Malware & Threat Research
EBRYX
Gives You A Competitive Edge
We work behind the scenes with our clients to bring groundbreaking cybersecurity solutions to the market. Our cybersecurity research, development, and testing services power leading Silicon Valley-based cybersecurity tech companies as well as exciting new startups. Our experience spans multiple subdomains within cybersecurity, including endpoint, network, web, mobile, cloud, and IoT security.Â
Malware Analysis And Research
Our Malware analysis and research team has been working in the following domains
- Zero Day attack detection and analysisÂ
- Malware reverse engineering
  – Static
  – Dynamic - Develop honeypots for malware and drive by download attacks
- Sandbox evasion testing usingÂ
  – Cuckoo Sandbox
  – Cameo Sandbox - Test malware writing for agent based detection engine Â
Threat Intelligence And Detection
Our team has extensive experience in producing localized and global threat intelligence and malicious campaign detection
- Next-generation machine learning and AI-based Intelligent Algorithms power our cutting edge threat intelligence and detection capabilities.Â
- Localized Threat Intelligence enables us to identify targeted threats and campaigns like APTs and phishing campaigns against a specific organization
- Global Threat Intelligence has detected malicious attacks with global footprints:
- Phishing campaign targeting millions of users globally to harvest their user credential, personal and credit card information
- Digital coin mining campaign; attackers infected systems worldwide to use victim’s hardware to mine digital coins.
Malicious Domain Detection
Detection of Newly registered malicious domain using light weight static analysis and emulated techniques
- Crawling and scanning of newly registered domains for malicious footprints
- Analysis of available information regarding the domains using a variety of sources and website contentÂ
- Running Heuristics on the information specific to the domainÂ
- Perform Correlation on all the information gathered and synthesized to reach a final verdict regarding maliciousness of a domain
Domain Detection Technologies
Several modules of the detection engine were built in-house, using the open source stack, modules include:
- Domain Crawlers and scanners
- Heuristic Engine
- Web Content Emulators: JavaScript, Flash, HTML 5
- Correlation Engine
Third Party tools and technologies used
- Multi-AV
- Intrusion detection and prevention systems
Â
Phishing Domain Technologies​
System designed to detect phishing domains and URLs using smart heuristics and similarity algorithms​
Content-based Detection​
- Comparing HTML, forms and images with phishing datasets and in case of a match the said URL or domain is identified​
Domain and Network-based Detection​
- Similarity analysis of the content of a target URL with websites on the Alexa domain list. Incase of high similarity in content the URL is declared malicious​
- Detection results have a very high accuracy
Automated Web-shell Detection​
Automated process for detection of Web Shells on Webservers Â
- Web Shells are server-side scripts uploaded on vulnerable servers, by threat actors, to create backdoors.
- Backdoors are used by threat actors to download/upload files, execute commands and access backend databases. These are very difficult to detect
- Detection Process
- Collection of web shells from various servers,Â
- Feature extraction from web shellsÂ
- Listing features using heuristicsÂ
- Detection of web shell presence on compromised servers on the web.Â
- Multiple server technologies covered by service
The Ebryx Advantage
Our cybersecurity R&D and engineering teams power some of the world’s leading cybersecurity products.Â
Cutting-edge
Comprehensive
Reliable
Our Clients.
Previous
Next
