Filter by:

VMRay Analyzer V 1.11: YARA, CarbonBlack and more

VMRay Analyzer  V 1.11 is now out, and once again we’re happy with the result and the added functionality we’ve baked in. Here’s an overview of some of the new features: CarbonBlack Connector CarbonBlack (CB) is the industry’s leading EDR vendor so they were a logical choice for our first out of the box integration. […]

READ MORE

Word macro uses WMI to detect VM environments

We recently came across an interesting malicious Word document that used an embedded Word macro to detect whether or not it was being opened inside a VM. If no VM was detected, the macro proceeded to attempt to download a payload (executable) to infect the machine. Let’s take a look at our analysis and how VMRay’s Function […]

READ MORE

Custom Threat Scoring with VTI

A Deep Dive into Automated, Customizable Threat Scoring In this second blog post about what’s new in V 1.10 we drill down into our VMRay Threat Identifier (VTI) engine and its threat scoring. It automatically identifies and flags malicious behavior using VTI rules, generating an overall severity score of malicious behavior. The VTI engine has […]

READ MORE

Website designed and developed by Raincastle Communications, Inc.