to dangerous virus files. So the moment I open one those websites it’s going to download a virus automatically.
Now I’m going to open the first virus file. As you can see, it prompts me to
download 11.exe. Clearly, a very suspicious file! Let me download it
right now. There you go! It’s downloaded! Now look at this! When I
download this file, Firefox warns me that this file contains malware, but that
is the point of this tutorial. We are actually going to put this to the test.
So we are going to open it. But, before doing that, let us download the second
file as well because we are going to try to open both of them.There you go!
Once again, Firefox is warning me to be careful because this file also contains
malware. Let’s try this one. Let’s see if it works. Going pass through the.
warnings. So far this one does not seem to work. Let’s try the second
one now. Let’s see if it works 11.exe Let’s see if it works and
more warnings, more warnings. Let me click more info. Let’s run it
anyway, and there you go! The virus is now on my computer.
But that’s too bad for the virus, because it’s not running on my real computer.
It’s running on a virtual machine. It’s running from Windows Sandbox. So, in a way,
this virtual machine is now officially infected. But, as I just said, my actual
machine is running just fine. For example these files were downloaded in the
Downloads folder right? Well, if I go to the Downloads folder from the virtual
machine from Windows Wandbox I can see those two files. Let me go there right
now. and let me go to downloads. I’m going
to open the file location. And there you go! It takes me to do it Downloads folder.
and as you can see, here they are, the two malware files and now I’m going to go to
my actual computer, my real Windows 10 PC Let me go there. Let me click the Start
button and then type Downloads in the search field. Let me click on the
download icon. There you go! it takes me to the Downloads folder. And look! What
don’t you see? Clearly you don’t see those two files, those two malware files.
So those files are in the virtual machine. But they’re not on my real
computer. So, when might you actually want to do this? To actually download viruses!
Well, suppose someone suspicious sends you an email with an attachment and you
doubt and you are reluctant to download it. And of course, rightfully so!
Well, by using Windows sandbox, you can download the attachment. If it does
behave strangely, then you know for a fact it was indeed a malicious file.
Of course, the good news is that malicious file is trapped within Sandbox.
It cannot infect your actual computer. Now here are some situations where you
really need to be careful. First of all, you cannot use Windows sandbox to test
fake or phishing websites. This includes for example a website that pretends to
be your bank account, but in reality it’s a total fraud. If you enter your username
and password, well sadly, you will get hacked. This is because you are
simply accessing a website; you’re not downloading anything. As such, windows
sandbox will not make a difference. Another big mistake need to avoid is
forgetting when you are not using Windows Sandbox. Sadly, this can easily
happen. You think you’re using Windows sandbox when in reality you are using
your actual Windows PC. One thing you can do is change the background or wallpaper
of your actual Windows 10 PC, so that way when you use Windows sandbox you will see
that the wallpaper is different. As a result, you know that you will know that you are inside Sandbox. Something else you can do is to use Windows 10 sandbox in full-screen. Here’s
why. Well, when you use Windows 10 box in
full-screen, you will always see this connection bar on top. As a result, you
will always know that you are in Sandbox. But, if you don’t like it, you can also
unpin it so that it disappears. However it does make it easier for you to
realize you are using Sandbox, not your actual Windows 10 PC so that you don’t
use one for the other. Overall, as you can see, using Windows 10
sandbox, is very straightforward! And speaking of straightforward, for more easy,
simple, straightforward tutorials like this please subscribe and leave some
comments below and thanks for watching

17 Comments

  • Reply Black Hat June 5, 2019 at 9:02 pm

    Interesting.

  • Reply Black Hat June 5, 2019 at 9:02 pm

    I would use that.

  • Reply Nekito June 5, 2019 at 9:14 pm

    nice.
    how ur channel not growing?

  • Reply Maksym Bykov July 11, 2019 at 3:42 pm

    Man, music in your videos is awesome!

  • Reply Hydrixx July 16, 2019 at 2:10 pm

    It automatically reset when I close Windows Sandbox?

  • Reply shanu Shah August 3, 2019 at 10:49 am

    Is this real? I went to Microsoft official site to download this Windows 10 Sandbox but I don't see it !!

  • Reply John Wick August 3, 2019 at 5:15 pm

    But be careful if you enable Sandbox you can't use Virtual box or Vmware

  • Reply Lulu Vi August 26, 2019 at 6:27 am

    Hey
    Thanks so much for this video, now I am using sand box too
    But there is problem , I need Microsoft office in sandbox.
    I tried to install several version but it says "Error 1935. An error occurred during the installation of assembly component
    (89EDD3A9-9448-3257-8484-D6EB6A00DDFS) HRESULT: 0x80070003.
    Setup failed."
    This happened in several setup which I try to install In sandbox.
    Please try to solve this problem.
    Thank you ?

  • Reply Yonatan Kristanto August 30, 2019 at 9:58 am

    Can you run Windows Sandbox from the Sandbox? lol

  • Reply Luke R September 5, 2019 at 3:29 am

    You need to be very careful not to consider the sandbox to be a 100% safe environment, because it is not.

    It is important to note that Windows Sandbox doesn’t provide network-level isolation. So while malware executed within the sandbox cannot directly access the C: drive of the primary operating system, it can still communicate with other devices on your network. For example, if you were to execute malware containing a worm virus inside the sandbox, it can still scan your network for vulnerable systems and spread to other systems from there.

  • Reply X7007 September 10, 2019 at 9:27 am

    what is the capture utility he is using to record?

  • Reply Andre Davi October 1, 2019 at 6:35 am

    Really nice channel!

  • Reply JoeManCZ November 1, 2019 at 7:11 pm

    So i can run on Windows Sandbox virus but it will not do anything even tho if its saved to my disk?

  • Reply Max November 12, 2019 at 9:17 pm

    PLEASE HELP!! I cant open sandbox and this message pops up: Windows Sandbox failed to start. Error 0x80070057. The parameter is incorrect. Would you like to sumbit feedback about this issue?

  • Reply shrimp December 1, 2019 at 2:12 pm

    wait so i can run memz on it?

  • Reply Dylan Batt December 17, 2019 at 5:49 pm

    You are far better off using Vmware Workstation for this , total separation including Networks, I've been using this sort of setup for reverse engineering Malware for Years

  • Reply TheKiller3-johan December 21, 2019 at 5:09 pm

    suppr C:
    ….

  • Leave a Reply