Dynamic PDF/OLE analysis and new subscription plan

Hello folks!

Since few weeks we have added to our Malware Code Analysis engine the static analysis of PDF and OLE document files.

Our engine can thus analyze documents, extract relevant metadata, identify potential dangerous javascripts and macro, heuristically analyze them and provide a final feedback whether the document is malicious or not. We had very good feedback from our customers waiting for such feature, yet we wanted to push it even more.

As promised some days ago in our last blog post, we have now updated our Malware Code Analysis Engine to support dynamic document analysis. We can now execute documents in our monitored environment and detect whether there are suspicious behaviors that identify a malicious activity.

 

malicious_doc

 

Here you can find an example of a malicious PDF file downloading additional malware.

In addition to this new feature,  you might have probably found out we have changed our malware analysis report page.

Indeed we have rolled out a major change in our backend, completely rewriting our detection engine and deploying more than 500 new behavioral rules which our engine can now use to better identify malicious activities. We also grouped all the rules per categories, to give you a quick overview of the impact the sample has on the infected operating system – e.g. compromised passwords, infostealing capabilities, administrative tools compromised and so on…

overall_impact

Last but not least, we have just launched our subscription plan dedicated to private users and single researchers!

If you are not interested in our threat intelligence technology, you don’t care about our threat intelligence search engine, you’re just a private person or a single researcher who wants to integrate our technology into your internal infrastructure to scan for malicious files, our Sandbox plan is perfect for you! At 99$ per year you can scan up to 15.000 files, either using our web interface or by scripting our engine through our set of powerful open source libraries.

It’s the perfect plan for those private users and researchers who want to improve and speed up their daily research activities or have a second-opinion threat detection engine.

 

sandbox_plan

 

Have a look at our subscription plans at the following page: Deepviz Subscription Plans