CW Sandbox is a web service with a similar looking frontend like all the other online virus scanners. What sets it apart is the remote secure environment that it uses to execute and analyze the files that get uploaded. It uses a sandbox to execute the file and will log all system activity that is connected to the file launch. The file analysis contains a summary but also detailed changes to the file system, the Windows Registry and network activity plus a technical summary with additional information.

Each report is divided into different categories. The File Changes for example contains categories that list newly created, opened and deleted files and a summary that lists all file operations in chronological order. The network activity analysis will detail connections that have been established including host names, IP addresses and if data has been posted to one of those addresses.

The submit form on the website of the project accepts files with a maximum size of 16 Megabytes. Zip files with up to 50 files can be uploaded to the service as well if the password is set to “infected”. A link to the file analysis will be send to the email address that the user enters when submitting the files.

CW Sandbox is an excellent online service that provides an in depth analysis of submitted files. The only drawbacks are the 16 Megabyte file size limit and that the reports are send to an email address with an undefined wait time. A ticket system on the website directly detailing the place in queue and the estimated wait time would be really helpful for users who are submitting files to the service.