Close product Close product


Malware Analysis Platform"

Plug-and-Play Automated Malware Analysis Appliance

The A1000 Malware Analysis Platform is a powerful, integrated solution for individual analysts or small teams of analysts. It automates detection and analysis of threats in binary files by utilizing ReversingLabs game-changing TitaniumCore automated static analysis technology and the cloud based TitaniumCloud file reputation knowledgebase. For each sample, the A1000 unpacks the contained files/objects, extracts Proactive Threat Indicators (PTIs) and calculates threat and trust levels. An integrated database stores the results and enables advanced queries across samples for analysis. The unpacked files are stored on the appliance and available for further analysis. The GUI and API enable analysts to assess threat indicators, obtain unpacked samples and manage analysis workflow. Analysts can optionally submit malware to cloud-based TitaniumCloud File Reputation Knowledgebase for additional analysis. Detection history, trust modifications and upload history are graphed for each sample.



Once files are unpacked and their PTIs extracted, a classification engine uses advanced rules to determine each file’s threat level. Since TitaniumCore fully extracts a file’s internals, the classification rules can evaluate file elements not visible to other tools. The appliance classifies files by binary content as well as their complexity and sophistication. For example, unknown PDF documents are classified based on whether they contain embedded executable content, obfuscated JavaScript or implement a known exploit.
The ReversingLabs TitaniumCloud file reputation knowledgebase contains information on over 1 billion goodware and malware files. This information includes results of twice-daily scans by 27 anti-virus products. The A1000 makes this information available to analysts and uses the information in calculating threat level.