Reason I like Malwr.com its online, so others can comment and review the samples you put up if you wish, plus they have a pretty good breakdown. The threat-track sandbox the last time I looked at it, was build your own on-site, and that tend to get a little tricky if the Sandbox itself gets owned.
But always good to have a few sets of eyes on things, I think you are going to see tigher integration with Virustotal and other tools in the future, and we can all be better off for it. Z Edward E. Ziots, CISSP, CISA, Security +, Network + Security Engineer Lifespan Organization [email protected]<mailto:[email protected]> Work:401-255-2497 This electronic message and any attachments may be privileged and confidential and protected from disclosure. If you are reading this message, but are not the intended recipient, nor an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that you are strictly prohibited from copying, printing, forwarding or otherwise disseminating this communication. If you have received this communication in error, please immediately notify the sender by replying to the message. Then, delete the message from your computer. Thank you. [Description: Description: Lifespan] From: [email protected] [mailto:[email protected]] On Behalf Of Kurt Buff Sent: Friday, February 07, 2014 8:10 PM To: [email protected] Subject: Re: [NTSysADM] Process Explorer 16 out with Integration into Virustotal. Excellent. Thank you very much. The Sunbelt listing is probably out of date - I believe it's now Threattrack. Kurt On Fri, Feb 7, 2014 at 1:29 PM, Kevin Kelly <[email protected]<mailto:[email protected]>> wrote: This web site list some online scanners: http://cleanbytes.net/malware-online-scanners -- Kevin Kelly Director, Network Technology Whitman College ________________________________ From: "Kurt Buff" <[email protected]<mailto:[email protected]>> To: [email protected]<mailto:[email protected]> Sent: Friday, February 7, 2014 1:15:53 PM Subject: Re: [NTSysADM] Process Explorer 16 out with Integration into Virustotal. Hadn't heard of malwr.com<http://malwr.com> - any others I should know about? OBTW - Threattrack has a sandbox too (they vend VIPRE) http://www.threattracksecurity.com/resources/sandbox-malware-analysis.aspx Kurt On Fri, Feb 7, 2014 at 11:47 AM, Ziots, Edward <[email protected]<mailto:[email protected]>> wrote: Thanks for the idea on sigcheck, I might want to employ that more in my malware checking going forward. Already was doing VT and Malwr.com and others to check samples. Z Edward E. Ziots, CISSP, CISA, Security +, Network + Security Engineer Lifespan Organization [email protected]<mailto:[email protected]> Work:401-255-2497<tel:401-255-2497> This electronic message and any attachments may be privileged and confidential and protected from disclosure. If you are reading this message, but are not the intended recipient, nor an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that you are strictly prohibited from copying, printing, forwarding or otherwise disseminating this communication. If you have received this communication in error, please immediately notify the sender by replying to the message. Then, delete the message from your computer. Thank you. [Description: Description: Lifespan] From: [email protected]<mailto:[email protected]> [mailto:[email protected]<mailto:[email protected]>] On Behalf Of Kurt Buff Sent: Friday, February 07, 2014 2:25 PM To: [email protected]<mailto:[email protected]> Subject: Re: [NTSysADM] Process Explorer 16 out with Integration into Virustotal. Really cool. Also, the recent sigcheck updates can do the same thing, so if the executable isn't in memory, you can still do the VT thing. That's very nice. Kurt On Fri, Feb 7, 2014 at 9:06 AM, Ziots, Edward <[email protected]<mailto:[email protected]>> wrote: A very nice addition to the Process explorer/Sysinternals Suite. Hello Virustotal? It's Microsoft Calling. http://isc.sans.edu/diary.html?n&storyid=17594 Z Edward E. Ziots, CISSP, CISA, Security +, Network + Security Engineer Lifespan Organization [email protected]<mailto:[email protected]> Work:401-255-2497<tel:401-255-2497> This electronic message and any attachments may be privileged and confidential and protected from disclosure. If you are reading this message, but are not the intended recipient, nor an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that you are strictly prohibited from copying, printing, forwarding or otherwise disseminating this communication. If you have received this communication in error, please immediately notify the sender by replying to the message. Then, delete the message from your computer. Thank you. [Description: Description: Lifespan]
<<inline: image001.jpg>>
