ThreatFeed
Linkedin-in Youtube Facebook-f
VMRay Pricing
Try VMRay

VMRay Blog

Stay current on the threat landscape with industry-leading cybersecurity insights!
Try VMRay
2021-04-26

VMRay Platform v4.2.0 Release Highlights

With the release of version 4.0 last year, the VMRay Platform took a huge leap forward and further solidified itself as the preeminent software for SOC and CERT teams that need automated analysis and detection of advanced threats. Version 4.1 further rounded out the offering with incremental yet significant enhancements,

Read More
2021-03-24

Malware Classification Case Study: Raccoon Stealer

In this Malware Analysis Spotlight, we will assume the role of a threat researcher tasked with analyzing, categorizing, and classifying an unknown malicious sample. We will analyze the unknown sample in a malware sandbox to jumpstart the process. Our unknown sample in this Spotlight is the information stealer, Raccoon (also
Read More
2021-02-23

[SANS Webcast Recap] When Malware Source Code Leaks: Challenges & Solutions for Tracking New Variants

When malware source code is leaked into the wild, opportunistic malware authors will often be quick to analyze and repurpose the code to create new variants of their own malware, providing another avenue for them to escape detection. This post, condensed from a SANS webcast featuring SANS Analyst Jake Williams
Read More
2021-02-17

VMRay Signs Distribution Agreement With Multipoint Group to Expand into Israeli Market

Bochum, Germany – February 17, 2021 – VMRay, a provider of automated malware analysis and detection solutions, today announced that it has signed a distribution agreement for the Israeli market with Multipoint GROUP, a leading distributor of IT security and Internet technology solutions in the Mediterranean region. “Our business is
Read More
2021-02-04

Analyzing a DLL in a Sandbox: Speeding up Analysis of an APT Implant

Recently, Google’s Threat Analysis Group published a blog post about a campaign targeting security researchers, which they attribute to an entity backed by the North Korean government. Using social engineering the attackers try to convince victims to download and open a Visual Studio Project file. This file contains commands that
Read More
2021-01-20

VMRay and ELITE VAD Sign Distribution Agreement

Bochum, Germany – January 20, 2021 – VMRay, a provider of automated malware analysis and detection solutions, today announced that it has signed a strategic partnership with EliteVAD, one of the largest value-added distributors in the Middle East and Africa. The new distribution agreement expands VMRay’s reach into new markets
Read More
2021-01-17

Malware Analysis Spotlight: SocialPhish (and its Anti-Social Usage of Phishing Templates)

Introduction to SocialPhish – An Open-Source Phishing Toolkit In the following Malware Analysis Spotlight, we will take a look at phishing campaigns that are likely generated by abusing an open-source phishing toolkit – SocialPhish. SocialPhish’s README states that at least some of its phishing templates were generated by SocialFish (another

Read More
2021-01-14

Malware Analysis Spotlight: OSAMiner Uses Run-Only AppleScripts to Evade Detection

This week the team at SentinelLabs released an in-depth analysis of macOS.OSAMiner, a Monero mining trojan infecting macOS users since 2015. The authors of macOS.OSAMiner used run-only AppleScripts which made attempts at further analysis more difficult. In 2020, the SentinelLabs Team discovered that the malware authors were evolving their evasion
Read More
2021-01-11

VMRay Appoints Marcus Conroy As New Vice President Of Sales, Americas

Former Cofense Sales Executive Joins Leading Malware Analysis and Detection Solutions Company to Drive Growth in the Americas Region Boston, MA – Jan 13, 2021 – VMRay, a provider of automated malware analysis and detection solutions, today announced the appointment of Marcus Conroy as its new Vice President of Sales
Read More
2020-12-22

VMRay Signs Agreement with Factor Group to Expand Into Russian Market

Bochum, Germany – Dec 22, 2020 – VMRay, a provider of automated malware analysis and detection solutions, today announced that it has signed an agreement with Factor Group, one of the largest value-added distributors in the Russian Federation. The new agreement will allow Factor Group to resell and integrate VMRay’s
Read More
2020-12-15

Malware Analysis Spotlight – Hentai Oniichan Ransomware (Berserker Variant)

