How to open unknown files that have malware in Windows 10 with Sandbox

According to experts in security audits, from the May update of 2019 Windows Sandbox is available for Windows 10 system administrators. This tool provides an isolated environment of the main system installation to run unknown or unreliable source software.

Windows Sandbox works in a similar way to a virtual machine, although it offers security and efficiency features completely optimized for the Microsoft operating system. In addition, according to experts in security audits, all content scanned in this secure environment will be removed from your device once the Sandbox session is complete, creating a completely new desktop every time the tool is used. Next, we show you the steps to enable this security tool.

Create a configuration file for Windows Sandbox

  • Open Notepad
  • Click File
  • Select Save As
  • Enter a descriptive name and use the extension .wsb
  • Use the Save as Type menu and select All Files
  • Click the Save button

Once you complete these steps, you can edit the file using an XML format to control features such as graphics, networking, folder sharing, and startup scripts.

Managing the virtual network adapter in Windows Sandbox

To disable or enable the virtual network adapter in Windows Sandbox:

  • Open File Explorer
  • Navigate to the configuration file
  • Right-click the .wsb configuration file that you created earlier, select Open With, and then click Choose another application
  • Select Notepad
  • Click OK
  • Type the following to disable the virtual network adapter in Windows Sandbox:
<Configuration>
  <Networking>Disable</Networking>
</Configuration>
  • Type the following to enable networking in Windows Sandbox:
<Configuration>
  <Networking>Default</Networking>
</Configuration>

Note: Although you can disable the network, Windows Sandbox will enable this function by default, whether or not you use a configuration file

  • Click File
  • Click Save

After completing these steps, you can double-click the .wsb file to start Windows Sandbox with the configuration changes you specified.

How to manage virtual graphics in Windows Sandbox

To disable or enable graphics virtualization in Windows Sandbox after you install the May 2019 update, follow these steps:

  • Open File Explorer.
  • Navigate to the configuration file
  • Right-click the .wsb configuration file that you created earlier, select Open With, and then click Choose another application
  • Select Notepad option
  • Click OK
  • Type the following to disable the vGPU adapter in Windows Sandbox:
<Configuration>
  <VGpu>Disable</VGpu> 
</Configuration>
  • Type the following to enable the vGPU in Windows Sandbox:
<Configuration>
  <VGpu>Default</VGpu> 
</Configuration>

Note: Although you can specify disable vGPU, the Windows Sandbox will enable this function by default, whether or not you use a configuration file.

  • Click File
  • Click Save

Once you complete the steps, Windows Sandbox will use the graphics software representation on the virtual machine, but result in slower performance.

How to assign a host folder in Windows Sandbox

To share a folder from the host (physical) device to the Windows Sandbox desktop, follow these steps:

  • Open File Explorer
  • Navigate to the configuration file
  • Right-click the .WSB configuration file that you created earlier, select Open With, and then click Choose another application
  • Select Notepad
  • Click OK
  • Type the following to assign a folder in the Windows test area:
<Configuration>
  <MappedFolders>
    <MappedFolder>
      <HostFolder>C:\temp</HostFolder>
      <ReadOnly>true</ReadOnly>
    </MappedFolder>
  </MappedFolders>
</Configuration>

In the script, be sure to specify the path to the host folder that you want to appear in the Windows Sandbox within the HostFolder block. Also, within the ReadOnly block use the value “true” (recommended) to force access to the folder as read-only mode, or use the “false” value to allow read/write access to the folder.

  • Click File
  • Click Save

After completing the steps, when you run the .wsd file, Windows Sandbox will assign the folder, which you can easily access from the desktop. Each command that you run with Windows Sandbox will run under the account “WDAGUtilityAccount”, which means that shared folders always appear on the desktop.

How to run startup commands in Windows Sandbox

To run a command or script during logon in Windows Sandbox, follow these steps:

  • Open File Explorer
  • Navigate to the configuration file
  • Right-click the .WSB configuration file that you created earlier, select Open With, and then click Choose another application
  • Select Notepad
  • Click OK
  • Type the following to run a command during startup in Windows Sandbox:
<LogonCommand>
    <Command>cmd.exe</Command>
</LogonCommand>

Inside the command block, be sure to replace CMD. exe with the command you want to execute. If you need to run a complex command, we recommend that you create a script and then run it with a single command within Sandbox.

Once you complete these steps, Windows Sandbox will execute the command you specified after the session was created.

How to control multiple options in Windows Sandbox

To run Windows Sandbox with multiple custom options, follow these steps:

  • Open File Explorer
  • Navigate to the configuration file
  • Right-click the .WSB configuration file that you created earlier, select Open With, and then click Choose another application
  • Select Notepad
  • Click OK
  • Type the following to customize Windows Sandbox with all available options:
<Configuration>
  <Networking>Disable</Networking>
  <VGpu>Disable</VGpu>
  <MappedFolders>
    <MappedFolder>
      <HostFolder>C:\Temp</HostFolder>
      <ReadOnly>True</ReadOnly>
    </MappedFolder>
  </MappedFolders>
  <LogonCommand>
    <Command>cmd.exe</Command>
  </LogonCommand>
</Configuration>

According to experts in security audits of the International Institute of Cyber Security (IICS), after completing these steps, Windows Sandbox will start offline and use the software representation instead of a virtual GPU.