Feature enhancements in Dr.Web vxCube 1.4.0
October 3, 2019
New integration options
Now users can take advantage of the open vxCube API. It can be installed with the following command:
$ pip install -U vxcube-api
The Dr.Web vxCube API code, as well as the command list and usage examples, can be found on Doctor Web's page on Github.
Furthermore, analysis results can now be saved in the MAEC and STIX formats, which are supported by other developers� solutions and services. This makes it easy to integrate Dr.Web vxCube with popular SIEM solutions.
More options for reports
Dr.Web vxCube reports can now also be saved in PDF format. Users can also select which report sections will be included in the generated report.
Additional network settings
Network settings can now be customised to redirect TCP/UDP traffic to a proxy server so that the sample being analysed doesn't notice what is happening:
Android 7.1 support
Files in apk format can now be examined using Android 7.1. Furthermore, we�ve enhanced all apk analysis routines so that they are better protected from VM awareness. We�ve also added the ability to examine system apps and have improved overall performance.
When VNC is used to analyse files, a progress bar showing the estimated analysis time and the progress taking place is displayed.
Malicious modules are now marked with a special icon in the process graph. This lets users see when malicious code has been injected into trusted processes.
Enhanced behaviour analyser
Now, if users opt to examine files via VNC, they can make use of all the vxCube features, instead of just running a simplified analysis, and they can monitor all running processes.
The new version of the service is already available to everyone who has a Dr.Web vxCube license. If you don't have a license yet, you can purchase one in Doctor Web's eStore. You can also opt to use a trial license to evaluate the service before making your purchase.
Tell us what you think
You will be awarded one Dr.Webling per comment. To ask Doctor Web’s site administration about a news item, enter @admin at the beginning of your comment. If your question is for the author of one of the comments, put @ before their names.