In this Malware Analysis Spotlight, we analyze the Berserker variant of Hentai Oniichan Ransomware. We’ve observed at least two different variants of Hentai Oniichan Ransomware in-the-wild, King Engine, and Berserker. What we found interesting in our analysis of the Berserker variant is its attempts to make recovery difficult by deleting
Read More
2020-12-10

VMRay Closes $25 Million Series B

Digital+ Partners Leads Continuation Funding Round in Growing Automated Threat Analysis & Detection Provider, Closing its Series B Round at US $25 Million Bochum, Germany – Dec 10, 2020 – VMRay, a provider of automated threat analysis and detection solutions, today announced that it has closed the second round of
Read More
2020-12-03

VMRay Platform v4.1.0 Release Highlights

Something New to Usher in the New Year As the world prepares to say “Goodbye (and good riddance!) to 2020,” VMRay is looking ahead to the New Year by unveiling VMRay Platform Release v4.1.0, which builds on major innovations introduced in September. VMRay Platform Platform v4.1.0 incorporates dozens of new
Read More
2020-11-18

Malware Analysis Spotlight: AZORult Delivered by GuLoader

Earlier this year, in one of our blog posts we covered GuLoader, a downloader outfitted with advanced anti-analysis techniques that has delivered FormBook, NanoCore, LokiBot, and Remcos among others. Recently, we’ve observed GuLoader delivering AZORult. Active for many years, AZORult is an information stealer that has seen many iterations and
Read More
2020-10-19

Malware Analysis Spotlight: Warzone RAT – Automatically Peeling Away the Layers

10/21/2020: The classification of the malware in this Threat Spotlight has been corrected from “Ave_Maria” to “Warzone RAT”. The source of the distinctive “Ave_Maria” substring can be attributed to the open-source TinyNuke malware, which was reused in some Warzone RAT samples. In TinyNuke the string “AVE_MARIA” is transmitted in the
Read More
2020-10-08

Explained: VMRay Verdict System

When users submit a file or URL to VMRay for analysis, they are usually most interested in answering the question “Is this malware? Yes or no.” Previous to our most recent 4.0 release, this question was answered in the VMRay Platform with a severity score (or VTI Score, explained here).
Read More
2020-10-06

VMRay Signs U.S. Distribution Agreement With Ingram Micro

Expanded Alliance Extends Distribution Agreement with Ingram Micro for Fast-Growing Provider of Malware Analysis and Detection Solutions Boston, MA – March 3, 2021 – VMRay, a provider of automated malware analysis and detection solutions, today announced it has expanded its strategic alliance with Ingram Micro Inc., the world’s largest distributor
Read More
2020-10-06

[SANS Webcast Recap] Power! Unlimited Power! Understanding the Techniques of Malicious Kernel-Mode Code

Kernel-mode malware is among the most difficult to detect and remove. In this post—condensed from a SANS webcast featuring SANS analyst Jake Williams and VMRay Sr. Threat Researcher Tamas Boczan present an introduction into kernel-mode rootkits, explaining why attackers use them, how they bypass mitigations built into Windows and break
Read More
2020-10-01

Malware Analysis Spotlight: Formbook (September 2020)

A Fresh Look at an Old Problem Formbook is a well-known malware family of data stealers and form grabbers. Sold as “malware-as-a-service” on hacking forums since early 2016, anyone so inclined can purchase a subscription and use the Formbook tool. It is usually distributed using malspam containing malicious attachments and
Read More
2020-09-15

Malware Analysis Spotlight: Qbot’s Delivery Method

The Re-Emergence of Qbot After more than a decade in operation, the Qbot Trojan is back in the news. A modified version of the malware which now extracts email threads from Outlook to use in phishing attacks was used in a prominent campaign that ran from March to the end
Read More
2020-09-14

VMRay Signs Partnership with Sababa Security to Expand into Italian Cybersecurity Market

Bochum, Germany – Sept 15, 2020 – VMRay, a provider of automated malware analysis and detection solutions, today announced that it has signed a strategic partnership with Sababa Security, a cybersecurity vendor based in Milan, Italy. The new agreement will enable Sababa Security to integrate VMRay’s solutions into its security

