A VMRay Analyzer Report provides:

• High-level sample verdict (Malicious, Suspicious or Not Suspicious)
• Threat Indicators (VTI Rules)
• Mapping of VTI rules to the MITRE ATT&CK Enterprise Matrix
• Screenshots
• Network Behavior
• IOCs
• Downloadable Function Log
• And much more

View our Threat Feed to see interactive VMRay Reports.

We support all major formats for office documents, scripts, archives, drivers, executables as well as URLs. We are constantly expanding the range of file types supported as malware authors seek new infection vectors.

The paths for sample submission to VMRay include manual submission via WebUI, email submission via IR Mailbox, custom-built integration via REST API, and out-of-the-box connectors for 3rd party integrations. If you want to know more about getting started with VMRay, you can book a demo to talk with us about integrating VMRay into your security stack and processes.

VMRay can be deployed either cloud or on-premises.

VMRay Cloud and On-Premises both have the same core functionality and ability to analyze and detect malware. The main difference between Cloud and On-Premises is the level of customization offered.

VMRay On-Premises supports extensive customization of:

• Target VMs: Security teams can analyze files and URLs in fully customized VM images, such as the organization’s own Gold Image.
• Detection Rules and the Analysis Scoring System: Security teams can add their own detection rules and customize the built-in analysis scoring system (VMRay Threat Identifier or VTI Score as well as YARA rules)
• Backend Global Settings: This includes the ability to create independent user groups, modify advanced network configuration settings, change other advanced settings such as the total size and number of memory dumps per analysis etc.