Content area
Full text
VMRay Analyzer is an automated sandbox with a few additional features that make it a nice stand-alone malware analysis tool. While it is available as an on-premises offering, it is most often used as a cloud service. Running on-prem offers the additional benefit of being able to use gold images of your own environment as targets. It uses the unique approach of depending upon the hypervisor in a virtual environment.
Typically, we think of virtual environments as being susceptible to discovery by the malware sample which, of course, has been written to detect analysis attempts, especially in the virtual. However, in the case of VMRay Analyzer we don't use the typical techniques of agent-based hooking. Instead we see that the malware's behavior is being monitored without direct contact. Targets are available to be infected and the behavior of the malware pre-, post-, and during the...