Services
Malware Analysis

Malware Analysis

SZI

The Malware Analysis service is an expert analysis of malicious code of a malicious program in order to identify its functionality, methods of distribution and potential damage.

How does this work:

  1. The client sends a copy of the malware to beCloud for analysis.
  2. Our specialists conduct a detailed analysis, studying the behavior of the code in an isolated environment, its operating mechanisms, action algorithms, functionality, the ability to influence the infected system, and identify indicators of compromise.
  3. Based on the analysis results, the client is provided with a detailed report.

What problems does the «Malware Analysis» service solve:

  • Unknown threats – analysis of new and modified malware that is not detected by standard antiviruses.
  • Data leaks – detection of spyware functions, keyloggers, backdoors.
  • Ransomware – definition of algorithms for possible data recovery.
  • Botnets and hidden miners – detection of hidden activity in the system.
  • Non-obvious vulnerabilities – search for ways for intruders to penetrate the infrastructure.

Possible usage scenarios:

  • Hack investigation – looking for traces of malicious activity before and after a cyberattack.
  • Phishing or suspicious attachment analysis – studying the mechanisms of infection via email.
  • Signature preparation – using the analysis results when setting up SIEM and antivirus software to block new threats.

We offer 3 pricing plans as part of our Malware Analysis service:

Tariff plan name In what cases is it applied? Result of the work performed
Access Recommended for ordering in case of need to take prompt measures to respond upon detection of unauthorized access to the information system a report indicating the classification of the instance of the virtual machine, indicators of compromise, a description of the functional capabilities and additional enrichment in third-party sources
Web Recommended for ordering if there is a need to analyze malware instances found in web applications a report indicating the classification of the malware instance, a description of its operating mechanisms, indicators of compromise, action algorithms, functional capabilities, possible impact on the infected system, and the results of dynamic and static analysis.
OS Recommended for ordering if there is a need to analyze malware instances detected in Windows and/or Linux operating systems. a report indicating the classification of the malware instance, a description of its operating mechanisms, indicators of compromise, action algorithms, functional capabilities, possible impact on the infected system, and the results of dynamic and static analysis.

In addition to the Web and OS tariff plans, we recommend ordering an additional Expertise tariff plan, within which the client is provided with recommendations on eliminating the consequences of the influence of malware on the client's information system or information resource, identified during the analysis, including recommendations on changing equipment settings, using additional protection tools and software as part of information systems and resources.

The service is charged for the analysis of one instance of malware in accordance with the selected tariff plan.

Advantages of the service:

  1. Expert level – analysis is carried out by qualified specialists of the cybersecurity center with experience in reverse engineering.
  2. Quick terms – prompt processing of samples and provision of a report within the terms specified in the contract.
  3. Practical recommendations – not just a description of the threat, but ready-made steps for protection.
  4. Confidentiality – a guarantee of the safety of the transferred data.

Documents

To order the service, use the request form in the personal account of beCloud service users.

For additional information, please contact the beCloud sales department::
+375 17 287 11 11;
+375 17 287 11 49;
 sales@becloud.by.