ThreatFeed
Linkedin-in Youtube Facebook-f
VMRay Pricing
Try VMRay

VMRay Blog

Stay current on the threat landscape with industry-leading cybersecurity insights!
Try VMRay
2019-05-15

Delivering More Comprehensive and In-Depth URL Analysis in VMRay Analyzer 3.0

URLs are a ubiquitous infection vector. Embedded in emails, documents, and webpages, they are encountered early and often in the infection cycle. In addition to hosting exploits and delivering malicious files, they also play a major role in concealing threats and attacks by misdirecting analysis tools and security professionals. To
Read More
2019-05-08

Explained: Smart Memory Dumping

In a recent major update of our flagship platform, VMRay Analyzer 3.0, we made dramatic improvements in the system’s memory dumping capabilities. In an automated approach we call smart memory dumping, VMRay Analyzer now triggers more frequent and more relevant memory dumps to capture a comprehensive view of malware characteristics
Read More
2019-04-30

Empowering Email Users with Abuse Mailbox

Email phishing continues to be the most prevalent infection vector confronting enterprise security teams today. And with no end in sight to email-driven cybercrime, VMRay has been enhancing its email integration options, most recently with the introduction of IR Mailbox, an add-on feature to VMRay Analyzer and VMRay Detector. IR
Read More
2019-04-09

Introducing VMRay Detector: High-Precision Threat Detection at Scale

SOC teams are often overwhelmed by the flood of known and suspected malware coming at them from every direction. Web and email gateways, endpoints and other systems all feed into the fire hose of suspicious files sent to the SOC—and all those potential threats need to be vetted ASAP. The
Read More
2019-03-25

SANS Webcast Recap: Dissecting Popular Malware Evasion Techniques

Like a modern Superbug that has grown resistant to conventional antibiotics, malware today has evolved rapidly and become increasingly complex. While much has been written about malware’s ability to evade sandboxes, little has been made of the specific techniques malware authors are employing to evade detection. In this post—condensed from
Read More
2019-03-07

Reducing Incident Response Times with Splunk Adaptive Response

Typical enterprise security architectures involve tools and products from multiple vendors. An unfortunate reality is these tools and products are not designed to work together out-of-the-box. The Splunk Adaptive Response Framework solves this challenge by connecting all of these products through pre-configured actions. Security teams using the VMRay Add-On for
Read More
2019-03-05

VMRay Analyzer 3.0: Raising the Bar for Automated Malware Analysis & Detection

With today’s release of VMRay Analyzer 3.0, we’ve set a new standard of performance and accuracy with our flagship solution for automated malware analysis and detection. With version 3.0 security teams can quickly analyze and detect advanced, zero-day and targeted malware—and initiate incident response—stopping attacks and threats that other technologies
Read More
2019-02-27

How CyberInt Uses VMRay to Stay One-Step Ahead of Threat Actors

Israeli cybersecurity company CyberInt provides Managed Detection and Response (MDR) services using an innovative approach that leverages both inside-out and outside-in visibility into a customer’s infrastructure. We’ve recently partnered with CyberInt to provide their customers with rapid detection at scale for the tens of thousands of malware samples they see
Read More
2019-01-23

Are You Ready for the Next Attack? 5 Tweaks to Your Incident Response Plan

Guest post by Limor Wainstein, Technical Writer & Editor at Agile SEO. IT security professionals have to deal with preventing and managing a variety of network security risks in their daily work, including cybercrime, the compromise of sensitive data, and service outages. The first line of defense is always prevention,
Read More
2019-01-08

Now, Near, Deep: The Power of Multi-Layered Malware Analysis & Detection

For malware authors, an important part of their strategy is to drown target organizations with a fire hose of constantly changing information. SOC teams struggle to keep pace with attackers’ ability to rapidly generate new malware variants, new URLs leading to infected websites, and new C2 (command & control) server
Read More
2018-12-18

SANS Webcast Recap: Infection to Remediation – Exploring the InfoStealer Kill Chain

While InfoStealers are hardly new, some recent developments have made them far more pervasive, more sophisticated, and more challenging to detect. In this post—condensed from a SANS webcast that he participated in— VMRay Product Manager Rohan Viegas along with SANS analyst Jake Williams discuss the mechanics of how InfoStealers work,
Read More
2018-11-29

Analyzing Location-Based Malware with Geo Anonymization

Malware authors regularly create campaigns to target victims in specific countries. Recent examples using location-based malware include two campaigns that delivered banking trojans to customers of financial institutions in Brazil and the Danabot malware campaign that targeted users in Australia and Europe. Such attacks are often meticulously crafted. The phishing
Read More
2018-11-27

6 Best Practices for your Malware Sandbox Proof of Concept

Any time you incorporate a major new component—such as a sandbox platform—into your security ecosystem, it’s important to do a rigorous, side-by-side evaluation of competing products to determine the best choice for your situation. But a proof of concept is about more than detection rates and vendor scores. It’s also
Read More
2018-11-15

SANS Webcast Recap: Dissecting GandCrab Ransomware

GandCrab is one of the most prevalent ransomware families in 2018. In this post—condensed from a SANS webcast that he participated in— VMRay Product Manager Rohan Viegas discusses the fundamental techniques GandCrab uses to encrypt user’s files and basic detection methods that can provide the first line of defense against
Read More
2018-10-16

How Expel Gets Answers, Not Alerts

Using VMRay Analyzer to get a full picture of attacker activity Tyler Fornes, a Senior Security Analyst at Expel, explains how his team uses VMRay Analyzer to quickly analyze suspicious or malicious files that have been identified in a client’s environment. The most significant result: Investigation times can be cut

Read More
2018-10-10

How VMRay Analyzer Powers MSSPs & MDRs

“The information VMRay Analyzer surfaced was exactly what we needed.” A little while ago our team traveled down to Herndon, VA to visit the offices of our partner Expel and hear first hand how they were using our technology for their MSSP offering. Expel’s CTO Matt Peters explained to us
Read More
2018-10-10

Effectively Responding to a Security Breach with Cb Response

In our recent Partner Perspectives blog post with Carbon Black, we detailed how our out-of-the-box integration with Cb Response allows Computer Incident Response Teams (CIRTs) to be more effective with incident response and proactiveness during threat hunting. To further demonstrate our integration, we created a short video showing how Cb

Read More
2018-10-03

Introducing the IDA Plugin for VMRay Analyzer

In this blog post, we’ll walk through the first version of the VMRay Analyzer IDA Plugin, which uses the output of VMRay Analyzer to enrich IDA Pro static analysis with behavior-based data. The plugin adds comments to dynamically-resolved API calls within IDA to show the resolved function, its parameters, return
Read More
2018-09-18

Improving Cyber Resilience with VMRay + InQuest

About InQuest InQuest provides a data acquisition and analysis platform. Providing network defenders with capabilities to block attacks, detect sophisticated breaches, discover sensitive data leaks, and hunt for otherwise unseen campaigns. Built out of necessity and touting a feature-set driven by seasoned SOC analysts with over 15 years of hands-on
Read More
2018-09-02

DEF CON CTF Finals: An Inside View

Hello everyone, My name is Tobias Scharnowski (@ScepticCtf). I’m a student employee at VMRay and a member of FluxFingers, the official Capture the Flag (CTF) team at Ruhr University Bochum (RUB), supported by VMRay and also part of the German team, Sauercloud. This August, my FluxFingers teammates and I traveled
Read More
2018-08-21

How to Use Interactive Malware Analysis with VMRay Analyzer

[Editor’s Note: This post was updated on May 19th, 2020] In the daily war against malware authors, incident response teams (CIRTs) need a comprehensive yet versatile sandbox as part of their automated malware analysis process. This provides the performance, scalability, and accuracy needed to handle the onslaught of malware-related threats.
Read More
2018-08-07

Forgotten MS Office Features Used to Deliver Malware

According to Microsoft’s 2016 Threat Intelligence Report, 98% of Office-targeted threats use macros. So, shouldn’t we just focus our efforts on detecting threats that leverage macros? Of course not. Attackers will constantly innovate. Finding ways to bypass existing security solutions and making malware easy to execute are top of mind
Read More
2018-07-13

VMRay Analyzer v2.3: Pairing Superior Performance with Exceptional Detection Efficacy

At the core of VMRay Analyzer is our dynamic analysis engine. Built on an agentless hypervisor-based approach, it delivers unparalleled detection efficacy and evasion resistance. In Version 2.0, we added a rapid reputation engine allowing malware analysts and incident response (DFIR) professionals to quickly identify not only known threats but
Read More
2018-06-18

How Parallel Lives Converged to Create VMRay

In hindsight, it looks like Carsten Willems and Ralf Hund, the co-founders of VMRay, were destined to follow the same path for an extended period in their lives. Since first meeting in 2007, they have studied alongside each other, collaborated on groundbreaking research, started a company (VMRay), based in their
Read More
2018-06-05

The Evolution of GandCrab Ransomware

[Editor’s Note: This post was updated on July 9th, 2018 with analysis of Gandcrab v4] Like legitimate commercial software, commercial malware also needs a viable business model. For ransomware, the most popular business model is now Ransomware-as-a-Service (RaaS). RaaS focuses on selling ransomware as an easy-to-use service, opening up a
Read More
2018-05-22

Beyond the EU, GDPR Creates New Risks and Obligations

At the recent RSA Conference in San Francisco, I spent a good deal of time meeting with VMRay partners to discuss their preparations for the General Data Protection Regulation (GDPR). The regulation, which takes effect on May 25, creates a new framework for safeguarding the personal data and privacy rights
Read More
2018-03-19

Risky Business Podcast: VMRay Analyzer 2.2’s Unparalleled Usability & Seamless High-Volume Analysis

VMRay’s agentless hypervisor-based analyzer was featured on the latest Snake Oilers episode of the Risky Business podcast. I spoke to host Patrick Gray about the guiding philosophy for VMRay Analyzer 2.2: to deliver unparalleled usability and effectiveness for all DFIR specialists and malware analysts, regardless of skill level. We also
Read More
2018-03-07

VMRay Malware Analysis Report Recap – February 2018

Welcome to the VMRay Malware Analysis Report Recap. Every month our Research Team provides a recap of the malware analysis reports posted to the VMRay Twitter account. This past February, our team analyzed Black Ruby ransomware, Cobalt Strike Beacon and a Javascript file attempting to detect VMs via the registry.

Read More
2018-02-15
VMRay Analyzer 2.2 – An Improved User Experience for Malware Analysts and Incident Responders

VMRay Analyzer 2.2 – An Improved User Experience for Malware Analysts and Incident Responders

At VMRay, our underlying malware detection and analysis technology clearly sets us apart from the competition. With the release of VMRay Analyzer 2.2, we’ve focused on: improving the user experience enhancing our detection efficacy and providing more valuable threat intelligence to malware analysts and incident responders. The latest release has
Read More
2018-02-07
VMRay Malware Analysis Report Recap – February 2018

VMRay Malware Analysis Report Recap – January 2018

Welcome to the VMRay Malware Analysis Report Recap. Every month our Research Team provides a recap of the malware analysis reports posted to the VMRay Twitter account. This past January, our team analyzed a variant of BigEyes/Lime ransomware, GandCrab ransomware and Lotus Blossom malspam. Click the links below to jump
Read More
Vmray threatfeed

Latest Malware Analysis Reports

Access
Get The Latest Update

Subscribe to our newsletter

Keep up to date with our weekly digest of articles. Get the latest news, invites to events, and threat alerts!

ThreatFeed

Linkedin-in Youtube Facebook-f
VMRay Pricing
Try VMRay

🚀 Meet UniqueSignal: empower your security operations with precise and actionable threat intelligence!

Start Free Trial