Library
My library

+ Add to library

Contact us
24/7 Tech support | Rules regarding submitting

Send a message

Your tickets

Profile

Back to the news list

Meet Dr.Web vxCube 1.5.0!

December 10, 2020

Russian anti-virus company Doctor Web is proud to present the upgraded version of its interactive suspicious file analyser: Dr.Web vxCube 1.5.0. Now the analyser supports YARA rules for more effective threat detection and can be set to look for specific types of threats based on their particular properties. Thanks to threat and report tags, analysis results can now be better visualised. Furthermore, users don't need to extract EML files and archived content on their end to have it analysed. With new user profile features, setting up file analysis is now easier. Known issues have been resolved.

YARA rules

The YARA rules section is the main innovation in Dr.Web vxCube 1.5.0. With the rules, you can specify file analysis criteria, tag particular threat types automatically, and indicate a threat severity level for the files being analysed.

Take advantage of the advanced YARA features and you will be able to utilise all the data that passes through the analyser, including:

  • File behaviour information;
  • Registry entries in use;
  • Types of files that the sample has created (src, dumb, drop, alloc, etc.) and much more.

In addition to the custom rules you add, in a new section, you will also be able to access the rules created by Doctor Web's malware researchers.

#drweb

#drweb

Report filters

You can now add tags to analysis report pages. This option is available for each operating system involved in the analysis. The tags are displayed in the journal and can be used to filter reports.

New user profile

The profile now lets you specify default analysis settings. The parameters you can define include:

  • File execution duration;
  • The operating system versions under which the file will be examined;
  • The report archive password;
  • Passwords for archives containing files to be analysed.

In addition, users can now see the existing API keys and create a new one as well as change their account password.

Email attachment and archive analysis

The service's API can now be used to analyse EML files and archives. The supported formats include: ZIP, ARJ, XZ, ACE, TAR, BZ2, CAB, GZ, RAR, 7z.

Keep the original filename or change it

In previous Dr.Web vxCube versions, analysed files were renamed automatically in the virtual environment. In the latest version, the file name remains unchanged by default. However, you can rename the file you are uploading.

Upgraded hypervisor

The hypervisor boasts more stable operation and has had its known issues resolved.

Dr.Web vxCube will be updated to version 1.5.0 on December 13 (Sunday) between 8 a.m. and 9 a.m. GMT. The service will be unavailable during this period.

To purchase a license, please contact our sales support service.

With a Dr.Web vxCube trial license, available here, you can examine 10 objects during the course of 10 days.

Tell us what you think

To ask Doctor Web’s site administration about a news item, enter @admin at the beginning of your comment. If your question is for the author of one of the comments, put @ before their names.


Other comments