Skip to main content

Using Golden Image Tester for GravityZone Sandbox Analyzer

This section describes how to test if a virtual machine meets the conditions for being used a golden image in Sandbox Analyzer On-premises.

Sandbox Analyzer On-premises is a powerful antimalware Bitdefender GravityZone solution, designed to analyze suspicious content through different sensors deployed in the enterprise network. Detonation capabilities include file and URL analysis, covering various file formats that are commonly used in advanced attacks.

In GravityZone Sandbox Analyzer, you can use golden images to build virtual machines to be used in the detonation environment. Golden Image Tester is a tool that helps you check if a virtual machine meets the conditions to be golden image and to detonate certain file types.

You can run Golden Image Tester inside any virtual machine. For example, you can power on a virtual machine on your computer, run Golden Image Tester in it and, if the virtual machine is validated, you can use it as a golden image for Sandbox Analyzer.

Running Golden Image Tester without parameters

If you are looking for a straightforward verification of a virtual machine, you can run Golden Image Tester without parameters.

  1. In your preferred environment, power on the virtual machine.

  2. Log in to the virtual machine.

  3. Download the Golden Image Tester ZIP file from this link.

  4. Extract the ZIP file.

  5. Run GoldenImageTester.exe.

    While running, the Golder Image Tester displays information regarding the following:

    • Administrator user

    • Windows license

    • Default internet browser

    • Microsoft Office suite

    • Adobe Reader

    • Java Runtime Environment

  6. After verification, press any key to close the program.

    golden-image-tester-standard-mode-14.png

Running Golden Image Tester with parameters

To obtain detailed information about a virtual machine, you can run Golden Image Tester by using command lines with parameters.

These parameters allow you to create a log file that you can send to Bitdefender Technical Support for investigation. This log file is saved on the current working drive, under the name GIDebugInformation.log.

In the log file, you are provided with exit codes, verdicts and details for each condition. Exit code is 0 when the conditions are met.

This is how you run Golden Image Tester with parameters:

  1. On the virtual machine, open Command Prompt.

  2. Download Golden Image Tester from here.

  3. Navigate to the folder where GoldenImageTester.exe is located.

  4. Run the program by using the command: GoldenImageTester.exe.

    Golden Image Tester displays information regarding the following:

    • Administrator user

    • Windows license

    • Default internet browser

    • Microsoft Office suite

    • Adobe Reader

    • Java Runtime Environment

    You can use the command with the following parameters:

    Command line parameters

    Description

    Example

    -x

    --autoexit

    The program displays information regarding the machine terminates without expecting user input.

    GoldenImageTester.exe -x

    GoldenImageTester.exe --autoexit

    -d

    --debug

    The program enables the debug mode, which creates a log file, and awaits for user input when terminates.

    GoldenImageTester.exe -d

    GoldenImageTester.exe --debug

Note

You can use the command line options in any combination. For example, GoldenImageTester.exe -d -x.

golden-image-tester-debug-mode-14.png

Interpreting the output

Golden Image Tester verifies several conditions on the virtual machine, as described below. Some of these conditions are mandatory, while others are recommended and they do not prevent using the virtual machine as golden image.

After verification, Golden Image Tester provides a verdict on whether the virtual machine can be used for detonation or not.

If a mandatory condition is not met, Golden Image Tester displays an error message that describes the issue. In this case the virtual machine cannot be golden image for Sandbox Analyzer.

If a recommended condition is not met, Golden Image Tester display a warning message that describe the issue. The virtual machine can be golden image, but it will lack the ability of detonating certain file types, such as PDFs (when Adobe Reader is missing) or Office-compatible files (when Microsoft Office is missing).

Conditions checked by Golden Image Tester:

Administrator user

A virtual machine must have an Administrator user with no password configured. If this condition is not met, the virtual machine cannot be golden image for Sandbox Analyzer.

Windows license

The operating system on the virtual machine must be fully licensed, otherwise the virtual machine cannot be golden image. Sandbox Analyzer supports Windows 7 and Windows 10.

Default browser

A default internet browser must be configured in the virtual machine. Sandbox Analyzer supports the following browsers:

  • Google Chrome

  • Microsoft Internet Explorer

  • Mozilla Firefox

Microsoft Office

To detonate Office-compatible files, such as .docx or .xls, the Microsoft Office suite should be installed and licensed. However, you can use the virtual machine as golden image even without Microsoft Office installed.

Adobe Reader

To detonate PDF files, Adobe Reader should be installed on the virtual machine. However, you can use the virtual machine as golden image even without Adobe Reader installed.

Java Runtime Environment

To detonate Java executables (.jar files), Sandbox Analyzer requires Java Runtime Environment to be installed. However, you can use the virtual machine as golden image even without Adobe Reader installed.

In this section: