dynamic malware analysis – WindowsTechs.com

Revamping in-house dynamic analysis with VirusTotal Jujubox Sandbox

Posted on October 24, 2019 by Fernando Diaz

VirusTotal Jujubox Sandbox in action:This is a small datastudio set up to illustrate the kind of analytics that can be built with a massive dynamic analysis setup, generating IoCs. Note that there are several pages.One of the main themes of VirusTotal’… Continue reading Revamping in-house dynamic analysis with VirusTotal Jujubox Sandbox→

VirusTotal multisandbox += VenusEye

Posted on October 23, 2019 by Karl Hiramoto

VirusTotal multisandbox project welcomes VenusEye. The VenusEye sandbox is currently contributing reports on PE Executables, documents and javascript. In their own words:VenusEye Sandbox, as a core component product of VenusEye Threat Intelligence Cent… Continue reading VirusTotal multisandbox += VenusEye→

VirusTotal MultiSandbox += Yoroi: Yomi sandbox

Posted on May 8, 2019 by Karl Hiramoto

We are excited to welcome Yomi: The Malware Hunter from Yoroi to the mutisandbox project. This brings VirusTotal upl to seven integrated sandboxes, in addition to VT’s own sandboxes for Windows, MacOS, and Android. In their own words:Yomi engine impl… Continue reading VirusTotal MultiSandbox += Yoroi: Yomi sandbox→

VirusTotal Multisandbox += NSFOCUS POMA

Posted on May 7, 2019 by Karl Hiramoto

We are pleased to announce that the multisandbox project has partnered with NSFOCUS POMA. This brings VirusTotal up to six integrated sandboxes. The NSFOCUS sandbox gives us insight into the behaviour of samples that run on Windows 7 and XP SP3.In thei… Continue reading VirusTotal Multisandbox += NSFOCUS POMA→

Multisandbox project welcomes ReaQta-Hive

Posted on January 8, 2019 by Karl Hiramoto

We are pleased to announce the addition of ReaQta-Hive to the multisandbox project, after the integrations of Tencent Habo, VirusTotal Droidy, Cyber adAPT ApkRecon, and Dr. Web vxCube. The unique new feature that this integration brings is XSL documen… Continue reading Multisandbox project welcomes ReaQta-Hive→

Additional Crispiness on the MacOS box of apples sandbox

Posted on March 6, 2018 by Karl Hiramoto

In November 2015 we first released our MacOS sandbox. We now have an incremental feature improvements live on our site to help our users get further behavioral information from samples scanned with VirusTotalSeveral improvements visible to users a… Continue reading Additional Crispiness on the MacOS box of apples sandbox→

Malware analysis sandbox aggregation: Welcome Tencent HABO!

Posted on November 9, 2017 by Emiliano Martinez

VirusTotal is much more than just an antivirus aggregator; we run all sorts of open source/private/in-house tools to further characterize files, URLs, IP addresses and domains in order to highlight suspicious signals. Similarly, we execute a variety of… Continue reading Malware analysis sandbox aggregation: Welcome Tencent HABO!→

Malware Network Communication Provides Better Early Warning Signal

Posted on May 24, 2017 by Michael Mimoso

An academic paper to be presented today at IEEE posits that analysis of network signals provides a better early warning of malware than infections than current practices. Continue reading Malware Network Communication Provides Better Early Warning Signal→