diff --git a/misp_modules/modules/import_mod/__init__.py b/misp_modules/modules/import_mod/__init__.py
index 70b674a..b614d3f 100644
--- a/misp_modules/modules/import_mod/__init__.py
+++ b/misp_modules/modules/import_mod/__init__.py
@@ -1,3 +1,3 @@
 from . import _vmray
 
-__all__ = ['vmray_import', 'testimport', 'ocr', 'stiximport']
+__all__ = ['vmray_import', 'testimport', 'ocr', 'stiximport', 'cuckooimport']
diff --git a/misp_modules/modules/import_mod/cuckooimport.py b/misp_modules/modules/import_mod/cuckooimport.py
new file mode 100755
index 0000000..193477f
--- /dev/null
+++ b/misp_modules/modules/import_mod/cuckooimport.py
@@ -0,0 +1,196 @@
+import json
+import logging 
+import sys 
+import base64 
+
+misperrors = {'error': 'Error'}
+userConfig = {}
+inputSource = ['file']
+
+moduleinfo = {'version': '0.1', 'author': 'Victor van der Stoep',
+              'description': 'Cuckoo JSON import',
+              'module-type': ['import']}
+
+moduleconfig = []
+
+def handler(q=False):
+    # Just in case we have no data
+    if q is False:
+        return False
+    
+    # The return value
+    r = {'results': []}
+
+    # Load up that JSON
+    q = json.loads(q) 
+    data = base64.b64decode(q.get("data")).decode('utf-8')
+    
+    # If something really weird happened
+    if not data:
+        return json.dumps({"success": 0})
+   
+    data = json.loads(data)
+    
+    # Get characteristics of file  
+    targetFile = data['target']['file']
+    
+    # Process the inital binary
+    processBinary(r, targetFile, initial = True)
+    
+    # Get binary information for dropped files
+    if(data.get('dropped')):
+        for droppedFile in data['dropped']:
+            processBinary(r, droppedFile, dropped = True)
+    
+    # Add malscore to results
+    r["results"].append({ 
+        "values": "Malscore: {} ".format(data['malscore']), 
+        "types": "comment",
+        "categories": "Payload delivery", 
+        "comment": "Cuckoo analysis: MalScore"
+    })
+    
+    # Add virustotal data, if exists
+    if(data.get('virustotal')):
+        processVT(r, data['virustotal'])
+    
+    # Add network information, should be improved
+    processNetwork(r, data['network'])
+    
+    # Add behavioral information
+    processSummary(r, data['behavior']['summary'])
+    
+    # Return 
+    return r
+
+def processSummary(r, summary):
+    r["results"].append({ 
+        "values": summary['mutexes'], 
+        "types": "mutex",
+        "categories": "Artifacts dropped", 
+        "comment": "Cuckoo analysis: Observed mutexes"
+    })
+    
+def processVT(r, virustotal):
+    category = "Antivirus detection"
+    comment = "VirusTotal analysis" 
+    
+    if(virustotal.get('permalink')):
+        r["results"].append({ 
+            "values": virustotal['permalink'], 
+            "types": "link",
+            "categories": category, 
+            "comments": comment + " - Permalink"
+        })
+    
+    if(virustotal.get('total')):
+        r["results"].append({ 
+            "values": "VirusTotal detection rate {}/{}".format(
+                virustotal['positives'],
+                virustotal['total']
+            ), 
+            "types": "comment",
+            "categories": category, 
+            "comment": comment
+        }) 
+    else: 
+        r["results"].append({ 
+            "values": "Sample not detected on VirusTotal", 
+            "types": "comment",
+            "categories": category, 
+            "comment": comment
+        })
+    
+
+def processNetwork(r, network):
+    category = "Network activity"
+    
+    for host in network['hosts']:
+        r["results"].append({ 
+            "values": host['ip'], 
+            "types": "ip-dst",
+            "categories": category,  
+            "comment": "Cuckoo analysis: Observed network traffic"
+        })
+    
+
+def processBinary(r, target, initial = False, dropped = False):
+    if(initial): 
+        comment = "Cuckoo analysis: Initial file"
+        category = "Payload delivery"
+    elif(dropped):
+        category = "Artifacts dropped"
+        comment = "Cuckoo analysis: Dropped file"
+    
+    r["results"].append({ 
+        "values": target['name'], 
+        "types": "filename",
+        "categories": category, 
+        "comment": comment
+    })
+    
+    r["results"].append({ 
+        "values": target['md5'], 
+        "types": "md5",
+        "categories": category, 
+        "comment": comment
+    })
+    
+    r["results"].append({ 
+        "values": target['sha1'], 
+        "types": "sha1",
+        "categories": category, 
+        "comment": comment
+    })
+    
+    r["results"].append({ 
+        "values": target['sha256'], 
+        "types": "sha256",
+        "categories": category, 
+        "comment": comment
+    })
+    
+    r["results"].append({ 
+        "values": target['sha512'], 
+        "types": "sha512",
+        "categories": category, 
+        "comment": comment
+    })
+    
+    # todo : add file size?
+    
+    if(target.get('guest_paths')):
+        r["results"].append({ 
+            "values": target['guest_paths'],
+            "types": "filename",
+            "categories": "Payload installation", 
+            "comment": comment + " - Path"
+        })
+    
+
+def introspection():
+    modulesetup = {}
+    try:
+        userConfig
+        modulesetup['userConfig'] = userConfig
+    except NameError:
+        pass
+    try:
+        inputSource
+        modulesetup['inputSource'] = inputSource
+    except NameError:
+        pass
+    return modulesetup
+
+
+def version():
+    moduleinfo['config'] = moduleconfig
+    return moduleinfo
+
+if __name__ == '__main__':
+    x = open('test.json', 'r')
+    q = []
+    q['data'] = x.read()
+    q = base64.base64encode(q)
+    
+    handler(q)