How good is the efficacy for in-the-wild malware?
Currently, our in-the-wild efficacy for malicious office files ("maldocs") is 90%+ (and growing). This means, our engines achieve the same result as a sophisticated sandbox (including bypasses for anti-analysis, sleep tricks, environment checks) in a fraction of time. Besides emulators for VBA macros, we offer emulation of javascript, vbscript, powershell and more.
Unpacking PE files is still a work in progress, but not the primary focus, as initial attack vectors are usually scripts and maldocs as part of inbound E-Mail attachments.
Was this page helpful?