Malware Analysis
At Netscylla we run a combination of Anti-Virus and Anti-Malware scanners for fast and effective malware classification.
If you have an unknown sample, or a suspicious file, we can quickly analysis the sample and compare it to our known sample database.
In addition to commercial and open-source malware scanners, Netscylla has written its own behavioural analysis engine, that can even
spot some polymorphic payloads that evade traditional Anti-Virus software. This software is in its early stages of development, but has
already been able to fingerprint some common payloads obfuscated by open-source tools used by attackers.
Our detection capabilities can handle a large number of files including:
- raw output
- powershell
- wscript
- vbscript macros
- Windows Exe
- Linux Elf
- OSX scripts
Common Malware Vectors
Malware infections range through available opportunities, but are commony found in:
- Email: still provides a primary path for internal and external information exchange. Malicious email attachments can cause their
payload to be executed when the attached file is opened or processed. Email with malicious content may be specifically targeted at
known individuals (phishing), or may redirect victims to malware hosted on malicious web-content.
- Removable Media: Malware can be transferred to a business system through uncontrolled introduction of removable media
(CDROM,DVD,USB) or through the connection of untrusted devices.
- Web browsing/services: Users could browse directly (or be directed) to websites that may contain malicious content which seeks to
compromise the users' browser or browser-plugins.