Currently, the submission process on our online sandbox plays out like a step by step quest. Thanks to the interactivity of our service, with dynamic malware analysis you have total control over the malware activity and can affect it in a few clicks, which you can not do with automated malware analysis. Find your own unique approach to the analysis of each malware sample!
Modern exploit kits can create various issues in different browsers. Therefore, checking
suspicious URLs in just one browser may not show all attack vectors of the malware.
Our analysis service supports the latest versions of all popular browsers and operating systems, which optimizes phishing attacks researching, while the ability to download pages with a custom User-Agent header is useful to research phishing on mobile devices.
Structural understanding of attacks is very important for threat security analysis.
Most of our signatures are mapped to the mitre ATT&CK matrix and are presented in a convenient way, providing unlimited opportunities for training new staff.
Our malware analysis service makes understanding how the attack took place and what techniques were used much easier!
Our service displays the attack pattern in an interactive visual tree structure, allowing malware analyst to easily analyze the main malicious processes at a glance. The free version of our service displays:
All Graphs on our sandbox are fully interactive, allowing researchers to select processes and view more detailed information. Graphs are also automatically included in text reports, giving them additional visibility.
Each new public task complements a huge database. All our data may be used for reanalysis in our system or exported for external analysis. It includes:
Our HTML report function allows researchers to format the result of the malware analysis online
in order to share with colleagues or for printing.
We provide comprehensive information on the analysis which includes all indicators of compromises, screenshots and Process behavior graphs.
Text reports are customizable and allow excluding unneeded features and hiding sections so that excessive information does not end up in the final presentation.
Investigate HTTP(s) requests/responses and their headers, even for URLs with SSL encryption,
with MITM proxy feature! All connections are bound to the processes to know which process is
doing it. Watch the network streams to know what data is being sent there. We analyze all the
network events and show reputation level if we know something about it. Moreover, we provide
extended IDS rulesets with detailed information about the threat.
Route you connection via TOR and leave no chance for malware to escape your eye with network geolocation feature. Choose the country from where you want to surf.
After the malware traffic analysis, export PCAP and SSL keys for use in external malware analysis tools.
Get valuable information about the artifacts of network and operating system that were found during the online malware analysis. Use the data to proactively guard against evasive threats in your system. All selected indicators of compromise can be quickly copied and shared with your colleagues or exported to JSON format.