VIrusTotal Multisandbox += SecneurX

[harlan4096]

VirusTotal welcomes SecneurX to the multi-sandbox project. This new behavioral analysis platform is helping provide additional details on Windows executables, Office documents, and Android APKs.

In their own words:

SecneurX Advanced Malware Analysis (SnX) platform provides visibility and context into advanced threats with its extensive malware analysis & detection capabilities. The analysis platform is based on a unique architecture that emulates an enterprise environment for analyzing the most evasive and concealed malware. It performs both static and dynamic behavior analysis of different file types (.doc, .pdf, .msg, .eml, .xlsx, .exe, .ppt, .csv, .apk etc.) and generates a detailed report describing the malware behavior. Extracted Indicators of compromise (IOCs) and human-readable behavior reports can be used to augment existing intelligence data and help to give "context" about IPs, domains, URLs, Registry, Process activity, file names, and hashes.

On VirusTotal you can find the SecneurX reports on the Behavior tab:



Let's take a deeper look at some interesting samples showcasing SecneurX capabilities:EXE file which spreads via SMB protocol 602b3c6dba465a535293d06ff498354a6a5631299f8edbaba4bec7d4df98e1e6

This EXE is a crypto mining worm that uses exploits to steal credentials and spreads laterally to other machines in the network. It communicates with its CNC and transfers its malicious binary through SMB protocol to other machines on the local network.
...

Continue Reading