Malware_testing_intel - shivammittal2403/Threatintelligence GitHub Wiki

- Sandboxes that can detect the malware (ordered by name):
- Anlyz https://sandbox.anlyz.io/
- Result: Malicious
- Any.run https://app.any.run/
- Result: Malicious Activity
- Comodo Valkyrie (https://valkyrie.comodo.com/)
- Result: Malware
- Hybrid Analysis (Falcon Sandbox) (http://www.hybrid-analysis.com/)
- Result: Malicious (100/100)
- Intezer Analyze https://www.intezer.com/
- Result: Malicious
- SecondWrite Malware Deepview https://www.secondwrite.com/
- Result: Malicious
- ViCheck https://vicheck.ca/ (static analysis)
- Result: Infected
- Sandboxes that cannot detect the malware (ordered by name):
- Jevereg (Amnpardaz Sandbox) http://jevereg.amnpardaz.com/
- Result: File could not be analyzed
- IObit Cloud http://cloud.iobit.com/
- Result: Safe
- Discontinued / Down sandboxes:
- Anubis http://anubis.iseclab.org/ (discontinued)
- BinaryGuard (TBM Cloud Sandbox) http://www.binaryguard.com/
- Tried to register, but its website does not work.
- BitBlaze http://bitblaze.cs.berkeley.edu/(discontinued)
- Comodo Instant Malware Analysis http://camas.comodo.com/ (discontinued)
- Deepviz (https://sandbox.deepviz.com/) (services cannot be subscribed anymore)
- Eureka http://eureka.cyber-ta.org/(discontinued)
- Malwr (Cuckoo Sandbox) (http://malwr.com/) (down)
- ThreatExpert Automated Threat Analysis (redirects to symantec.com) (http://www.threatexpert.com/)
- Viper https://viper.malwareconfig.com/ (down)
- Trial requested:
- ThreatTrack ThreatAnalyzer
- https://www.threattrack.com/malware-analysis.aspx
- VMRay Analyzer https://www.vmray.com/
- Static File Analyzers:
- I tested following static file analyzers with an RTF document that exploits an Adobe Flash vulnerability CVE-2016–4117
- Malware Tacker Cryptam Document Scanner (http://www.malwaretracker.com/doc.php)
- Supported file types: Office files.
- Result: Malware
- ViCheck https://vicheck.ca/
- Result: It detect the file as an Office malware, but identified with wrong CVE.
- XecScan (http://scan.xecure-lab.com/)
- Supported file types: PDF and Office files.
- Result: It cannot analyse the malware with the following message: “Sorry, Invalid file size!”
- MASTIFF Online (https://mastiff-online.korelogic.com/)
- Result: It cannot detect the malware.
- Malware Tracker PDF Examiner (http://www.malwaretracker.com/pdf.php)
- Supported file types: PDF files.
- Android Sandboxes / Analyzers:
- Akana http://akana.mobiseclab.org/
- AndroTotal https://andrototal.org/
- SandDroid http://sanddroid.xjtu.edu.cn/
- Nviso https://apkscan.nviso.be/
- Linux Sandboxes:
- Detux Multiplatform Linux Sandbox http://detux.org/
- Süleyman Özarslan (Picus Security http://picussecurity.com/)