VMRay brings an agentless approach to dynamic malware analysis. Embedded in the hypervisor, VMRay Analyzer monitors and analyzes malware behavior from that vantage point. Because VMs in the sandbox aren’t instrumented, threats execute as they would in the wild, and the analysis is invisible, even to evasive malware strains.

Where VMRay Analyzer is Used

Incident Response

Enterprises and Organizations doing incident response against targeted attacks (CERT, CIRT, LEO)

Threat Intel

Security Solution Providers augmenting their threat intelligence

Protection

Analysis and detection results are actionable intelligence for blocking and remediation by AV, NGFW etc.

OEM Integration

Embedded into Security Appliances and Cloud Security Solutions

View Products

Features

Evasion Resistance

  • Virtually impossible for malware to detect and evade
  • Survives system reboot and monitors autostart operations
  • Not a single bit is modified inside the monitoring environment

Extensive Coverage

  • Broad coverage of all Office Docs. and executables, scripts, URLs and more
  • Complete visibility into low-level control flow
  • Detailed behavioral analysis and network semantics

Seamless Integration

Customized Yet Automated

  • Built-in Yara ruleset can be customized and extended
  • Supports custom pre-analysis scripts to tailor the environment for each analysis
  • Manual interaction with malware using VNC

Flexible Report Formats

  • High-level, summary for non-security experts and managers
  • Fine-grained, function-level logs with all input and output parameters
  • Output formats for automated processing or manual review: HTML, XML, CybOX/STIX, JSON and text files

Easy Deployment

  • Offered as a cloud service or on premises
  • Access to all functionality via a user-friendly Web interface or REST APIs
  • Cost-effective scalability

Get the Data Sheet

View The Analysis Reports

WannaCry Ransomware

View the Analysis

(Not)Petya Ransomware

View the Analysis

Jaff Ransomware

View the Analysis