Engine Features

Engine Feature	Cloud Online Analysis Tool "A"	Cloud Online Analysis Tool "B"
Render URLs and Detect Phishing Sites
Extract and Decode Nearly All Malicious VBA Macros
Analyze VBA Stomped Files Targeted for Any System
Shellcode Emulation (x86, 32/64)
Export MISP (JSON) and STIX Report Formats
Extract and Analyze Embedded PE Files
Deobfuscate Javascript/VBS		Limited
Deobfuscate Powershell Scripts		Limited
Deobfuscate MSHTA Scripts
Parse METF Embed Equation Exploit Structure
Parse Malformed RTF Files
Parse Office Binary File Formats (BIFF5/BIFF8)
Parse Strict OOXML File Format
Automatically Decode Embedded Base64 Strings
Extract Annotated Disassembly
Decrypt Password Protected Office Documents
Decompile Java
Decompile .NET
Calculate .NET GUIDs (Module Version/TypeLib Id)
Classify Imported APIs
MITRE ATT&CK Support (In-report and Search)
Render PDF Pages
Extract Embedded Files (eg: OLE2 from Word)
Automatically Tag Samples Based on Signatures
YARA Support
Generate Text Metrics (Average Word Size, etc.)
Detect Cryptographic Constants
Text Analysis (Guessed Language)
Map UUIDs to Known Associated Files / Metadata		Limited
Filter Strings and Detect Interesting Ones
Extract and Detect Overlay
Integrated Allowlist
Detect Alternative IOCs (Emails, Bitcoin Address, etc.)
Calculate Authentihash
Verify Authenticode Signatures
Parse RICH Header		Limited
Calculate Entropy of Resources
Detect URLs, Domains and IP Addresses	Limited
Calculate Hashes of Resources
Calculate Imphash
Calculate SSDEEP
Extract PDB Information
Detect TLS Callbacks
Resolve Known Import Ordinals to Names
Detect Anomalies (eg: Header Checksum Validation)	Limited
Query VirusTotal for Reputation Checks
Detect Packers (PEiD)
Detect File Types
Calculate Hashes of Sections
Calculate Entropy of Sections
Extract Strings from Executable
Extract/Detect Resources
Extract/Detect PKCS7 Certificate

Last updated on

Was this page helpful?