dynamic analysis

Basic Automation with the VMRay API By Koen Van Impe Learn more about integrating VMRay Analyzer in different areas of your organizations and how to use its API to automate the submission and processing of the analysis of malware. According to a report from Honeywell the use of USB removable

In our previous blog post, we showed how hypervisor-based API monitoring can achieve accurate logging of API calls at high performance, resulting in a more detailed view of the malware’s internal behavior. In this blog post we show three practical examples of how this more detailed view can be used
In designing systems, engineers often must navigate between two extremes. Resources are finite and compromises must be made between making something operate slowly and thoroughly or fast and recklessly. But what if a system could be both fast and accurate? Because of VMRay’s entirely hypervisor-based technology, it has the ability
This content covered in the blog is based on my Objective By the Sea talk “Hypervisor-Based Analysis of macOS Malware”. You can access the slides from my presentation here. A Growing Threat and a Dearth of Tools Compared to Windows, macOS accounts for only a small percentage of all malware,
For malware authors, an important part of their strategy is to drown target organizations with a fire hose of constantly changing information. SOC teams struggle to keep pace with attackers’ ability to rapidly generate new malware variants, new URLs leading to infected websites, and new C2 (command & control) server
This is the second blog in a two-part series describing how VMRay Analyzer’s Intelligent Monitoring capabilities remove the noise from malware analysis. Read part one. VMRay Analyzer’s hypervisor-based monitoring approach provides total visibility into the behavior of a sample under analysis and enables monitoring only parts of the system related
This blog post is the first in a two-part series describing how VMRay Analyzer’s Intelligent Monitoring capabilities remove the noise from malware analysis. In dealing with potentially malicious files, incident responders and IT security teams are swamped with information in the form of log files, reports, alerts, and notifications. As
One of the key features in VMRay Analyzer 2.0 is the built-in reputation engine that identifies known malicious or known benign files in milliseconds. The addition of the reputation engine gives Incident Responders and Malware Analysts a powerful “One-Two” combination of rapid threat detection and detailed analysis of malware behavior.
In boxing, the “One-Two” combination is an essential component of a fighter’s arsenal. A left jab followed by a right cross is one the most effective combinations a fighter can unleash on his opponent. In the fight against malware, it’s just as important for Malware Analysts and Incident Responders to

Uncover the truth of Cybersecurity, one story at a time

Keep up to date with our weekly digest of articles. Get the latest news, invites to events, and threat alerts!

Subscribe to our Newsletter