Skip Navigation Linkszynamics-vxclass



zynamics VxClass 網路安全軟體



zynamics VxClass allows the automated unpacking and classification of malware into families.

Based on the same ideas and algorithms that made zynamics BinDiff great, zynamics VxClass can structurally compare executables and thus ignore byte-level changes such as instruction reordering or string obfuscation. Small changes in the code or changed compiler settings will not fool zynamics VxClass.

It's easy: Upload a piece of malware, and zynamics VxClass will first remove the executable crypters from it. Our automated unpacker handles most packers automatically. zynamics VxClass then analyzes and compares the uploaded executable to the database of stored malware, and provides a simple similarity metric that can tell you wether the program is related to a piece of known malware.

Use Cases
  • Filter unknown malware samples for analysis by sorting out items you have already analyzed
  • Find out if that security incident you are investigating is correlated to a previous one
  • Help avoiding malware analysts doing duplicate work by sharing results
  • Automatically remove most unpackers and crypters from that malware you are analyzing
  • Generate AV-signatures for malware clusters to increase endpoint security