August 29, 2018
The new version’s optimised analysis routines make file examination 30% faster. Graphs in service reports have been redesigned.
- The drawing routines have been optimised for complex graphs that present information about analysed samples running multiple processes with the same IDs.
- Furthermore, graph readability has been improved.
- IDs are now used to indicate the first launched process, instances when Dr.Web has detected a threat, and RPC queries.
You can download source file, report in HTML format, and the PCAP file from the report page. The general description of an examined file now includes information about the file's behaviour and identified threats.
The analyser uses new rules to examinfile behaviour, such as the use of application vulnerabilities, the accessing of specific registry keys, etc. The description text for some of the rules has been changed so that users can more easily understand how the rules can be used. Issues that could result in false positives while the rules were being applied have been eliminated.
Dr.Web vxCube 1.1 also incorporates a modified hypervisor. Defects that could result in system crashes (BSOD) and freezes have been eliminated. Web interface vulnerability issues and other minor problems have been resolved.
Now the file analysis progress dialogue box displays the time remaining until an examination is over as well as its current status. Routines determining the file type have been reworked; script processing in interpreted languages, particularly JavaScript and VBScript code, has been upgraded.
To use Dr.Web vxCube, you will need a trial or commercial license.
With a Dr.Web vxCube trial license, you can examine 10 objects in 10 days. You can give it a try here.
You can purchase a commercial license in Doctor Web's eStore.
Tell us what you think
To ask Doctor Web’s site administration about a news item, enter @admin at the beginning of your comment. If your question is for the author of one of the comments, put @ before their names.
Other comments