Unparalleled performance

VMRay Analyzer provides full insight into malware activity. Easy to install and use without special expertise. Get comprehensive results the way you want them.

Discover More

Featured Video

How It Works

See how our agentless hypervisor-based monitoring approach analyzes and detects threats that other approaches can’t.

More videos

Blog

Spora Ransomware Dropper Uses HTA to Infect System

This past week, a new Ransomware variant called Spora was spotted in the wild. Currently, Spora only targets Russian-speaking users. What’s interesting about this Ransomware is that its payment site is so well designed, one could think they are running a legitimate business. The dropper for Spora is basically an HTML application (.hta) that executes VBScript. […]

Read More “Spora Ransomware Dropper Uses HTA to Infect System”

AtomBombing Evasion and Detection

A new code injection technique is effective in bypassing most analysis and detection methods. Code injection has been a favorite technique of malware authors for many years. Injecting malicious code into an otherwise-benign process is an effective way of masking malware from anti-virus and sandbox detection. It is used to bypass end-host firewalls and to evade sandbox monitoring. […]

Read More “AtomBombing Evasion and Detection”

Goldeneye Ransomware Uses COM to Execute Malicious JavaScript

There is a new ransomware going wild in Germany called Goldeneye, which is a variant of Petya. It’s targeting German-speaking users via email by attaching an application (Bewerbung) in Excel format (xls). At the time we started analyzing the Goldeneye malware, VirusTotal scored 9/54, but the score varied for different attachments, some were as low […]

Read More “Goldeneye Ransomware Uses COM to Execute Malicious JavaScript”

See all posts