Cuckoo Installation Guide – Part 2

August 28, 2018 | Views: 8751

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

<< Cuckoo Installation, Part 1


 To verify that the virtual machine has an internet connection, open cmd and ping and see if it replies.

Download Python 2.7 (

Download Python Pillow 5.2.0 (

Install Both

For me, the Python Pillow file was called ‘Pillow-5.2.0.win32-py2.7.exe’

– Install Guest Additions on the Windows machine

– Then click on Devices located in the top bar and click shared folders. Share the cuckoo agent (found in /opt/cuckoo/agent on Ubuntu machine) and copy it across to your OS and close the share. The agent folder should be on your desktop with the and the file inside.

You now need to disable your firewall. Press the windows key and type in firewall. Click on ‘Windows Firewall’, then click on ‘Turn Windows Firewall on or off’ and disable it. Now click the windows key and type in user, click on ‘change user account control settings’. Drag the slider down to ‘never notify’, and click ok.

Once both the firewall is off, and the UAC is off. Start the and close everything else.

Now click on the machine and click ‘take snapshot’. NOTE: Name this file ‘Snapshot’ NOT ‘Snapshot 1’. Write ‘nothing installed’ in the description <- this doesn’t matter as much, but it helps when identifying between different snapshots.

Once the snapshot has been taken, close the windows machine but DO NOT close the agent. Click ‘Power off the machine’ and remember to click “Restore current snapshot ‘Snapshot'” before shutting it down.

Now that the environment has been set up, we can start setting up and configuring cuckoo to perform malware analysis.


A lot of these settings should be similar by default but make sure you check them as one error will prevent cuckoo from working correctly. If the settings are the same, then you don’t need to change anything, and you can exit out by pressing CTRL + X.

  1. First, you need to configure Cuckoo, navigate to (in a terminal window): – cd /opt/cuckoo/conf
  2. Four config files need to be checked before cuckoo can be fully configured. Type the following commands. – sudo nano cuckoo.conf

Change settings in here for the cuckoo configuration (if needed). I have left mine as the default settings. Press CTRL + X to exit.

– sudo nano virtualbox.conf

Settings need to be changed in the virtualbox.conf file. ‘interface = vboxnet0’, ‘machines = cuckoo1’, ‘label = cuckoo1’ and ‘ip =’. Make sure these four parameters are correct. Then press CTRL + O to save and CTRL + X to exit.

– sudo nano memory.conf

Change the guest_profile to the version of Windows you are using. I am using Windows 7 Service pack 1 32bit so mine will be ‘guest_profile = Win7SP1x86’. Then press CTRL + O to save and CTRL + X to exit.

– sudo nano reporting.conf

First, find [mongodb]. Then make sure ‘enabled = yes’. Then press CTRL + O to save and CTRL + X to exit.

3) We can now run Cuckoo. Open TWO different terminals and navigate to (on each terminal window):

– cd /opt/cuckoo (NOTE: Both terminals should be in the same location)

First terminal: – cuckoo -d

This will start cuckoo. Second terminal: – cuckoo web

Once you run this command, it will give you a link which you need to open. It should look like ‘http://localhost:8000/’. Open this link in Firefox or any browser and upload any file into the Web UI. Make sure you check the checkbox with the file, then click analyze. This will take some time and you should have a full report afterward! 🙂

Guest Additions Install Guide 

  1. First, open up a fresh install of Ubuntu 16.04.
  2. Click on devices located in the top bar.
  3. Click on ‘Insert Guest Additions CD Image’.
    • This will then create a folder with the Guest Additions ISO file.
  4. Open a terminal window and navigate to this directory.
  5. Run this command: ‘./’.
  6. Reboot Ubuntu.

If the above method doesn’t work

  1. Click on devices and go to optical drives.
  2. Click Remove disk from virtual drive.
  3. Reboot Ubuntu.
  4. Do all the steps from the Guest Additions Install Guide above.

<< Cuckoo Installation, Part 1

Additional Resources:

Share with Friends
Use Cybytes and
Tip the Author!
Share with Friends
Ready to share your knowledge and expertise?
Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge


We recommend always using caution when following any link

Are you sure you want to continue?