My library

+ Add to library

Contact us
24/7 Tech support | Rules regarding submitting

Send a message

Your tickets


Back to the news list

Feature enhancements in Dr.Web vxCube 1.4.0

Feature enhancements in Dr.Web vxCube 1.4.0

October 3, 2019

Russian anti-virus company Doctor Web presents version 1.4.0 of its intelligent, interactive threat analyser Dr.Web vxCube. The new version incorporates an API that allows it to be integrated with other services and a smarter behaviour analyser. It also boasts enhanced malware-detection capabilities (specifically, when dealing with banking Trojans). Furthermore, Dr.Web vxCube 1.4.0 features UI upgrades and offers enhanced analysis capabilities with regard to mobile threats. Known issues have been resolved.

New integration options

Now users can take advantage of the open vxCube API. It can be installed with the following command:

$ pip install -U vxcube-api

The Dr.Web vxCube API code, as well as the command list and usage examples, can be found on Doctor Web's page on Github.

Furthermore, analysis results can now be saved in the MAEC and STIX formats, which are supported by other developers� solutions and services. This makes it easy to integrate Dr.Web vxCube with popular SIEM solutions.

More options for reports

Dr.Web vxCube reports can now also be saved in PDF format. Users can also select which report sections will be included in the generated report.

screenshot DrWeb vxCube #drweb

Additional network settings

Network settings can now be customised to redirect TCP/UDP traffic to a proxy server so that the sample being analysed doesn't notice what is happening:

  • VPN
  • TOR
  • SOCKS4
  • SOCKS5

Android 7.1 support

Files in apk format can now be examined using Android 7.1. Furthermore, we�ve enhanced all apk analysis routines so that they are better protected from VM awareness. We�ve also added the ability to examine system apps and have improved overall performance.

UI upgrades

When VNC is used to analyse files, a progress bar showing the estimated analysis time and the progress taking place is displayed.

screenshot DrWeb vxCube #drweb

Malicious modules are now marked with a special icon in the process graph. This lets users see when malicious code has been injected into trusted processes.

screenshot DrWeb vxCube #drweb

Enhanced behaviour analyser

Now, if users opt to examine files via VNC, they can make use of all the vxCube features, instead of just running a simplified analysis, and they can monitor all running processes.

The new version of the service is already available to everyone who has a Dr.Web vxCube license. If you don't have a license yet, you can purchase one in Doctor Web's eStore. You can also opt to use a trial license to evaluate the service before making your purchase.

Tell us what you think

To ask Doctor Web’s site administration about a news item, enter @admin at the beginning of your comment. If your question is for the author of one of the comments, put @ before their names.

Other comments