Read More
2020-09-09

VMRay Signs Partnership with Deepcase to Expand Into the Growing Turkish Cybersecurity Market

Bochum, Germany – Sept 9, 2020 – VMRay, a provider of automated malware analysis and detection solutions, today announced that it has signed a strategic reseller partnership with Deepcase, a provider of threat hunting, Digital Forensics and Incident Response (DFIR), and other threat intelligence services headquartered in Ankara, Turkey. The
Read More
2020-09-08

VMRay Platform v4.0.0: Link Detonation, Smart Caching, Enhanced IOC Extraction, and more

With the September release of VMRay Platform v4.0.0, we’re pleased to introduce significant improvements to all three of our products ‑ Analyzer, Detector, and Email Threat Defender (ETD), particularly in matters related to handling malicious links. These enhancements include: The launch of a powerful and unique new method of dynamic
Read More
2020-09-02

VMRay Signs Technology Partnership With Anomali Featuring Free Daily Malware Reports To Customers

Leading Malware Analysis Solution Available Via Anomali ThreatStream Opens the Door for Security Teams to Unlock Unprecedented Threat Intelligence and Visibility Boston, MA – September 2, 2020 – VMRay, a provider of automated malware analysis and detection solutions, today announced a free-of-charge offering to all Anomali ThreatStream customers. The offering
Read More
2020-08-20

Threat Bulletin: WastedLocker Ransomware

Targeted ransomware is a common occurrence nowadays. Recently Garmin confirmed to have been the target of a ransomware attack on July 23, 2020, which led to the interruption of many of their online services. According to Bleeping Computer, the ransomware has been confirmed to be WastedLocker. The article goes on
Read More
2020-08-19

VMRay Signs Distribution Agreement with RAH Infotech to Expand Reach In The Growing APAC Market

Leading Malware Analysis & Detection Provider Signs Agreement with India’s Fastest Growing Value-Added Distributor Bochum, Germany – Aug 26 2020 – VMRay, a provider of automated malware analysis and detection solutions, today announced that it has signed a strategic distribution partnership with RAH Infotech, one of India’s fastest-growing value-added distributors
Read More
2020-08-17

SANS Webcast Recap: Defense Against Dark Arts – Dissecting Sandbox Evasion Techniques

If you are of a certain age, you might remember Mad Magazine’s satirical Spy v. Spy comic strip in which two agents – one dressed completely in white and the other in black – would try and outwit and annihilate each other on a weekly basis. Malware authors and the
Read More
2020-08-11

Malware Analysis Spotlight: MassLogger’s Noisy Stealing Attempts

In this Malware Analysis Spotlight, the VMRay Labs Team will examine MassLogger, a Spyware/Stealer that was first publicly observed in-the-wild at the end of April. During our analysis, we monitored a significant amount of behavioral matches for techniques that MassLogger uses to discover the host machine and to steal sensitive
Read More
2020-07-22

Malware Analysis Spotlight: The Return of Emotet

After a long time of being inactive, the infamous malware delivery framework Emotet is back – the three Emotet botnets started pushing malicious spam on Friday, July 17. In this Malware Analysis Spotlight, we will take a look at one of the Microsoft Word documents used in the campaign (Figure
Read More
2020-07-16

Decoding the Verizon DBIR Report: An Insider’s Look Beyond the Headlines

This blog post was originally posted on Dark Reading. To truly understand cybersecurity trends, we must look beyond the headlines and ask more of the data. What you learn might surprise you. For the past 13 years, Verizon’s “Data Breach Investigations Report” (DBIR) has been the industry’s definitive resource for
Read More
Vmray threatfeed

Latest Malware Analysis Reports

Access
Get The Latest Update

Subscribe to our newsletter

Keep up to date with our weekly digest of articles. Get the latest news, invites to events, and threat alerts!

ThreatFeed

Linkedin-in Youtube Facebook-f
VMRay Pricing
Try VMRay

🚀 Meet UniqueSignal: the actionable malware intelligence VMRay powers. 60 Days FREE TRIAL - Available For A LIMITED TIME.

Start Free Trial