Collaborate Disseminate
We welcome the new multisandbox integration with Microsoft sysinternals. It was also recently announced on the sysinternals blog as part of their 25th anniversary. This industry collaboration will greatly benefit the entire cybersecurity community… Continue reading VirusTotal Multisandbox += Microsoft Sysinternals
VirusTotal would like to welcome BitDam to the multi-sandbox project! In their own words:BitDam Advanced Threat Protection (ATP) is a cloud-based engine that proactively detects threats, pre-delivery, preventing hardware and logical exploits, ransomwa… Continue reading VirusTotal MultiSandbox += BitDam ATP
TL;DR: VirusTotal APIv3 includes an endpoint to retrieve all the dynamic analysis reports for a given file. This article showcases programmatic retrieval of sandbox behaviour reports in order to produce indicators of compromise that you can use to pow… Continue reading Pipelining VT Intelligence searches and sandbox report lookups via APIv3 to automatically generate indicators of compromise
VirusTotal Jujubox Sandbox in action:This is a small datastudio set up to illustrate the kind of analytics that can be built with a massive dynamic analysis setup, generating IoCs. Note that there are several pages.One of the main themes of VirusTotal’… Continue reading Revamping in-house dynamic analysis with VirusTotal Jujubox Sandbox
Today, VirusTotal is happy to welcome SNDBOX to the Multi-sandbox project. SNDBOX is a cloud based automated malware analysis platform. SNDBOX advanced dynamic analysis capabilities gives additional insights and visibility intro a variety of file-types… Continue reading VirusTotal MultiSandbox += SNDBOX
The multisandbox project keeps growing, short after the integration of Tencent Habo, VirusTotal Droidy and Cyber adAPT ApkRecon we are now welcoming Dr.Web vxCube. What is most exciting about this integration is that not only does it run executables, b… Continue reading Multisandbox project welcomes Dr.Web vxCube
Recently we called out Additional crispinness on the MacOS box of apples sandbox, continuing with our effort to improve our malware behavior analysis infrastructure we are happy to announce the deployment of a new Android sandbox that replaces the exis… Continue reading Meet VirusTotal Droidy, our new Android sandbox
In November 2015 we first released our MacOS sandbox. We now have an incremental feature improvements live on our site to help our users get further behavioral information from samples scanned with VirusTotalSeveral improvements visible to users a… Continue reading Additional Crispiness on the MacOS box of apples sandbox
VirusTotal is much more than just an antivirus aggregator; we run all sorts of open source/private/in-house tools to further characterize files, URLs, IP addresses and domains in order to highlight suspicious signals. Similarly, we execute a variety of… Continue reading Malware analysis sandbox aggregation: Welcome Tencent HABO!
ThreatTrack Labs has recently observed a surge of spam containing a zip attachment with a WSF (Windows Scripting File) to deliver Zepto ransomware. This tactic is a change from the common JavaScript and macro documents being spammed previously. Here are actual emails featuring familiar social engineering tactics: The zip attachments contain the WSF. An Interactive […]
The post Zepto Ransomware Packed into WSF Spam appeared first on ThreatTrack Security Labs Blog.