diff --git a/ai_anti_malware/ai_anti_malware.cpp b/ai_anti_malware/ai_anti_malware.cpp
index f47e2c3..491fdbd 100644
--- a/ai_anti_malware/ai_anti_malware.cpp
+++ b/ai_anti_malware/ai_anti_malware.cpp
@@ -315,7 +315,7 @@ auto doMalwareScan(int argc, char* argv[]) -> void {
 int doSandbox(int argc, char* argv[]) {
     if (argc < 3) {
         std::cout << "用法: " << argv[0] << " <文件路径> <地址>" << std::endl;
-        return;
+        return 0;
     }
 
     std::string filePath = argv[1];
@@ -326,13 +326,20 @@ int doSandbox(int argc, char* argv[]) {
     Sandbox se;
     se.InitEnv(peInfo);
     se.Run();
+    auto [buffer, size] = se.DumpPE();
+    std::string outputPath = "sandbox_dump.exe";
+    std::ofstream outputFile(outputPath, std::ios::binary);
+    if (outputFile.is_open()) {
+        outputFile.write(reinterpret_cast<const char*>(buffer.get()), size);
+        outputFile.close();
+    }
     return 0;
 }
 
 int main(int argc, char* argv[]) {
     // doMl(argc, argv);
     // doPredict(argc, argv);
-    doMalwareScan(argc, argv);
-    // doSandbox(argc, argv);
+    // doMalwareScan(argc, argv);
+    doSandbox(argc, argv);
     return 0;
 }