Every user has experienced the negative outcome of opening a malicious or unwanted program on their computer – even power users. This is why a cool company, called Sandboxie Holdings has developed the Sandboxie app – because users need to be at the very least protected while doing so. Since we like the idea, we have decided to try and test Sandboxie by opening some pretty dangerous executables.
| Name | Sandboxie |
| Type | Sandbox software/Program security |
| Developer | 2004-2015 by Sandboxie Holdings, LLC. |
| Official Website | sandboxie.com |
| Operating System | From Windows XP to Windows 10 |
| License Price | Free and also a Licenced option. The Licensed version has more features and costs $47.95 for 1 year (2-49 computers). |
Sandboxie – Main Features
<
After installing the 8.1 MB application, it was established that its total size in the %Program Files% folder was 5.48 MB in total. The program starts with tutorial on how the sandboxing technology for Windows works:
Furthermore, Sandboxie is compatible with all versions of 64 and 32 bit Windows from XP above. In addition to that, the application supports other programs such as the web browsers Google Chrome, Mozilla Firefox, Cyberfox, Opera Browser and Internet Explorer from version 6 to 11.
When the app is opened, the user is presented with a simple interface showing his sandboxed applications:
After a program, called Active Presenter which is relatively resource demanding was tested in and out of Sandbox, the results were satisfying:
We have decided to test the sandbox app with live malware using an executable from a notorious malware, called Locky Ransomware, provided by theZoo – a project which is essentially an updated “repository of live malware”. Locky is malware which encrypts the files on the user’s PC asking ransom money to decrypt them. The result was that Locky started mimicking rundll32.exe process after it was executed, but nothing happened and the antivirus software did not react:
After this situation happened and Locky briefly ran and shut down, we decided to do a boot scan with Avast Free Antivirus twice to see whether or not the ransomware has created any files on the user PC. Avast currently detects Locky ransomware as “Win32:Locky-{variant name}”. During the boot scan Avast discovered a corrupt archive of a driver which was downloaded from a suspicious site, but nothing related to Locky and no new malicious files or registries and what so ever were discovered on the user PC:
To additionally make sure that users are protected, we have tried to use an infected setup of a patch that contains a Trojan named MSIL: Tyupkin. Sandboxie immediately reacted that an app is requesting administrator privileges on the computer:
So as far as security is concerned this program is really good, especially if you set it to run everything while in its sandboxes. If you know what you are doing and installing on your computer, it will definitely keep you safe.
What We Like
There are many features of the program which we enjoyed while reviewing it:
- Detailed options
- Very light on the computer (takes up CPU power next to none and around 2.5 MB from the RAM).
- Very secure – shuts down executables which are malicious and tries to force modify or create files.
- Simple to use and very incognito – only a thin yellow line around the borders of the sandboxed app.
- Shows the processes of the applications.
- No difference in app performance – relatively the same as if the program does not exist.
- Compatibility with older Windows versions.
What Is Missing
We would like to see several improvements to be made in Sandboxie:
- User-friendly accessible settings – instead of modifying a setting with a click, you have to edit a document in Notepad. Not everyone is tech savvy.
Conclusion
This is a perfect example of using the sandboxing technology to browse on a daily basis while remaining secure. It is perfect for Windows users and we would definitely categorize it as one of the must-have programs while doing your daily PC activities. The application is amazing if you are a brave network warrior who tests suspicious files and also for inexperienced users, like children, for example.
Note: This test was performed on Lenovo B50-70 with 64-bit Windows 10 and Dell Inspiron 3000 series with a 64-bit Windows 7.
Sandboxie logo image source: https://www.sandboxie.com/
Ventsislav Krastev
Ventsislav is a cybersecurity expert at SensorsTechForum since 2015. He has been researching, covering, helping victims with the latest malware infections plus testing and reviewing software and the newest tech developments. Having graduated Marketing as well, Ventsislav also has passion for learning new shifts and innovations in cybersecurity that become game changers. After studying Value Chain Management, Network Administration and Computer Administration of System Applications, he found his true calling within the cybersecrurity industry and is a strong believer in the education of every user towards online safety and security.
Follow Me: