Filter by:

VMRay Analyzer V. 1.8 is released – cloudy or not

Available as an on-premise solution or a cloud subscription service Our latest release of VMRay Analyzer, V.1.8 is available as an on-premise downloadable install or now also as a cloud malware analysis subscription service. The full list of changes and enhancements are in the release notes of course. Here are the highlights: COM analysis We […]

READ MORE

Analyzing Ruby malware

Using Ruby interpreter to evade analysis and backdoor the target machine Malware running Ruby scripts against an interpreter may not be mainstream, but there’s certainly a long lineage, dating back almost a decade to the Metasploit framework being written in Ruby.  We see a trend now though of using high level languages regardless of the disadvantages (like needing […]

READ MORE

CryptoWall 2.0 analysis Part 2: getting down and dirty

Video: Mapping low-level to high level info in malware analysis to speed incident response. In the 2nd part of our CryptoWall malware analysis, we drill down in greater detail on what happened during execution of this ransomware. In particular, we explore the: Function log file General log file Hex dump PCAP (network traffic capture) Archive files We […]

READ MORE

Poking around CryptoWall 2.0 using hypervisor-based dynamic analysis – Part 1

We’ve produced a short video showing an analysis in VMRay of a widespread ransomware, a CryptoWall 2.0 variant. One of the most fascinating aspects of ransomware is the sophisticated business model behind these types of malware, which you can read more about here . >Our focus though is to use this as an example to demonstrate the submission and […]

READ MORE

Website designed and developed by Raincastle Communications, Inc.