A cyber attack is usually perpetuated by installing a malware of some sort onto the victim machine from where it can spread throughout the whole network. When a company is compromised by a malicious malware, it's mandatory to identify which actions are executed by malware in order to be able to prevent it from spreading around the network to other devices.
There are many automated malware analysis services, which are helpful in identifying about what malware does, including:
While there are many automated services available for malware analysis, it's imperative that each malware sample be analyzed manually by a professional malware analysts. The main reason being that a malware sample can incorporate various techniques to detect whether it is executed in an automated malware analysis environment. When malware detects such an environment it will hide it's true nature and won't execute the malicious actions, thus hiding itself from being detected.
Each submitted malware sample will be kept only in our own private malware analysis lab and won't be shared to the outside world.
Malware analysis if a suitable solution for companies that were compromised by malicious attackers in order to analyze the details of the attack to be able to completely remove the infection from their infrastructure.
The end results include an extensive report about the complete analyzed malware samples used in the attack, including:
- Basic information about the project scope and timeline.
- Detailed analysis of every malware sample used in the attack, including:
- Basic information about each malware sample.
- Information about command and control servers (C&C servers).
- Details about used encryption as well as decrypted stubs.
- Listing of all the actions executed by malware.
- Listing of commands accepted by remote attackers.
- Detailed description of the steps needed to completely remove the malware from the network.
- Indicators of compromise by using OpenIOC.
- Rules for identifying and classifying malware samples by using Yara.