VMRay brings an agentless approach to dynamic malware analysis. Embedded in the hypervisor, VMRay Analyzer monitors and analyzes malware behavior from that vantage point. Because VMs in the sandbox aren’t instrumented, threats execute as they would in the wild, and the analysis is invisible, even to evasive malware strains.

Where VMRay Analyzer is Used

Incident Response

Enterprises and Organizations doing incident response against targeted attacks (CERT, CIRT, LEO)

Threat Intel

Security Solution Providers augmenting their threat intelligence


Analysis and detection results are actionable intelligence for blocking and remediation by AV, NGFW etc.

OEM Integration

Embedded into Security Appliances and Cloud Security Solutions

View Products


Evasion Resistance

  • Virtually impossible for malware to detect and evade
  • Survives system reboot and monitors autostart operations
  • Not a single bit is modified inside the monitoring environment

Extensive Coverage

  • Broad coverage of all Office Docs. and executables, scripts, URLs and more
  • Complete visibility into low-level control flow
  • Detailed behavioral analysis and network semantics

Seamless Integration

Customized Yet Automated

  • Built-in YARA ruleset can be customized and extended
  • Supports custom pre-analysis scripts to tailor the environment for each analysis
  • Manual interaction with malware using VNC

Automated Email Scanning

  • Automated analysis and detection of potentially malicious attachments
  • Scan inbound email for known malicious URLs
  • Easy deployment with your existing email infrastructure

Easy Deployment

  • Offered as a cloud service or on premises
  • Access to all functionality via a user-friendly Web interface or REST APIs
  • Cost-effective scalability

The Power of an Agentless Approach

View The Analysis Reports

Cobalt Strike Beacon

View the Analysis

Blackruby Ransomware

View the Analysis

Lotus Blossom Malspam

View the Analysis