Hybrid Analysis Reviews

Hybrid Analysis provides a comprehensive detail about a malware which is really useful for writing a detailed analysis

No as much intregatable as other TI platforms

As a free tool we do not have to resort for paid TI and malware analysis platforms

Their public free detection portal available to anyone

Their pricing for private companies for self hosted solutions

Testing of suspicious files and websites quickly, helping us identify threats before they become infections

The hybrid analysis is very much easy and produces results ASAP. It is very much trusted.

Some files are not verifed properly. those files have difference in virus total

Threats not are unknown are easily verified by hybrid analysis.

The best part of the hybrid analysis tool is its capabilities to analyse and present us with the dynamic analysis of any executable or software in a sandbox environment created by the tool itself eliminating the rigorous task of having your own isolated environment to come up with any kind of analysis of the file in question for malicious indicator. It presents is with lots of data points including indicators of compromise, malicious indicators, network connection and countless others about the software which helps in making a concrete decisions about its behaviours and usage.

Cons are mostly related to the free version of the tool:

1. Some of the features being locked and only available to the licensed version.

2. Size limit of the file is another restriction in place for free version which allows only upto 100mb of a file to be analysed.

In the current era where security is considered of utmost importance this platform can help the community and the organisations to stay ahead and safe of the threat vectors by reducing restrictions and providing the access to more data points and feature for the free version.

Right now almost every organisation is making a move towards using open source tools in project development and this trend has become very common for small organsations. But in the current space of increased cyber risks there is definite need to analyse those tools/softwares being used in the environment of any organisation.

I have been mostly using the hybrid analysis platform for analysing the softwares for malicious indicators which are identified by the development teams for carrying out or developing certain features for projects and it has helped me identify lots of softwares which could have impacted the whole organization if used within the environment and ultimately safeguarding and reducing the various risks which comes along with the tools/softwares faced by the organization.

Hybrid Analysis helped me most in detecting malware detection deeply

User Interface of the web page was not good

Hybrid Analysis helped me in in-depth malware detection for smooth functioning of the project

Sandboxing IOC search and Comparing multiple Threats like virus total and alien vault, the comparion of results is very useful. An inbuilt sandboxing also a great way to use the feature.

An analysis comparing the virus total is acceptable, but if this will be given multiple threat actors compared. An addition into it so that we can use both. So this will be an addition.

Threat analysis and free sandboxing analyses are currently required in an open-source environment. This is the best way and i am using it from last three years.

Detection of third party unknown threats

A little lagging process which makes it time consuming

Analysing the external unknown threats with efficiency

Hybrid Analysis offers a very good report of the files and hash it is really a great tool for malware analysis

Few false positive can be removed and improved

Malware analysis

Compared to Virus Total, Hybrid Analysis has a lot more options to Sandbox files based on OS, vet IOCs, YARA rule searches for implementing strings

The user interaface could have been better

Search for IOCs is easy

Sandboxing files based on OS is an added advantage, analyst can review the report and follow the locations the files are written or where residues are stored

Hybrid Analysis is an open-source malware analysis platform that can sandbox malicious software and executables. It provides file/URL sandboxing, file collections, reports search, and accurate sandbox results with IOCs and screenshots.

One thing is that if you are using this with free version then your data will be publicly available, so we cannot use it for sandboxing private and confidential documents and files.

As this saas-based product provides sandboxing facilities it is very beneficial for analyzing malware files. Also, we can integrate its API with any EDR solutions which reduces extra efforts.