Library
My library

+ Add to library

Contact us
24/7 Tech support | Rules regarding submitting

Send a message

Your tickets

Profile

Dr.Web vxCube Dr.Web Enterprise Security Suite

  • An intelligent and interactive cloud-based analyser of suspicious objects
  • For security researchers and cybercrime investigators

Brochure (PDF)

Why Dr.Web vxCube

It's safe

To conduct an analysis, the user launches, via their browser, various types of files in their chosen operating system on Doctor Web's virtual machines. The Dr.Web vxCube environment is isolated from the analysis system, and no actions are performed with the file on the user's side. So, the company's device is safe.

It's confidential

Dr.Web vxCube launches files in a special cloud-based sandbox on Doctor Web's server—the checking process is fully automated and hidden from outsiders.

Unlike Dr.Web vxCube, free sandboxes send a file to a third-party company (often one with an unknown owner and with no guarantee of confidentiality) for analysis.

It's not an anti-virus

An anti-virus detects the malicious software it knows or thinks it knows. To do this, an anti-virus analyses a file’s contents before it is launched or explores the requests it has made to various resources. In the first case, an anti-virus uses virus database information, and in the second, it uses preventive protection rules. But, in any event, the anti-virus is not interested in the file’s behaviour and its connection with other events occurring in the system. When malware is detected, the action specified in the settings is taken: typically, it is to delete the file or move it to the quarantine, and terminate the malicious process.

Dr.Web vxCube can analyse the behaviour of not only those files that are known to be malicious, but also those whose real purpose is unknown. Thus, it analyses the BEHAVIOUR of any software program (whether deliberately malicious or just suspicious) and identifies the malicious features in it.

It's not a scanner

Any multi-scanner (for example, VirusTotal) checks a file with the help of multiple anti-virus scanners to find a record about it in their virus database. Cybercriminals do the same: they check the malware they create with the help of VirusTotal until they get a malicious file that no anti-virus will be able to recognise right away (but only using virus databases!). VirusTotal scanning does not allow you to determine whether a file that has not been encountered by analysts before is malicious. As the file is not launched, its behaviour is not analysed.

Moreover, the multi-scanner cannot provide an accurate assessment—that is up to the user, who only sees the number of scanners that considered the file to be malicious.

Furthermore, VirusTotal transmits the files it receives to other companies via a malware sample exchange programme. That’s unsafe when it comes to checking files containing critical data, for example.

It is exhaustive

Dr.Web controls the file that is launched (or downloaded by the application) in the virtual machine and monitors all its actions: the files it creates, its attempts to access the Internet and the resources of the local computer, system calls, and much more. The automatic analysis of these actions lets Dr.Web vxCube assess how malicious a file is, examine its behaviour, and find the traces that it leaves behind in the system. Analysis results are provided in a complete report. VirusTotal does not provide that kind of analysis.

These are our own unique technologies

Dr.Web vxCube is based on specially designed technologies that do not allow running files to recognise that they are being monitored by the analyser and hide by concealing their malicious activity from the analyser. One frequently comes across this verification functionality that lets malware programs know they are being run in a sandbox. Doctor Web’s security researchers have experience that allows them to detect in a timely manner the latest intruder-employed techniques aimed at discovering a supervised launch and neutralise them. Dr.Web vxCube is constantly being improved. Free sandboxes, as a rule, cannot solve this problem.

It's reliable

Free sandboxes are constantly closing down. And the need may arise to urgently scan a file when there is no time to look for another free service and make sure that it is reliable. Dr.Web vxCube is available 24/7. Our support engineers are also available 24/7.

Instant assistance

If an analysed file is malicious, the user will be provided with a custom Dr.Web CureIt! build in real time. In complicated cases, the user can order a detailed description of the malware or a deeper (manual) analysis and request a virus-related computer incident (VCI) investigation. None of the free sandboxes offer these services.

A wealth of development experience

Dr.Web anti-virus technologies have been developed since 1992. Our virus-monitoring service's specialists are constantly analysing the activities of cyberfraud rings and their techniques and tools in order to detect upcoming attacks. This helps them develop preventive protection technologies that keep cybercriminals from deploying their tools against Dr.Web users.

The company is located in Russia.