Dr.Web vxCube

Dr.Web vxCube is a web service that analyzes potentially malicious files, generates detailed reports on their behavior in the selected environment and prepares a utility for neutralizing detected threats.

Dr.Web vxCube uses hardware virtualization for carrying the analysis. It allows Dr.Web vxCube to work fast and be invisible to the file you analyze.

You can upload a file in a supported format to the analyzer, configure environment on a virtual machine, and influence the analysis. After the analysis, you will receive a full technical report, as well as a video report showing file’s behavior in the specified conditions.

What is special about Dr.Web vxCube?

•Virtual machines have an Internet access via private proxy server. This helps to analyze the file behavior to its fullest, especially if its functioning depends on downloading data from the Internet.

•The new analyzer’s mechanism works at the hypervisor’s level and does not use any additional software on the host operating system, for example, drivers that hook functions. Thus, during analysis, the sample cannot detect hooks or unhook.

•Logging is performed at the hypervisor level—thus, the analyzer cannot be detected.

•It is possible to connect to an analyzed environment via VNC (Virtual Network Computing) client and influence the analysis process.

How it works

1.You upload a file you want to check and specify additional settings.

2.Dr.Web vxCube analyses the file and generates a detailed report once the analysis is finished.

3.After that, you can examine the report and download a utility that will help you neutralize detected threats.