VMRay Analyzer version 4.5 adds the capability to extract malware configurations. This allows its user to configure options that make the malware sample unique: which C2 URLs to connect, what malicious behaviors are enabled, how persistence is achieved, how to exfiltrate data, what evasion methods are enabled, and anything else that the malware developer implemented. All this valuable information is then stored, automatically extracted, and parses configuration for supported malware families.
VMRay Analyzer is a breakthrough solution for dynamic analysis of advanced threats, including zero day and targeted attacks. By surmounting inherent flaws that plague other products, VMRay Analyzer has become the gold standard for malware sandboxing among leading DFIR teams worldwide.
VMRay Analyzer enables IR teams to quickly analyze and protect against the full spectrum of threats, including advanced malware and phishing attacks.
- Deep-dive threat analysis with full visibility into malicious activity, noise-free reporting
- Streamlines threat analysis by automating every stage of the process
- Enhances threat intelligence through automated generation of IOCs from analysis results
Core Capabilities and Advanced Features:
Fully Automated Analysis shortens DFIR investigations with hands-free features such as simulated user interaction and automatic reboot to trigger malicious behavior.
Manual Analysis lets team members interact with suspicious malware in near real time to identify IOCs and fully reveal harmful behavior that automated methods occasionally miss.
Automated IOC Extraction captures threat details (files, URLs, network traffic, registry activity) to enhance incident response, threat intelligence and support threat hunting.
Golden Images and Cloud Localization support lets you replicate the users’ production environment to optimize detection of targeted malware.
Smart Memory Dumping supports deep-dive investigations by capturing “just the right information at just the right time,” without noise or visibility gaps.
Phishing Detection identifies credential-harvesting and drive-by download sites.
- Platforms: Windows, macOS
- Coverage: Full range of file types and URLs
- Deployment: Cloud or On-Premises
- Integration: 25+ built-in connectors for web, email, SOAR, EPP/EDR and other tools
- Compliance: GDPR-compliant, ISO-27001 certified
- IDA Plugin: Enrich IDA Pro static analysis with behavioral-based data
- Support for Industry Standards: MITRE ATT&CK™ Framework, YARA rules, STIX™ and others
- Tailored Environments: Golden images and cloud localization for optimizing detection of targeted malware