Hands-free features include simulated user interaction and automatic reboot. Analyzing through reboot triggers malicious behavior in persistent threats that only show their full malicious actions on reboot.
The Future of Malware Sandboxing is Here | Introduction to VMRay
VMRay Platform Core Capabilities
Fully Automated Analysis
Automated IOC Extraction
VMRay automatically generates IOCs with every analysis. Going beyond what a traditional sandbox will do, we apply VMRay Threat Identifier (VTI) rules to flag and score artifacts, filtering out the noise and providing true, actionable IOCs.
VMRay detects a wide range of phishing techniques including: – credential harvesting – drive-by downloads – file sharing web apps – HTML attachments – Safelinks are normalized and analyzed.
MITRE ATT&CK Framework Mapping
The MITRE ATT&CK framework is mapped to VMRay Threat Identifiers (VTIs). This allows security teams to understand the scale and impact of an incident fast, leading to actionable mitigation measures.