Virtual Analyzer is a secure virtual environment used
to manage and analyze samples submitted by Trend Micro products. Sandbox images allow observation of file and network
behavior in a natural setting without any risk of compromising the network. Virtual
Analyzer performs static analysis and behavior simulation to identify potentially
malicious characteristics. During analysis, Virtual Analyzer rates the characteristics
in context and then assigns a risk level to the sample based on the accumulated
ratings.
Virtual Analyzer includes the following features:
-
Threat execution and evaluation summary
-
In-depth tracking of malware actions and system impact
-
Network connections initiated
-
System file/Registry modification
-
System injection behavior detection
-
Identification of malicious destinations and command-and-control (C&C) servers
-
Exportable forensic reports and PCAP files
-
Generation of complete malware intelligence for immediate local protection
ScanMail sends the suspicious
attachments, and the executable and scripted files, that are not detected by the scan
engine, to Virtual Analyzer for analysis.
ScanMail supports
integration with Virtual Analyzer in Deep Discovery Analyzer 5.0, which is a
separately-licensed Trend Microproduct.